git.samba.org / obnox / samba / samba-obnox.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
s4-torture: pass down netlogon flags in netr_ServerPasswordSet2 tests.
[obnox/samba/samba-obnox.git] / source4 / torture / rpc / netlogon.c
1 /*
2    Unix SMB/CIFS implementation.
3
4    test suite for netlogon rpc operations
5
6    Copyright (C) Andrew Tridgell 2003
7    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8    Copyright (C) Tim Potter      2003
9    Copyright (C) Matthias Dieter Wallnöfer            2009-2010
10
11    This program is free software; you can redistribute it and/or modify
12    it under the terms of the GNU General Public License as published by
13    the Free Software Foundation; either version 3 of the License, or
14    (at your option) any later version.
15
16    This program is distributed in the hope that it will be useful,
17    but WITHOUT ANY WARRANTY; without even the implied warranty of
18    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19    GNU General Public License for more details.
20
21    You should have received a copy of the GNU General Public License
22    along with this program.  If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "lib/cmdline/popt_common.h"
28 #include "torture/rpc/torture_rpc.h"
29 #include "../lib/crypto/crypto.h"
30 #include "libcli/auth/libcli_auth.h"
31 #include "librpc/gen_ndr/ndr_netlogon_c.h"
32 #include "librpc/gen_ndr/ndr_lsa_c.h"
33 #include "param/param.h"
34 #include "libcli/security/security.h"
35 #include <ldb.h>
36 #include "lib/util/util_ldb.h"
37 #include "ldb_wrap.h"
38 #include "lib/replace/system/network.h"
39 #include "dsdb/samdb/samdb.h"
40
41 #define TEST_MACHINE_NAME "torturetest"
42
43 static bool test_netr_broken_binding_handle(struct torture_context *tctx,
44                                             struct dcerpc_pipe *p)
45 {
46         NTSTATUS status;
47         struct netr_DsRGetSiteName r;
48         const char *site = NULL;
49         struct dcerpc_binding_handle *b = p->binding_handle;
50
51         r.in.computer_name      = talloc_asprintf(tctx, "\\\\%s",
52                                                   dcerpc_server_name(p));
53         r.out.site              = &site;
54
55         torture_comment(tctx,
56                         "Testing netlogon request with correct binding handle: %s\n",
57                         r.in.computer_name);
58
59         status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
60         torture_assert_ntstatus_ok(tctx, status,
61                                    "Netlogon request with broken binding handle");
62         torture_assert_werr_ok(tctx, r.out.result,
63                                "Netlogon request with broken binding handle");
64
65         if (torture_setting_bool(tctx, "samba3", false) ||
66             torture_setting_bool(tctx, "samba4", false)) {
67                 torture_skip(tctx,
68                              "Skipping broken binding handle check against Samba");
69         }
70
71         r.in.computer_name      = talloc_asprintf(tctx, "\\\\\\\\%s",
72                                                   dcerpc_server_name(p));
73
74         torture_comment(tctx,
75                         "Testing netlogon request with broken binding handle: %s\n",
76                         r.in.computer_name);
77
78         status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
79         torture_assert_ntstatus_ok(tctx, status,
80                                    "Netlogon request with broken binding handle");
81         torture_assert_werr_equal(tctx, r.out.result,
82                                   WERR_INVALID_COMPUTERNAME,
83                                   "Netlogon request with broken binding handle");
84
85         r.in.computer_name      = "\\\\\\\\THIS_IS_NOT_VALID";
86
87         torture_comment(tctx,
88                         "Testing netlogon request with broken binding handle: %s\n",
89                         r.in.computer_name);
90
91         status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
92         torture_assert_ntstatus_ok(tctx, status,
93                                    "Netlogon request with broken binding handle");
94         torture_assert_werr_equal(tctx, r.out.result,
95                                   WERR_INVALID_COMPUTERNAME,
96                                   "Netlogon request with broken binding handle");
97
98         return true;
99 }
100
101 static bool test_LogonUasLogon(struct torture_context *tctx,
102                                struct dcerpc_pipe *p)
103 {
104         NTSTATUS status;
105         struct netr_LogonUasLogon r;
106         struct netr_UasInfo *info = NULL;
107         struct dcerpc_binding_handle *b = p->binding_handle;
108
109         r.in.server_name = NULL;
110         r.in.account_name = cli_credentials_get_username(cmdline_credentials);
111         r.in.workstation = TEST_MACHINE_NAME;
112         r.out.info = &info;
113
114         status = dcerpc_netr_LogonUasLogon_r(b, tctx, &r);
115         torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon");
116
117         return true;
118 }
119
120 static bool test_LogonUasLogoff(struct torture_context *tctx,
121                                 struct dcerpc_pipe *p)
122 {
123         NTSTATUS status;
124         struct netr_LogonUasLogoff r;
125         struct netr_UasLogoffInfo info;
126         struct dcerpc_binding_handle *b = p->binding_handle;
127
128         r.in.server_name = NULL;
129         r.in.account_name = cli_credentials_get_username(cmdline_credentials);
130         r.in.workstation = TEST_MACHINE_NAME;
131         r.out.info = &info;
132
133         status = dcerpc_netr_LogonUasLogoff_r(b, tctx, &r);
134         torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff");
135
136         return true;
137 }
138
139 bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
140                                   struct cli_credentials *credentials,
141                                   struct netlogon_creds_CredentialState **creds_out)
142 {
143         struct netr_ServerReqChallenge r;
144         struct netr_ServerAuthenticate a;
145         struct netr_Credential credentials1, credentials2, credentials3;
146         struct netlogon_creds_CredentialState *creds;
147         const struct samr_Password *mach_password;
148         const char *machine_name;
149         struct dcerpc_binding_handle *b = p->binding_handle;
150
151         mach_password = cli_credentials_get_nt_hash(credentials, tctx);
152         machine_name = cli_credentials_get_workstation(credentials);
153
154         torture_comment(tctx, "Testing ServerReqChallenge\n");
155
156         r.in.server_name = NULL;
157         r.in.computer_name = machine_name;
158         r.in.credentials = &credentials1;
159         r.out.return_credentials = &credentials2;
160
161         generate_random_buffer(credentials1.data, sizeof(credentials1.data));
162
163         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
164                 "ServerReqChallenge failed");
165         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
166
167         a.in.server_name = NULL;
168         a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
169         a.in.secure_channel_type = cli_credentials_get_secure_channel_type(credentials);
170         a.in.computer_name = machine_name;
171         a.in.credentials = &credentials3;
172         a.out.return_credentials = &credentials3;
173
174         creds = netlogon_creds_client_init(tctx, a.in.account_name,
175                                            a.in.computer_name,
176                                            &credentials1, &credentials2,
177                                            mach_password, &credentials3,
178                                            0);
179         torture_assert(tctx, creds != NULL, "memory allocation");
180
181
182         torture_comment(tctx, "Testing ServerAuthenticate\n");
183
184         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate_r(b, tctx, &a),
185                 "ServerAuthenticate failed");
186
187         /* This allows the tests to continue against the more fussy windows 2008 */
188         if (NT_STATUS_EQUAL(a.out.result, NT_STATUS_DOWNGRADE_DETECTED)) {
189                 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
190                                               credentials,
191                                               cli_credentials_get_secure_channel_type(credentials),
192                                               creds_out);
193         }
194
195         torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate");
196
197         torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
198                        "Credential chaining failed");
199
200         *creds_out = creds;
201         return true;
202 }
203
204 bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
205                             uint32_t negotiate_flags,
206                             struct cli_credentials *machine_credentials,
207                             enum netr_SchannelType sec_chan_type,
208                             struct netlogon_creds_CredentialState **creds_out)
209 {
210         struct netr_ServerReqChallenge r;
211         struct netr_ServerAuthenticate2 a;
212         struct netr_Credential credentials1, credentials2, credentials3;
213         struct netlogon_creds_CredentialState *creds;
214         const struct samr_Password *mach_password;
215         const char *machine_name;
216         struct dcerpc_binding_handle *b = p->binding_handle;
217
218         mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx);
219         machine_name = cli_credentials_get_workstation(machine_credentials);
220
221         torture_comment(tctx, "Testing ServerReqChallenge\n");
222
223
224         r.in.server_name = NULL;
225         r.in.computer_name = machine_name;
226         r.in.credentials = &credentials1;
227         r.out.return_credentials = &credentials2;
228
229         generate_random_buffer(credentials1.data, sizeof(credentials1.data));
230
231         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
232                 "ServerReqChallenge failed");
233         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
234
235         a.in.server_name = NULL;
236         a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
237         a.in.secure_channel_type = sec_chan_type;
238         a.in.computer_name = machine_name;
239         a.in.negotiate_flags = &negotiate_flags;
240         a.out.negotiate_flags = &negotiate_flags;
241         a.in.credentials = &credentials3;
242         a.out.return_credentials = &credentials3;
243
244         creds = netlogon_creds_client_init(tctx, a.in.account_name,
245                                            a.in.computer_name,
246                                            &credentials1, &credentials2,
247                                            mach_password, &credentials3,
248                                            negotiate_flags);
249
250         torture_assert(tctx, creds != NULL, "memory allocation");
251
252         torture_comment(tctx, "Testing ServerAuthenticate2\n");
253
254         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate2_r(b, tctx, &a),
255                 "ServerAuthenticate2 failed");
256         torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate2 failed");
257
258         torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
259                 "Credential chaining failed");
260
261         torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
262
263         *creds_out = creds;
264         return true;
265 }
266
267
268 bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
269                             uint32_t negotiate_flags,
270                             struct cli_credentials *machine_credentials,
271                             struct netlogon_creds_CredentialState **creds_out)
272 {
273         struct netr_ServerReqChallenge r;
274         struct netr_ServerAuthenticate3 a;
275         struct netr_Credential credentials1, credentials2, credentials3;
276         struct netlogon_creds_CredentialState *creds;
277         struct samr_Password mach_password;
278         uint32_t rid;
279         const char *machine_name;
280         const char *plain_pass;
281         struct dcerpc_binding_handle *b = p->binding_handle;
282
283         machine_name = cli_credentials_get_workstation(machine_credentials);
284         plain_pass = cli_credentials_get_password(machine_credentials);
285
286         torture_comment(tctx, "Testing ServerReqChallenge\n");
287
288         r.in.server_name = NULL;
289         r.in.computer_name = machine_name;
290         r.in.credentials = &credentials1;
291         r.out.return_credentials = &credentials2;
292
293         generate_random_buffer(credentials1.data, sizeof(credentials1.data));
294
295         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
296                 "ServerReqChallenge failed");
297         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
298
299         E_md4hash(plain_pass, mach_password.hash);
300
301         a.in.server_name = NULL;
302         a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
303         a.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
304         a.in.computer_name = machine_name;
305         a.in.negotiate_flags = &negotiate_flags;
306         a.in.credentials = &credentials3;
307         a.out.return_credentials = &credentials3;
308         a.out.negotiate_flags = &negotiate_flags;
309         a.out.rid = &rid;
310
311         creds = netlogon_creds_client_init(tctx, a.in.account_name,
312                                            a.in.computer_name,
313                                            &credentials1, &credentials2,
314                                            &mach_password, &credentials3,
315                                            negotiate_flags);
316
317         torture_assert(tctx, creds != NULL, "memory allocation");
318
319         torture_comment(tctx, "Testing ServerAuthenticate3\n");
320
321         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate3_r(b, tctx, &a),
322                 "ServerAuthenticate3 failed");
323         torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate3 failed");
324         torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), "Credential chaining failed");
325
326         torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
327
328         /* Prove that requesting a challenge again won't break it */
329         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
330                 "ServerReqChallenge failed");
331         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
332
333         *creds_out = creds;
334         return true;
335 }
336
337 /*
338   try a change password for our machine account
339 */
340 static bool test_SetPassword(struct torture_context *tctx,
341                              struct dcerpc_pipe *p,
342                              struct cli_credentials *machine_credentials)
343 {
344         struct netr_ServerPasswordSet r;
345         const char *password;
346         struct netlogon_creds_CredentialState *creds;
347         struct netr_Authenticator credential, return_authenticator;
348         struct samr_Password new_password;
349         struct dcerpc_binding_handle *b = p->binding_handle;
350
351         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
352                 return false;
353         }
354
355         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
356         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
357         r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
358         r.in.computer_name = TEST_MACHINE_NAME;
359         r.in.credential = &credential;
360         r.in.new_password = &new_password;
361         r.out.return_authenticator = &return_authenticator;
362
363         password = generate_random_password(tctx, 8, 255);
364         E_md4hash(password, new_password.hash);
365
366         netlogon_creds_des_encrypt(creds, &new_password);
367
368         torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
369         torture_comment(tctx, "Changing machine account password to '%s'\n",
370                         password);
371
372         netlogon_creds_client_authenticator(creds, &credential);
373
374         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
375                 "ServerPasswordSet failed");
376         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
377
378         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
379                 torture_comment(tctx, "Credential chaining failed\n");
380         }
381
382         /* by changing the machine password twice we test the
383            credentials chaining fully, and we verify that the server
384            allows the password to be set to the same value twice in a
385            row (match win2k3) */
386         torture_comment(tctx,
387                 "Testing a second ServerPasswordSet on machine account\n");
388         torture_comment(tctx,
389                 "Changing machine account password to '%s' (same as previous run)\n", password);
390
391         netlogon_creds_client_authenticator(creds, &credential);
392
393         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
394                 "ServerPasswordSet (2) failed");
395         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
396
397         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
398                 torture_comment(tctx, "Credential chaining failed\n");
399         }
400
401         cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
402
403         torture_assert(tctx,
404                 test_SetupCredentials(p, tctx, machine_credentials, &creds),
405                 "ServerPasswordSet failed to actually change the password");
406
407         return true;
408 }
409
410 /*
411   try a change password for our machine account
412 */
413 static bool test_SetPassword_flags(struct torture_context *tctx,
414                                    struct dcerpc_pipe *p,
415                                    struct cli_credentials *machine_credentials,
416                                    uint32_t negotiate_flags)
417 {
418         struct netr_ServerPasswordSet r;
419         const char *password;
420         struct netlogon_creds_CredentialState *creds;
421         struct netr_Authenticator credential, return_authenticator;
422         struct samr_Password new_password;
423         struct dcerpc_binding_handle *b = p->binding_handle;
424
425         if (!test_SetupCredentials2(p, tctx, negotiate_flags,
426                                     machine_credentials,
427                                     cli_credentials_get_secure_channel_type(machine_credentials),
428                                     &creds)) {
429                 return false;
430         }
431
432         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
433         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
434         r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
435         r.in.computer_name = TEST_MACHINE_NAME;
436         r.in.credential = &credential;
437         r.in.new_password = &new_password;
438         r.out.return_authenticator = &return_authenticator;
439
440         password = generate_random_password(tctx, 8, 255);
441         E_md4hash(password, new_password.hash);
442
443         netlogon_creds_des_encrypt(creds, &new_password);
444
445         torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
446         torture_comment(tctx, "Changing machine account password to '%s'\n",
447                         password);
448
449         netlogon_creds_client_authenticator(creds, &credential);
450
451         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
452                 "ServerPasswordSet failed");
453         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
454
455         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
456                 torture_comment(tctx, "Credential chaining failed\n");
457         }
458
459         /* by changing the machine password twice we test the
460            credentials chaining fully, and we verify that the server
461            allows the password to be set to the same value twice in a
462            row (match win2k3) */
463         torture_comment(tctx,
464                 "Testing a second ServerPasswordSet on machine account\n");
465         torture_comment(tctx,
466                 "Changing machine account password to '%s' (same as previous run)\n", password);
467
468         netlogon_creds_client_authenticator(creds, &credential);
469
470         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
471                 "ServerPasswordSet (2) failed");
472         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
473
474         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
475                 torture_comment(tctx, "Credential chaining failed\n");
476         }
477
478         cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
479
480         torture_assert(tctx,
481                 test_SetupCredentials(p, tctx, machine_credentials, &creds),
482                 "ServerPasswordSet failed to actually change the password");
483
484         return true;
485 }
486
487
488 /*
489   generate a random password for password change tests
490 */
491 static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len)
492 {
493         int i;
494         DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */);
495         generate_random_buffer(password.data, password.length);
496
497         for (i=0; i < len; i++) {
498                 if (((uint16_t *)password.data)[i] == 0) {
499                         ((uint16_t *)password.data)[i] = 1;
500                 }
501         }
502
503         return password;
504 }
505
506 /*
507   try a change password for our machine account
508 */
509 static bool test_SetPassword2_with_flags(struct torture_context *tctx,
510                                          struct dcerpc_pipe *p,
511                                          struct cli_credentials *machine_credentials,
512                                          uint32_t flags)
513 {
514         struct netr_ServerPasswordSet2 r;
515         const char *password;
516         DATA_BLOB new_random_pass;
517         struct netlogon_creds_CredentialState *creds;
518         struct samr_CryptPassword password_buf;
519         struct samr_Password nt_hash;
520         struct netr_Authenticator credential, return_authenticator;
521         struct netr_CryptPassword new_password;
522         struct dcerpc_binding_handle *b = p->binding_handle;
523
524         if (!test_SetupCredentials2(p, tctx, flags, machine_credentials, cli_credentials_get_secure_channel_type(machine_credentials), &creds)) {
525                 return false;
526         }
527
528         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
529         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
530         r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
531         r.in.computer_name = TEST_MACHINE_NAME;
532         r.in.credential = &credential;
533         r.in.new_password = &new_password;
534         r.out.return_authenticator = &return_authenticator;
535
536         password = generate_random_password(tctx, 8, 255);
537         encode_pw_buffer(password_buf.data, password, STR_UNICODE);
538         netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
539
540         memcpy(new_password.data, password_buf.data, 512);
541         new_password.length = IVAL(password_buf.data, 512);
542
543         torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n");
544         torture_comment(tctx, "Changing machine account password to '%s'\n", password);
545
546         netlogon_creds_client_authenticator(creds, &credential);
547
548         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
549                 "ServerPasswordSet2 failed");
550         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
551
552         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
553                 torture_comment(tctx, "Credential chaining failed\n");
554         }
555
556         cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
557
558         if (!torture_setting_bool(tctx, "dangerous", false)) {
559                 torture_comment(tctx,
560                         "Not testing ability to set password to '', enable dangerous tests to perform this test\n");
561         } else {
562                 /* by changing the machine password to ""
563                  * we check if the server uses password restrictions
564                  * for ServerPasswordSet2
565                  * (win2k3 accepts "")
566                  */
567                 password = "";
568                 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
569                 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
570
571                 memcpy(new_password.data, password_buf.data, 512);
572                 new_password.length = IVAL(password_buf.data, 512);
573
574                 torture_comment(tctx,
575                         "Testing ServerPasswordSet2 on machine account\n");
576                 torture_comment(tctx,
577                         "Changing machine account password to '%s'\n", password);
578
579                 netlogon_creds_client_authenticator(creds, &credential);
580
581                 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
582                         "ServerPasswordSet2 failed");
583                 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
584
585                 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
586                         torture_comment(tctx, "Credential chaining failed\n");
587                 }
588
589                 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
590         }
591
592         torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds),
593                 "ServerPasswordSet failed to actually change the password");
594
595         /* now try a random password */
596         password = generate_random_password(tctx, 8, 255);
597         encode_pw_buffer(password_buf.data, password, STR_UNICODE);
598         netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
599
600         memcpy(new_password.data, password_buf.data, 512);
601         new_password.length = IVAL(password_buf.data, 512);
602
603         torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n");
604         torture_comment(tctx, "Changing machine account password to '%s'\n", password);
605
606         netlogon_creds_client_authenticator(creds, &credential);
607
608         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
609                 "ServerPasswordSet2 (2) failed");
610         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 (2) failed");
611
612         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
613                 torture_comment(tctx, "Credential chaining failed\n");
614         }
615
616         /* by changing the machine password twice we test the
617            credentials chaining fully, and we verify that the server
618            allows the password to be set to the same value twice in a
619            row (match win2k3) */
620         torture_comment(tctx,
621                 "Testing a second ServerPasswordSet2 on machine account\n");
622         torture_comment(tctx,
623                 "Changing machine account password to '%s' (same as previous run)\n", password);
624
625         netlogon_creds_client_authenticator(creds, &credential);
626
627         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
628                 "ServerPasswordSet (3) failed");
629         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
630
631         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
632                 torture_comment(tctx, "Credential chaining failed\n");
633         }
634
635         cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
636
637         torture_assert (tctx,
638                 test_SetupCredentials(p, tctx, machine_credentials, &creds),
639                 "ServerPasswordSet failed to actually change the password");
640
641         new_random_pass = netlogon_very_rand_pass(tctx, 128);
642
643         /* now try a random stream of bytes for a password */
644         set_pw_in_buffer(password_buf.data, &new_random_pass);
645
646         netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
647
648         memcpy(new_password.data, password_buf.data, 512);
649         new_password.length = IVAL(password_buf.data, 512);
650
651         torture_comment(tctx,
652                 "Testing a third ServerPasswordSet2 on machine account, with a completely random password\n");
653
654         netlogon_creds_client_authenticator(creds, &credential);
655
656         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
657                 "ServerPasswordSet (3) failed");
658         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
659
660         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
661                 torture_comment(tctx, "Credential chaining failed\n");
662         }
663
664         mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length);
665
666         cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED);
667         cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED);
668
669         torture_assert (tctx,
670                 test_SetupCredentials(p, tctx, machine_credentials, &creds),
671                 "ServerPasswordSet failed to actually change the password");
672
673         return true;
674 }
675
676 static bool test_SetPassword2(struct torture_context *tctx,
677                               struct dcerpc_pipe *p,
678                               struct cli_credentials *machine_credentials)
679 {
680         return test_SetPassword2_with_flags(tctx, p, machine_credentials, NETLOGON_NEG_AUTH2_ADS_FLAGS);
681 }
682
683 static bool test_GetPassword(struct torture_context *tctx,
684                              struct dcerpc_pipe *p,
685                              struct cli_credentials *machine_credentials)
686 {
687         struct netr_ServerPasswordGet r;
688         struct netlogon_creds_CredentialState *creds;
689         struct netr_Authenticator credential;
690         NTSTATUS status;
691         struct netr_Authenticator return_authenticator;
692         struct samr_Password password;
693         struct dcerpc_binding_handle *b = p->binding_handle;
694
695         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
696                 return false;
697         }
698
699         netlogon_creds_client_authenticator(creds, &credential);
700
701         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
702         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
703         r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
704         r.in.computer_name = TEST_MACHINE_NAME;
705         r.in.credential = &credential;
706         r.out.return_authenticator = &return_authenticator;
707         r.out.password = &password;
708
709         status = dcerpc_netr_ServerPasswordGet_r(b, tctx, &r);
710         torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet");
711
712         return true;
713 }
714
715 static bool test_GetTrustPasswords(struct torture_context *tctx,
716                                    struct dcerpc_pipe *p,
717                                    struct cli_credentials *machine_credentials)
718 {
719         struct netr_ServerTrustPasswordsGet r;
720         struct netlogon_creds_CredentialState *creds;
721         struct netr_Authenticator credential;
722         struct netr_Authenticator return_authenticator;
723         struct samr_Password password, password2;
724         struct dcerpc_binding_handle *b = p->binding_handle;
725
726         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
727                 return false;
728         }
729
730         netlogon_creds_client_authenticator(creds, &credential);
731
732         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
733         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
734         r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
735         r.in.computer_name = TEST_MACHINE_NAME;
736         r.in.credential = &credential;
737         r.out.return_authenticator = &return_authenticator;
738         r.out.password = &password;
739         r.out.password2 = &password2;
740
741         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerTrustPasswordsGet_r(b, tctx, &r),
742                 "ServerTrustPasswordsGet failed");
743         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerTrustPasswordsGet failed");
744
745         return true;
746 }
747
748 /*
749   try a netlogon SamLogon
750 */
751 static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context *tctx,
752                                    struct cli_credentials *credentials,
753                                    struct netlogon_creds_CredentialState *creds,
754                                    bool null_domain)
755 {
756         NTSTATUS status;
757         struct netr_LogonSamLogon r;
758         struct netr_Authenticator auth, auth2;
759         static const struct netr_Authenticator auth_zero;
760         union netr_LogonLevel logon;
761         union netr_Validation validation;
762         uint8_t authoritative;
763         struct netr_NetworkInfo ninfo;
764         DATA_BLOB names_blob, chal, lm_resp, nt_resp;
765         int i;
766         struct dcerpc_binding_handle *b = p->binding_handle;
767         int flags = CLI_CRED_NTLM_AUTH;
768         if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
769                 flags |= CLI_CRED_LANMAN_AUTH;
770         }
771
772         if (lpcfg_client_ntlmv2_auth(tctx->lp_ctx) && !null_domain) {
773                 flags |= CLI_CRED_NTLMv2_AUTH;
774         }
775
776         cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx,
777                                                  &ninfo.identity_info.account_name.string,
778                                                  &ninfo.identity_info.domain_name.string);
779
780         if (null_domain) {
781                 ninfo.identity_info.domain_name.string = NULL;
782         }
783
784         generate_random_buffer(ninfo.challenge,
785                                sizeof(ninfo.challenge));
786         chal = data_blob_const(ninfo.challenge,
787                                sizeof(ninfo.challenge));
788
789         names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials),
790                                                 cli_credentials_get_domain(credentials));
791
792         status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx,
793                                                    &flags,
794                                                    chal,
795                                                    names_blob,
796                                                    &lm_resp, &nt_resp,
797                                                    NULL, NULL);
798         torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed");
799
800         ninfo.lm.data = lm_resp.data;
801         ninfo.lm.length = lm_resp.length;
802
803         ninfo.nt.data = nt_resp.data;
804         ninfo.nt.length = nt_resp.length;
805
806         ninfo.identity_info.parameter_control = 0;
807         ninfo.identity_info.logon_id_low = 0;
808         ninfo.identity_info.logon_id_high = 0;
809         ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
810
811         logon.network = &ninfo;
812
813         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
814         r.in.computer_name = cli_credentials_get_workstation(credentials);
815         r.in.credential = &auth;
816         r.in.return_authenticator = &auth2;
817         r.in.logon_level = 2;
818         r.in.logon = &logon;
819         r.out.validation = &validation;
820         r.out.authoritative = &authoritative;
821
822         d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
823
824         for (i=2;i<=3;i++) {
825                 ZERO_STRUCT(auth2);
826                 netlogon_creds_client_authenticator(creds, &auth);
827
828                 r.in.validation_level = i;
829
830                 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
831                         "LogonSamLogon failed");
832                 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
833
834                 torture_assert(tctx, netlogon_creds_client_check(creds,
835                                                                  &r.out.return_authenticator->cred),
836                         "Credential chaining failed");
837                 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
838                                          "LogonSamLogon invalid  *r.out.authoritative");
839         }
840
841         /* this makes sure we get the unmarshalling right for invalid levels */
842         for (i=52;i<53;i++) {
843                 ZERO_STRUCT(auth2);
844                 /* the authenticator should be ignored by the server */
845                 generate_random_buffer((uint8_t *) &auth, sizeof(auth));
846
847                 r.in.validation_level = i;
848
849                 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
850                                            "LogonSamLogon failed");
851                 torture_assert_ntstatus_equal(tctx, r.out.result,
852                                               NT_STATUS_INVALID_INFO_CLASS,
853                                               "LogonSamLogon failed");
854
855                 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
856                                          "LogonSamLogon invalid  *r.out.authoritative");
857                 torture_assert(tctx,
858                                memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
859                                "Return authenticator non zero");
860         }
861
862         for (i=2;i<=3;i++) {
863                 ZERO_STRUCT(auth2);
864                 netlogon_creds_client_authenticator(creds, &auth);
865
866                 r.in.validation_level = i;
867
868                 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
869                         "LogonSamLogon failed");
870                 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
871
872                 torture_assert(tctx, netlogon_creds_client_check(creds,
873                                                                  &r.out.return_authenticator->cred),
874                         "Credential chaining failed");
875                 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
876                                          "LogonSamLogon invalid  *r.out.authoritative");
877         }
878
879         r.in.logon_level = 52;
880
881         for (i=2;i<=3;i++) {
882                 ZERO_STRUCT(auth2);
883                 /* the authenticator should be ignored by the server */
884                 generate_random_buffer((uint8_t *) &auth, sizeof(auth));
885
886                 r.in.validation_level = i;
887
888                 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
889
890                 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
891                         "LogonSamLogon failed");
892                 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
893                         "LogonSamLogon expected INVALID_PARAMETER");
894
895                 torture_assert(tctx,
896                                memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
897                                "Return authenticator non zero");
898                 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
899                                          "LogonSamLogon invalid  *r.out.authoritative");
900         }
901
902         r.in.credential = NULL;
903
904         for (i=2;i<=3;i++) {
905                 ZERO_STRUCT(auth2);
906
907                 r.in.validation_level = i;
908
909                 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
910
911                 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
912                         "LogonSamLogon failed");
913                 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
914                         "LogonSamLogon expected INVALID_PARAMETER");
915
916                 torture_assert(tctx,
917                                memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
918                                "Return authenticator non zero");
919                 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
920                                          "LogonSamLogon invalid  *r.out.authoritative");
921         }
922
923         r.in.logon_level = 2;
924         r.in.credential = &auth;
925
926         for (i=2;i<=3;i++) {
927                 ZERO_STRUCT(auth2);
928                 netlogon_creds_client_authenticator(creds, &auth);
929
930                 r.in.validation_level = i;
931
932                 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
933                         "LogonSamLogon failed");
934                 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
935
936                 torture_assert(tctx, netlogon_creds_client_check(creds,
937                                                                  &r.out.return_authenticator->cred),
938                         "Credential chaining failed");
939                 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
940                                          "LogonSamLogon invalid  *r.out.authoritative");
941         }
942
943         return true;
944 }
945
946 bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
947                        struct cli_credentials *credentials,
948                        struct netlogon_creds_CredentialState *creds)
949 {
950         return test_netlogon_ops_args(p, tctx, credentials, creds, false);
951 }
952
953 /*
954   try a netlogon GetCapabilities
955 */
956 bool test_netlogon_capabilities(struct dcerpc_pipe *p, struct torture_context *tctx,
957                                 struct cli_credentials *credentials,
958                                 struct netlogon_creds_CredentialState *creds)
959 {
960         NTSTATUS status;
961         struct netr_LogonGetCapabilities r;
962         union netr_Capabilities capabilities;
963         struct netr_Authenticator auth, return_auth;
964         struct netlogon_creds_CredentialState tmp_creds;
965         struct dcerpc_binding_handle *b = p->binding_handle;
966
967         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
968         r.in.computer_name = cli_credentials_get_workstation(credentials);
969         r.in.credential = &auth;
970         r.in.return_authenticator = &return_auth;
971         r.in.query_level = 1;
972         r.out.capabilities = &capabilities;
973         r.out.return_authenticator = &return_auth;
974
975         torture_comment(tctx, "Testing LogonGetCapabilities\n");
976
977         ZERO_STRUCT(return_auth);
978
979         /*
980          * we need to operate on a temporary copy of creds
981          * because dcerpc_netr_LogonGetCapabilities was
982          * dcerpc_netr_DummyFunction and returns NT_STATUS_NOT_IMPLEMENTED
983          * without looking a the authenticator.
984          */
985         tmp_creds = *creds;
986         netlogon_creds_client_authenticator(&tmp_creds, &auth);
987
988         status = dcerpc_netr_LogonGetCapabilities_r(b, tctx, &r);
989         torture_assert_ntstatus_ok(tctx, status, "LogonGetCapabilities failed");
990         if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
991                 return true;
992         }
993
994         *creds = tmp_creds;
995
996         torture_assert(tctx, netlogon_creds_client_check(creds,
997                                                          &r.out.return_authenticator->cred),
998                        "Credential chaining failed");
999
1000         torture_assert_int_equal(tctx, creds->negotiate_flags,
1001                                  capabilities.server_capabilities,
1002                                  "negotiate flags");
1003
1004         return true;
1005 }
1006
1007 /*
1008   try a netlogon SamLogon
1009 */
1010 static bool test_SamLogon(struct torture_context *tctx,
1011                           struct dcerpc_pipe *p,
1012                           struct cli_credentials *credentials)
1013 {
1014         struct netlogon_creds_CredentialState *creds;
1015
1016         if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
1017                 return false;
1018         }
1019
1020         return test_netlogon_ops(p, tctx, credentials, creds);
1021 }
1022
1023 static bool test_SamLogon_NULL_domain(struct torture_context *tctx,
1024                                       struct dcerpc_pipe *p,
1025                                       struct cli_credentials *credentials)
1026 {
1027         struct netlogon_creds_CredentialState *creds;
1028
1029         if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
1030                 return false;
1031         }
1032
1033         return test_netlogon_ops_args(p, tctx, credentials, creds, true);
1034 }
1035
1036 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
1037 static uint64_t sequence_nums[3];
1038
1039 /*
1040   try a netlogon DatabaseSync
1041 */
1042 static bool test_DatabaseSync(struct torture_context *tctx,
1043                               struct dcerpc_pipe *p,
1044                               struct cli_credentials *machine_credentials)
1045 {
1046         struct netr_DatabaseSync r;
1047         struct netlogon_creds_CredentialState *creds;
1048         const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS};
1049         int i;
1050         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1051         struct netr_Authenticator credential, return_authenticator;
1052         struct dcerpc_binding_handle *b = p->binding_handle;
1053
1054         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1055                 return false;
1056         }
1057
1058         ZERO_STRUCT(return_authenticator);
1059
1060         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1061         r.in.computername = TEST_MACHINE_NAME;
1062         r.in.preferredmaximumlength = (uint32_t)-1;
1063         r.in.return_authenticator = &return_authenticator;
1064         r.out.delta_enum_array = &delta_enum_array;
1065         r.out.return_authenticator = &return_authenticator;
1066
1067         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1068
1069                 uint32_t sync_context = 0;
1070
1071                 r.in.database_id = database_ids[i];
1072                 r.in.sync_context = &sync_context;
1073                 r.out.sync_context = &sync_context;
1074
1075                 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id);
1076
1077                 do {
1078                         netlogon_creds_client_authenticator(creds, &credential);
1079
1080                         r.in.credential = &credential;
1081
1082                         torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync_r(b, tctx, &r),
1083                                 "DatabaseSync failed");
1084                         if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
1085                             break;
1086
1087                         /* Native mode servers don't do this */
1088                         if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1089                                 return true;
1090                         }
1091                         torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync");
1092
1093                         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
1094                                 torture_comment(tctx, "Credential chaining failed\n");
1095                         }
1096
1097                         if (delta_enum_array &&
1098                             delta_enum_array->num_deltas > 0 &&
1099                             delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN &&
1100                             delta_enum_array->delta_enum[0].delta_union.domain) {
1101                                 sequence_nums[r.in.database_id] =
1102                                         delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
1103                                 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n",
1104                                        r.in.database_id,
1105                                        (unsigned long long)sequence_nums[r.in.database_id]);
1106                         }
1107                 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
1108         }
1109
1110         return true;
1111 }
1112
1113
1114 /*
1115   try a netlogon DatabaseDeltas
1116 */
1117 static bool test_DatabaseDeltas(struct torture_context *tctx,
1118                                 struct dcerpc_pipe *p,
1119                                 struct cli_credentials *machine_credentials)
1120 {
1121         struct netr_DatabaseDeltas r;
1122         struct netlogon_creds_CredentialState *creds;
1123         struct netr_Authenticator credential;
1124         struct netr_Authenticator return_authenticator;
1125         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1126         const uint32_t database_ids[] = {0, 1, 2};
1127         int i;
1128         struct dcerpc_binding_handle *b = p->binding_handle;
1129
1130         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1131                 return false;
1132         }
1133
1134         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1135         r.in.computername = TEST_MACHINE_NAME;
1136         r.in.preferredmaximumlength = (uint32_t)-1;
1137         ZERO_STRUCT(r.in.return_authenticator);
1138         r.out.return_authenticator = &return_authenticator;
1139         r.out.delta_enum_array = &delta_enum_array;
1140
1141         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1142                 r.in.database_id = database_ids[i];
1143                 r.in.sequence_num = &sequence_nums[r.in.database_id];
1144
1145                 if (*r.in.sequence_num == 0) continue;
1146
1147                 *r.in.sequence_num -= 1;
1148
1149                 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n",
1150                        r.in.database_id, (unsigned long long)*r.in.sequence_num);
1151
1152                 do {
1153                         netlogon_creds_client_authenticator(creds, &credential);
1154
1155                         torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseDeltas_r(b, tctx, &r),
1156                                 "DatabaseDeltas failed");
1157                         if (NT_STATUS_EQUAL(r.out.result,
1158                                              NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
1159                                 torture_comment(tctx, "not considering %s to be an error\n",
1160                                        nt_errstr(r.out.result));
1161                                 return true;
1162                         }
1163                         if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
1164                             break;
1165
1166                         torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseDeltas");
1167
1168                         if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1169                                 torture_comment(tctx, "Credential chaining failed\n");
1170                         }
1171
1172                         (*r.in.sequence_num)++;
1173                 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
1174         }
1175
1176         return true;
1177 }
1178
1179 static bool test_DatabaseRedo(struct torture_context *tctx,
1180                               struct dcerpc_pipe *p,
1181                               struct cli_credentials *machine_credentials)
1182 {
1183         struct netr_DatabaseRedo r;
1184         struct netlogon_creds_CredentialState *creds;
1185         struct netr_Authenticator credential;
1186         struct netr_Authenticator return_authenticator;
1187         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1188         struct netr_ChangeLogEntry e;
1189         struct dom_sid null_sid, *sid;
1190         int i,d;
1191         struct dcerpc_binding_handle *b = p->binding_handle;
1192
1193         ZERO_STRUCT(null_sid);
1194
1195         sid = dom_sid_parse_talloc(tctx, "S-1-5-21-1111111111-2222222222-333333333-500");
1196
1197         {
1198
1199         struct {
1200                 uint32_t rid;
1201                 uint16_t flags;
1202                 uint8_t db_index;
1203                 uint8_t delta_type;
1204                 struct dom_sid sid;
1205                 const char *name;
1206                 NTSTATUS expected_error;
1207                 uint32_t expected_num_results;
1208                 uint8_t expected_delta_type_1;
1209                 uint8_t expected_delta_type_2;
1210                 const char *comment;
1211         } changes[] = {
1212
1213                 /* SAM_DATABASE_DOMAIN */
1214
1215                 {
1216                         .rid                    = 0,
1217                         .flags                  = 0,
1218                         .db_index               = SAM_DATABASE_DOMAIN,
1219                         .delta_type             = NETR_DELTA_MODIFY_COUNT,
1220                         .sid                    = null_sid,
1221                         .name                   = NULL,
1222                         .expected_error         = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1223                         .expected_num_results   = 0,
1224                         .comment                = "NETR_DELTA_MODIFY_COUNT"
1225                 },
1226                 {
1227                         .rid                    = 0,
1228                         .flags                  = 0,
1229                         .db_index               = SAM_DATABASE_DOMAIN,
1230                         .delta_type             = 0,
1231                         .sid                    = null_sid,
1232                         .name                   = NULL,
1233                         .expected_error         = NT_STATUS_OK,
1234                         .expected_num_results   = 1,
1235                         .expected_delta_type_1  = NETR_DELTA_DOMAIN,
1236                         .comment                = "NULL DELTA"
1237                 },
1238                 {
1239                         .rid                    = 0,
1240                         .flags                  = 0,
1241                         .db_index               = SAM_DATABASE_DOMAIN,
1242                         .delta_type             = NETR_DELTA_DOMAIN,
1243                         .sid                    = null_sid,
1244                         .name                   = NULL,
1245                         .expected_error         = NT_STATUS_OK,
1246                         .expected_num_results   = 1,
1247                         .expected_delta_type_1  = NETR_DELTA_DOMAIN,
1248                         .comment                = "NETR_DELTA_DOMAIN"
1249                 },
1250                 {
1251                         .rid                    = DOMAIN_RID_ADMINISTRATOR,
1252                         .flags                  = 0,
1253                         .db_index               = SAM_DATABASE_DOMAIN,
1254                         .delta_type             = NETR_DELTA_USER,
1255                         .sid                    = null_sid,
1256                         .name                   = NULL,
1257                         .expected_error         = NT_STATUS_OK,
1258                         .expected_num_results   = 1,
1259                         .expected_delta_type_1  = NETR_DELTA_USER,
1260                         .comment                = "NETR_DELTA_USER by rid 500"
1261                 },
1262                 {
1263                         .rid                    = DOMAIN_RID_GUEST,
1264                         .flags                  = 0,
1265                         .db_index               = SAM_DATABASE_DOMAIN,
1266                         .delta_type             = NETR_DELTA_USER,
1267                         .sid                    = null_sid,
1268                         .name                   = NULL,
1269                         .expected_error         = NT_STATUS_OK,
1270                         .expected_num_results   = 1,
1271                         .expected_delta_type_1  = NETR_DELTA_USER,
1272                         .comment                = "NETR_DELTA_USER by rid 501"
1273                 },
1274                 {
1275                         .rid                    = 0,
1276                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1277                         .db_index               = SAM_DATABASE_DOMAIN,
1278                         .delta_type             = NETR_DELTA_USER,
1279                         .sid                    = *sid,
1280                         .name                   = NULL,
1281                         .expected_error         = NT_STATUS_OK,
1282                         .expected_num_results   = 1,
1283                         .expected_delta_type_1  = NETR_DELTA_DELETE_USER,
1284                         .comment                = "NETR_DELTA_USER by sid and flags"
1285                 },
1286                 {
1287                         .rid                    = 0,
1288                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1289                         .db_index               = SAM_DATABASE_DOMAIN,
1290                         .delta_type             = NETR_DELTA_USER,
1291                         .sid                    = null_sid,
1292                         .name                   = NULL,
1293                         .expected_error         = NT_STATUS_OK,
1294                         .expected_num_results   = 1,
1295                         .expected_delta_type_1  = NETR_DELTA_DELETE_USER,
1296                         .comment                = "NETR_DELTA_USER by null_sid and flags"
1297                 },
1298                 {
1299                         .rid                    = 0,
1300                         .flags                  = NETR_CHANGELOG_NAME_INCLUDED,
1301                         .db_index               = SAM_DATABASE_DOMAIN,
1302                         .delta_type             = NETR_DELTA_USER,
1303                         .sid                    = null_sid,
1304                         .name                   = "administrator",
1305                         .expected_error         = NT_STATUS_OK,
1306                         .expected_num_results   = 1,
1307                         .expected_delta_type_1  = NETR_DELTA_DELETE_USER,
1308                         .comment                = "NETR_DELTA_USER by name 'administrator'"
1309                 },
1310                 {
1311                         .rid                    = DOMAIN_RID_ADMINS,
1312                         .flags                  = 0,
1313                         .db_index               = SAM_DATABASE_DOMAIN,
1314                         .delta_type             = NETR_DELTA_GROUP,
1315                         .sid                    = null_sid,
1316                         .name                   = NULL,
1317                         .expected_error         = NT_STATUS_OK,
1318                         .expected_num_results   = 2,
1319                         .expected_delta_type_1  = NETR_DELTA_GROUP,
1320                         .expected_delta_type_2  = NETR_DELTA_GROUP_MEMBER,
1321                         .comment                = "NETR_DELTA_GROUP by rid 512"
1322                 },
1323                 {
1324                         .rid                    = DOMAIN_RID_ADMINS,
1325                         .flags                  = 0,
1326                         .db_index               = SAM_DATABASE_DOMAIN,
1327                         .delta_type             = NETR_DELTA_GROUP_MEMBER,
1328                         .sid                    = null_sid,
1329                         .name                   = NULL,
1330                         .expected_error         = NT_STATUS_OK,
1331                         .expected_num_results   = 2,
1332                         .expected_delta_type_1  = NETR_DELTA_GROUP,
1333                         .expected_delta_type_2  = NETR_DELTA_GROUP_MEMBER,
1334                         .comment                = "NETR_DELTA_GROUP_MEMBER by rid 512"
1335                 },
1336
1337
1338                 /* SAM_DATABASE_BUILTIN */
1339
1340                 {
1341                         .rid                    = 0,
1342                         .flags                  = 0,
1343                         .db_index               = SAM_DATABASE_BUILTIN,
1344                         .delta_type             = NETR_DELTA_MODIFY_COUNT,
1345                         .sid                    = null_sid,
1346                         .name                   = NULL,
1347                         .expected_error         = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1348                         .expected_num_results   = 0,
1349                         .comment                = "NETR_DELTA_MODIFY_COUNT"
1350                 },
1351                 {
1352                         .rid                    = 0,
1353                         .flags                  = 0,
1354                         .db_index               = SAM_DATABASE_BUILTIN,
1355                         .delta_type             = NETR_DELTA_DOMAIN,
1356                         .sid                    = null_sid,
1357                         .name                   = NULL,
1358                         .expected_error         = NT_STATUS_OK,
1359                         .expected_num_results   = 1,
1360                         .expected_delta_type_1  = NETR_DELTA_DOMAIN,
1361                         .comment                = "NETR_DELTA_DOMAIN"
1362                 },
1363                 {
1364                         .rid                    = DOMAIN_RID_ADMINISTRATOR,
1365                         .flags                  = 0,
1366                         .db_index               = SAM_DATABASE_BUILTIN,
1367                         .delta_type             = NETR_DELTA_USER,
1368                         .sid                    = null_sid,
1369                         .name                   = NULL,
1370                         .expected_error         = NT_STATUS_OK,
1371                         .expected_num_results   = 1,
1372                         .expected_delta_type_1  = NETR_DELTA_DELETE_USER,
1373                         .comment                = "NETR_DELTA_USER by rid 500"
1374                 },
1375                 {
1376                         .rid                    = 0,
1377                         .flags                  = 0,
1378                         .db_index               = SAM_DATABASE_BUILTIN,
1379                         .delta_type             = NETR_DELTA_USER,
1380                         .sid                    = null_sid,
1381                         .name                   = NULL,
1382                         .expected_error         = NT_STATUS_OK,
1383                         .expected_num_results   = 1,
1384                         .expected_delta_type_1  = NETR_DELTA_DELETE_USER,
1385                         .comment                = "NETR_DELTA_USER"
1386                 },
1387                 {
1388                         .rid                    = 544,
1389                         .flags                  = 0,
1390                         .db_index               = SAM_DATABASE_BUILTIN,
1391                         .delta_type             = NETR_DELTA_ALIAS,
1392                         .sid                    = null_sid,
1393                         .name                   = NULL,
1394                         .expected_error         = NT_STATUS_OK,
1395                         .expected_num_results   = 2,
1396                         .expected_delta_type_1  = NETR_DELTA_ALIAS,
1397                         .expected_delta_type_2  = NETR_DELTA_ALIAS_MEMBER,
1398                         .comment                = "NETR_DELTA_ALIAS by rid 544"
1399                 },
1400                 {
1401                         .rid                    = 544,
1402                         .flags                  = 0,
1403                         .db_index               = SAM_DATABASE_BUILTIN,
1404                         .delta_type             = NETR_DELTA_ALIAS_MEMBER,
1405                         .sid                    = null_sid,
1406                         .name                   = NULL,
1407                         .expected_error         = NT_STATUS_OK,
1408                         .expected_num_results   = 2,
1409                         .expected_delta_type_1  = NETR_DELTA_ALIAS,
1410                         .expected_delta_type_2  = NETR_DELTA_ALIAS_MEMBER,
1411                         .comment                = "NETR_DELTA_ALIAS_MEMBER by rid 544"
1412                 },
1413                 {
1414                         .rid                    = 544,
1415                         .flags                  = 0,
1416                         .db_index               = SAM_DATABASE_BUILTIN,
1417                         .delta_type             = 0,
1418                         .sid                    = null_sid,
1419                         .name                   = NULL,
1420                         .expected_error         = NT_STATUS_OK,
1421                         .expected_num_results   = 1,
1422                         .expected_delta_type_1  = NETR_DELTA_DOMAIN,
1423                         .comment                = "NULL DELTA by rid 544"
1424                 },
1425                 {
1426                         .rid                    = 544,
1427                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1428                         .db_index               = SAM_DATABASE_BUILTIN,
1429                         .delta_type             = 0,
1430                         .sid                    = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1431                         .name                   = NULL,
1432                         .expected_error         = NT_STATUS_OK,
1433                         .expected_num_results   = 1,
1434                         .expected_delta_type_1  = NETR_DELTA_DOMAIN,
1435                         .comment                = "NULL DELTA by rid 544 sid S-1-5-32-544 and flags"
1436                 },
1437                 {
1438                         .rid                    = 544,
1439                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1440                         .db_index               = SAM_DATABASE_BUILTIN,
1441                         .delta_type             = NETR_DELTA_ALIAS,
1442                         .sid                    = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1443                         .name                   = NULL,
1444                         .expected_error         = NT_STATUS_OK,
1445                         .expected_num_results   = 2,
1446                         .expected_delta_type_1  = NETR_DELTA_ALIAS,
1447                         .expected_delta_type_2  = NETR_DELTA_ALIAS_MEMBER,
1448                         .comment                = "NETR_DELTA_ALIAS by rid 544 and sid S-1-5-32-544 and flags"
1449                 },
1450                 {
1451                         .rid                    = 0,
1452                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1453                         .db_index               = SAM_DATABASE_BUILTIN,
1454                         .delta_type             = NETR_DELTA_ALIAS,
1455                         .sid                    = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1456                         .name                   = NULL,
1457                         .expected_error         = NT_STATUS_OK,
1458                         .expected_num_results   = 1,
1459                         .expected_delta_type_1  = NETR_DELTA_DELETE_ALIAS,
1460                         .comment                = "NETR_DELTA_ALIAS by sid S-1-5-32-544 and flags"
1461                 },
1462
1463                 /* SAM_DATABASE_PRIVS */
1464
1465                 {
1466                         .rid                    = 0,
1467                         .flags                  = 0,
1468                         .db_index               = SAM_DATABASE_PRIVS,
1469                         .delta_type             = 0,
1470                         .sid                    = null_sid,
1471                         .name                   = NULL,
1472                         .expected_error         = NT_STATUS_ACCESS_DENIED,
1473                         .expected_num_results   = 0,
1474                         .comment                = "NULL DELTA"
1475                 },
1476                 {
1477                         .rid                    = 0,
1478                         .flags                  = 0,
1479                         .db_index               = SAM_DATABASE_PRIVS,
1480                         .delta_type             = NETR_DELTA_MODIFY_COUNT,
1481                         .sid                    = null_sid,
1482                         .name                   = NULL,
1483                         .expected_error         = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1484                         .expected_num_results   = 0,
1485                         .comment                = "NETR_DELTA_MODIFY_COUNT"
1486                 },
1487                 {
1488                         .rid                    = 0,
1489                         .flags                  = 0,
1490                         .db_index               = SAM_DATABASE_PRIVS,
1491                         .delta_type             = NETR_DELTA_POLICY,
1492                         .sid                    = null_sid,
1493                         .name                   = NULL,
1494                         .expected_error         = NT_STATUS_OK,
1495                         .expected_num_results   = 1,
1496                         .expected_delta_type_1  = NETR_DELTA_POLICY,
1497                         .comment                = "NETR_DELTA_POLICY"
1498                 },
1499                 {
1500                         .rid                    = 0,
1501                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1502                         .db_index               = SAM_DATABASE_PRIVS,
1503                         .delta_type             = NETR_DELTA_POLICY,
1504                         .sid                    = null_sid,
1505                         .name                   = NULL,
1506                         .expected_error         = NT_STATUS_OK,
1507                         .expected_num_results   = 1,
1508                         .expected_delta_type_1  = NETR_DELTA_POLICY,
1509                         .comment                = "NETR_DELTA_POLICY by null sid and flags"
1510                 },
1511                 {
1512                         .rid                    = 0,
1513                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1514                         .db_index               = SAM_DATABASE_PRIVS,
1515                         .delta_type             = NETR_DELTA_POLICY,
1516                         .sid                    = *dom_sid_parse_talloc(tctx, "S-1-5-32"),
1517                         .name                   = NULL,
1518                         .expected_error         = NT_STATUS_OK,
1519                         .expected_num_results   = 1,
1520                         .expected_delta_type_1  = NETR_DELTA_POLICY,
1521                         .comment                = "NETR_DELTA_POLICY by sid S-1-5-32 and flags"
1522                 },
1523                 {
1524                         .rid                    = DOMAIN_RID_ADMINISTRATOR,
1525                         .flags                  = 0,
1526                         .db_index               = SAM_DATABASE_PRIVS,
1527                         .delta_type             = NETR_DELTA_ACCOUNT,
1528                         .sid                    = null_sid,
1529                         .name                   = NULL,
1530                         .expected_error         = NT_STATUS_SYNCHRONIZATION_REQUIRED, /* strange */
1531                         .expected_num_results   = 0,
1532                         .comment                = "NETR_DELTA_ACCOUNT by rid 500"
1533                 },
1534                 {
1535                         .rid                    = 0,
1536                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1537                         .db_index               = SAM_DATABASE_PRIVS,
1538                         .delta_type             = NETR_DELTA_ACCOUNT,
1539                         .sid                    = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1540                         .name                   = NULL,
1541                         .expected_error         = NT_STATUS_OK,
1542                         .expected_num_results   = 1,
1543                         .expected_delta_type_1  = NETR_DELTA_ACCOUNT,
1544                         .comment                = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and flags"
1545                 },
1546                 {
1547                         .rid                    = 0,
1548                         .flags                  = NETR_CHANGELOG_SID_INCLUDED |
1549                                                   NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED,
1550                         .db_index               = SAM_DATABASE_PRIVS,
1551                         .delta_type             = NETR_DELTA_ACCOUNT,
1552                         .sid                    = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1553                         .name                   = NULL,
1554                         .expected_error         = NT_STATUS_OK,
1555                         .expected_num_results   = 1,
1556                         .expected_delta_type_1  = NETR_DELTA_ACCOUNT,
1557                         .comment                = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and 2 flags"
1558                 },
1559                 {
1560                         .rid                    = 0,
1561                         .flags                  = NETR_CHANGELOG_SID_INCLUDED |
1562                                                   NETR_CHANGELOG_NAME_INCLUDED,
1563                         .db_index               = SAM_DATABASE_PRIVS,
1564                         .delta_type             = NETR_DELTA_ACCOUNT,
1565                         .sid                    = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1566                         .name                   = NULL,
1567                         .expected_error         = NT_STATUS_INVALID_PARAMETER,
1568                         .expected_num_results   = 0,
1569                         .comment                = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and invalid flags"
1570                 },
1571                 {
1572                         .rid                    = DOMAIN_RID_ADMINISTRATOR,
1573                         .flags                  = NETR_CHANGELOG_SID_INCLUDED,
1574                         .db_index               = SAM_DATABASE_PRIVS,
1575                         .delta_type             = NETR_DELTA_ACCOUNT,
1576                         .sid                    = *sid,
1577                         .name                   = NULL,
1578                         .expected_error         = NT_STATUS_OK,
1579                         .expected_num_results   = 1,
1580                         .expected_delta_type_1  = NETR_DELTA_DELETE_ACCOUNT,
1581                         .comment                = "NETR_DELTA_ACCOUNT by rid 500, sid and flags"
1582                 },
1583                 {
1584                         .rid                    = 0,
1585                         .flags                  = NETR_CHANGELOG_NAME_INCLUDED,
1586                         .db_index               = SAM_DATABASE_PRIVS,
1587                         .delta_type             = NETR_DELTA_SECRET,
1588                         .sid                    = null_sid,
1589                         .name                   = "IsurelydontexistIhope",
1590                         .expected_error         = NT_STATUS_OK,
1591                         .expected_num_results   = 1,
1592                         .expected_delta_type_1  = NETR_DELTA_DELETE_SECRET,
1593                         .comment                = "NETR_DELTA_SECRET by name 'IsurelydontexistIhope' and flags"
1594                 },
1595                 {
1596                         .rid                    = 0,
1597                         .flags                  = NETR_CHANGELOG_NAME_INCLUDED,
1598                         .db_index               = SAM_DATABASE_PRIVS,
1599                         .delta_type             = NETR_DELTA_SECRET,
1600                         .sid                    = null_sid,
1601                         .name                   = "G$BCKUPKEY_P",
1602                         .expected_error         = NT_STATUS_OK,
1603                         .expected_num_results   = 1,
1604                         .expected_delta_type_1  = NETR_DELTA_SECRET,
1605                         .comment                = "NETR_DELTA_SECRET by name 'G$BCKUPKEY_P' and flags"
1606                 }
1607         };
1608
1609         ZERO_STRUCT(return_authenticator);
1610
1611         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1612         r.in.computername = TEST_MACHINE_NAME;
1613         r.in.return_authenticator = &return_authenticator;
1614         r.out.return_authenticator = &return_authenticator;
1615         r.out.delta_enum_array = &delta_enum_array;
1616
1617         for (d=0; d<3; d++) {
1618                 const char *database = NULL;
1619
1620                 switch (d) {
1621                 case 0:
1622                         database = "SAM";
1623                         break;
1624                 case 1:
1625                         database = "BUILTIN";
1626                         break;
1627                 case 2:
1628                         database = "LSA";
1629                         break;
1630                 default:
1631                         break;
1632                 }
1633
1634                 torture_comment(tctx, "Testing DatabaseRedo\n");
1635
1636                 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1637                         return false;
1638                 }
1639
1640                 for (i=0;i<ARRAY_SIZE(changes);i++) {
1641
1642                         if (d != changes[i].db_index) {
1643                                 continue;
1644                         }
1645
1646                         netlogon_creds_client_authenticator(creds, &credential);
1647
1648                         r.in.credential = &credential;
1649
1650                         e.serial_number1        = 0;
1651                         e.serial_number2        = 0;
1652                         e.object_rid            = changes[i].rid;
1653                         e.flags                 = changes[i].flags;
1654                         e.db_index              = changes[i].db_index;
1655                         e.delta_type            = changes[i].delta_type;
1656
1657                         switch (changes[i].flags & (NETR_CHANGELOG_NAME_INCLUDED | NETR_CHANGELOG_SID_INCLUDED)) {
1658                         case NETR_CHANGELOG_SID_INCLUDED:
1659                                 e.object.object_sid             = changes[i].sid;
1660                                 break;
1661                         case NETR_CHANGELOG_NAME_INCLUDED:
1662                                 e.object.object_name            = changes[i].name;
1663                                 break;
1664                         default:
1665                                 break;
1666                         }
1667
1668                         r.in.change_log_entry = e;
1669
1670                         torture_comment(tctx, "Testing DatabaseRedo with database %s and %s\n",
1671                                 database, changes[i].comment);
1672
1673                         torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseRedo_r(b, tctx, &r),
1674                                 "DatabaseRedo failed");
1675                         if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1676                                 return true;
1677                         }
1678
1679                         torture_assert_ntstatus_equal(tctx, r.out.result, changes[i].expected_error, changes[i].comment);
1680                         if (delta_enum_array) {
1681                                 torture_assert_int_equal(tctx,
1682                                         delta_enum_array->num_deltas,
1683                                         changes[i].expected_num_results,
1684                                         changes[i].comment);
1685                                 if (delta_enum_array->num_deltas > 0) {
1686                                         torture_assert_int_equal(tctx,
1687                                                 delta_enum_array->delta_enum[0].delta_type,
1688                                                 changes[i].expected_delta_type_1,
1689                                                 changes[i].comment);
1690                                 }
1691                                 if (delta_enum_array->num_deltas > 1) {
1692                                         torture_assert_int_equal(tctx,
1693                                                 delta_enum_array->delta_enum[1].delta_type,
1694                                                 changes[i].expected_delta_type_2,
1695                                                 changes[i].comment);
1696                                 }
1697                         }
1698
1699                         if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1700                                 torture_comment(tctx, "Credential chaining failed\n");
1701                                 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1702                                         return false;
1703                                 }
1704                         }
1705                 }
1706         }
1707         }
1708
1709         return true;
1710 }
1711
1712 /*
1713   try a netlogon AccountDeltas
1714 */
1715 static bool test_AccountDeltas(struct torture_context *tctx,
1716                                struct dcerpc_pipe *p,
1717                                struct cli_credentials *machine_credentials)
1718 {
1719         struct netr_AccountDeltas r;
1720         struct netlogon_creds_CredentialState *creds;
1721
1722         struct netr_AccountBuffer buffer;
1723         uint32_t count_returned = 0;
1724         uint32_t total_entries = 0;
1725         struct netr_UAS_INFO_0 recordid;
1726         struct netr_Authenticator return_authenticator;
1727         struct dcerpc_binding_handle *b = p->binding_handle;
1728
1729         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1730                 return false;
1731         }
1732
1733         ZERO_STRUCT(return_authenticator);
1734
1735         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1736         r.in.computername = TEST_MACHINE_NAME;
1737         r.in.return_authenticator = &return_authenticator;
1738         netlogon_creds_client_authenticator(creds, &r.in.credential);
1739         ZERO_STRUCT(r.in.uas);
1740         r.in.count=10;
1741         r.in.level=0;
1742         r.in.buffersize=100;
1743         r.out.buffer = &buffer;
1744         r.out.count_returned = &count_returned;
1745         r.out.total_entries = &total_entries;
1746         r.out.recordid = &recordid;
1747         r.out.return_authenticator = &return_authenticator;
1748
1749         /* w2k3 returns "NOT IMPLEMENTED" for this call */
1750         torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountDeltas_r(b, tctx, &r),
1751                 "AccountDeltas failed");
1752         torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas");
1753
1754         return true;
1755 }
1756
1757 /*
1758   try a netlogon AccountSync
1759 */
1760 static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p,
1761                              struct cli_credentials *machine_credentials)
1762 {
1763         struct netr_AccountSync r;
1764         struct netlogon_creds_CredentialState *creds;
1765
1766         struct netr_AccountBuffer buffer;
1767         uint32_t count_returned = 0;
1768         uint32_t total_entries = 0;
1769         uint32_t next_reference = 0;
1770         struct netr_UAS_INFO_0 recordid;
1771         struct netr_Authenticator return_authenticator;
1772         struct dcerpc_binding_handle *b = p->binding_handle;
1773
1774         ZERO_STRUCT(recordid);
1775         ZERO_STRUCT(return_authenticator);
1776
1777         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1778                 return false;
1779         }
1780
1781         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1782         r.in.computername = TEST_MACHINE_NAME;
1783         r.in.return_authenticator = &return_authenticator;
1784         netlogon_creds_client_authenticator(creds, &r.in.credential);
1785         r.in.recordid = &recordid;
1786         r.in.reference=0;
1787         r.in.level=0;
1788         r.in.buffersize=100;
1789         r.out.buffer = &buffer;
1790         r.out.count_returned = &count_returned;
1791         r.out.total_entries = &total_entries;
1792         r.out.next_reference = &next_reference;
1793         r.out.recordid = &recordid;
1794         r.out.return_authenticator = &return_authenticator;
1795
1796         /* w2k3 returns "NOT IMPLEMENTED" for this call */
1797         torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountSync_r(b, tctx, &r),
1798                 "AccountSync failed");
1799         torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountSync");
1800
1801         return true;
1802 }
1803
1804 /*
1805   try a netlogon GetDcName
1806 */
1807 static bool test_GetDcName(struct torture_context *tctx,
1808                            struct dcerpc_pipe *p)
1809 {
1810         struct netr_GetDcName r;
1811         const char *dcname = NULL;
1812         struct dcerpc_binding_handle *b = p->binding_handle;
1813
1814         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1815         r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
1816         r.out.dcname = &dcname;
1817
1818         torture_assert_ntstatus_ok(tctx, dcerpc_netr_GetDcName_r(b, tctx, &r),
1819                 "GetDcName failed");
1820         torture_assert_werr_ok(tctx, r.out.result, "GetDcName failed");
1821
1822         torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1823
1824         return true;
1825 }
1826
1827 static const char *function_code_str(TALLOC_CTX *mem_ctx,
1828                                      enum netr_LogonControlCode function_code)
1829 {
1830         switch (function_code) {
1831         case NETLOGON_CONTROL_QUERY:
1832                 return "NETLOGON_CONTROL_QUERY";
1833         case NETLOGON_CONTROL_REPLICATE:
1834                 return "NETLOGON_CONTROL_REPLICATE";
1835         case NETLOGON_CONTROL_SYNCHRONIZE:
1836                 return "NETLOGON_CONTROL_SYNCHRONIZE";
1837         case NETLOGON_CONTROL_PDC_REPLICATE:
1838                 return "NETLOGON_CONTROL_PDC_REPLICATE";
1839         case NETLOGON_CONTROL_REDISCOVER:
1840                 return "NETLOGON_CONTROL_REDISCOVER";
1841         case NETLOGON_CONTROL_TC_QUERY:
1842                 return "NETLOGON_CONTROL_TC_QUERY";
1843         case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1844                 return "NETLOGON_CONTROL_TRANSPORT_NOTIFY";
1845         case NETLOGON_CONTROL_FIND_USER:
1846                 return "NETLOGON_CONTROL_FIND_USER";
1847         case NETLOGON_CONTROL_CHANGE_PASSWORD:
1848                 return "NETLOGON_CONTROL_CHANGE_PASSWORD";
1849         case NETLOGON_CONTROL_TC_VERIFY:
1850                 return "NETLOGON_CONTROL_TC_VERIFY";
1851         case NETLOGON_CONTROL_FORCE_DNS_REG:
1852                 return "NETLOGON_CONTROL_FORCE_DNS_REG";
1853         case NETLOGON_CONTROL_QUERY_DNS_REG:
1854                 return "NETLOGON_CONTROL_QUERY_DNS_REG";
1855         case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1856                 return "NETLOGON_CONTROL_BACKUP_CHANGE_LOG";
1857         case NETLOGON_CONTROL_TRUNCATE_LOG:
1858                 return "NETLOGON_CONTROL_TRUNCATE_LOG";
1859         case NETLOGON_CONTROL_SET_DBFLAG:
1860                 return "NETLOGON_CONTROL_SET_DBFLAG";
1861         case NETLOGON_CONTROL_BREAKPOINT:
1862                 return "NETLOGON_CONTROL_BREAKPOINT";
1863         default:
1864                 return talloc_asprintf(mem_ctx, "unknown function code: %d",
1865                                        function_code);
1866         }
1867 }
1868
1869
1870 /*
1871   try a netlogon LogonControl
1872 */
1873 static bool test_LogonControl(struct torture_context *tctx,
1874                               struct dcerpc_pipe *p,
1875                               struct cli_credentials *machine_credentials)
1876
1877 {
1878         NTSTATUS status;
1879         struct netr_LogonControl r;
1880         union netr_CONTROL_QUERY_INFORMATION query;
1881         int i,f;
1882         enum netr_SchannelType secure_channel_type = SEC_CHAN_NULL;
1883         struct dcerpc_binding_handle *b = p->binding_handle;
1884
1885         uint32_t function_codes[] = {
1886                 NETLOGON_CONTROL_QUERY,
1887                 NETLOGON_CONTROL_REPLICATE,
1888                 NETLOGON_CONTROL_SYNCHRONIZE,
1889                 NETLOGON_CONTROL_PDC_REPLICATE,
1890                 NETLOGON_CONTROL_REDISCOVER,
1891                 NETLOGON_CONTROL_TC_QUERY,
1892                 NETLOGON_CONTROL_TRANSPORT_NOTIFY,
1893                 NETLOGON_CONTROL_FIND_USER,
1894                 NETLOGON_CONTROL_CHANGE_PASSWORD,
1895                 NETLOGON_CONTROL_TC_VERIFY,
1896                 NETLOGON_CONTROL_FORCE_DNS_REG,
1897                 NETLOGON_CONTROL_QUERY_DNS_REG,
1898                 NETLOGON_CONTROL_BACKUP_CHANGE_LOG,
1899                 NETLOGON_CONTROL_TRUNCATE_LOG,
1900                 NETLOGON_CONTROL_SET_DBFLAG,
1901                 NETLOGON_CONTROL_BREAKPOINT
1902         };
1903
1904         if (machine_credentials) {
1905                 secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
1906         }
1907
1908         torture_comment(tctx, "Testing LogonControl with secure channel type: %d\n",
1909                 secure_channel_type);
1910
1911         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1912         r.in.function_code = 1;
1913         r.out.query = &query;
1914
1915         for (f=0;f<ARRAY_SIZE(function_codes); f++) {
1916         for (i=1;i<5;i++) {
1917
1918                 r.in.function_code = function_codes[f];
1919                 r.in.level = i;
1920
1921                 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
1922                                 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
1923
1924                 status = dcerpc_netr_LogonControl_r(b, tctx, &r);
1925                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1926
1927                 switch (r.in.level) {
1928                 case 1:
1929                         switch (r.in.function_code) {
1930                         case NETLOGON_CONTROL_REPLICATE:
1931                         case NETLOGON_CONTROL_SYNCHRONIZE:
1932                         case NETLOGON_CONTROL_PDC_REPLICATE:
1933                         case NETLOGON_CONTROL_BREAKPOINT:
1934                         case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1935                                 if ((secure_channel_type == SEC_CHAN_BDC) ||
1936                                     (secure_channel_type == SEC_CHAN_WKSTA)) {
1937                                         torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1938                                                 "LogonControl returned unexpected error code");
1939                                 } else {
1940                                         torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1941                                                 "LogonControl returned unexpected error code");
1942                                 }
1943                                 break;
1944
1945                         case NETLOGON_CONTROL_REDISCOVER:
1946                         case NETLOGON_CONTROL_TC_QUERY:
1947                         case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1948                         case NETLOGON_CONTROL_FIND_USER:
1949                         case NETLOGON_CONTROL_CHANGE_PASSWORD:
1950                         case NETLOGON_CONTROL_TC_VERIFY:
1951                         case NETLOGON_CONTROL_FORCE_DNS_REG:
1952                         case NETLOGON_CONTROL_QUERY_DNS_REG:
1953                         case NETLOGON_CONTROL_SET_DBFLAG:
1954                                 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1955                                         "LogonControl returned unexpected error code");
1956                                 break;
1957                         case NETLOGON_CONTROL_TRUNCATE_LOG:
1958                                 if ((secure_channel_type == SEC_CHAN_BDC) ||
1959                                     (secure_channel_type == SEC_CHAN_WKSTA)) {
1960                                         torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1961                                                 "LogonControl returned unexpected error code");
1962                                 } else {
1963                                         torture_assert_werr_ok(tctx, r.out.result,
1964                                                 "LogonControl returned unexpected result");
1965                                 }
1966                                 break;
1967                         default:
1968                                 torture_assert_werr_ok(tctx, r.out.result,
1969                                         "LogonControl returned unexpected result");
1970                                 break;
1971                         }
1972                         break;
1973                 case 2:
1974                         torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1975                                 "LogonControl returned unexpected error code");
1976                         break;
1977                 default:
1978                         torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL,
1979                                 "LogonControl returned unexpected error code");
1980                         break;
1981                 }
1982         }
1983         }
1984
1985         r.in.level = 52;
1986         torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
1987                         function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
1988         status = dcerpc_netr_LogonControl_r(b, tctx, &r);
1989         torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1990         torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_LEVEL, "LogonControl");
1991
1992         return true;
1993 }
1994
1995
1996 /*
1997   try a netlogon GetAnyDCName
1998 */
1999 static bool test_GetAnyDCName(struct torture_context *tctx,
2000                               struct dcerpc_pipe *p)
2001 {
2002         NTSTATUS status;
2003         struct netr_GetAnyDCName r;
2004         const char *dcname = NULL;
2005         struct dcerpc_binding_handle *b = p->binding_handle;
2006
2007         r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
2008         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2009         r.out.dcname = &dcname;
2010
2011         status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
2012         torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
2013         if ((!W_ERROR_IS_OK(r.out.result)) &&
2014             (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
2015                 return false;
2016         }
2017
2018         if (dcname) {
2019             torture_comment(tctx, "\tDC is at '%s'\n", dcname);
2020         }
2021
2022         r.in.domainname = NULL;
2023
2024         status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
2025         torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
2026         if ((!W_ERROR_IS_OK(r.out.result)) &&
2027             (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
2028                 return false;
2029         }
2030
2031         r.in.domainname = "";
2032
2033         status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
2034         torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
2035         if ((!W_ERROR_IS_OK(r.out.result)) &&
2036             (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
2037                 return false;
2038         }
2039
2040         return true;
2041 }
2042
2043
2044 /*
2045   try a netlogon LogonControl2
2046 */
2047 static bool test_LogonControl2(struct torture_context *tctx,
2048                                struct dcerpc_pipe *p,
2049                                struct cli_credentials *machine_credentials)
2050
2051 {
2052         NTSTATUS status;
2053         struct netr_LogonControl2 r;
2054         union netr_CONTROL_DATA_INFORMATION data;
2055         union netr_CONTROL_QUERY_INFORMATION query;
2056         int i;
2057         struct dcerpc_binding_handle *b = p->binding_handle;
2058
2059         data.domain = lpcfg_workgroup(tctx->lp_ctx);
2060
2061         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2062
2063         r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
2064         r.in.data = &data;
2065         r.out.query = &query;
2066
2067         for (i=1;i<4;i++) {
2068                 r.in.level = i;
2069
2070                 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2071                         function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2072
2073                 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2074                 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2075         }
2076
2077         data.domain = lpcfg_workgroup(tctx->lp_ctx);
2078
2079         r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
2080         r.in.data = &data;
2081
2082         for (i=1;i<4;i++) {
2083                 r.in.level = i;
2084
2085                 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2086                         function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2087
2088                 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2089                 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2090         }
2091
2092         data.domain = lpcfg_workgroup(tctx->lp_ctx);
2093
2094         r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
2095         r.in.data = &data;
2096
2097         for (i=1;i<4;i++) {
2098                 r.in.level = i;
2099
2100                 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2101                         function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2102
2103                 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2104                 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2105         }
2106
2107         data.debug_level = ~0;
2108
2109         r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2110         r.in.data = &data;
2111
2112         for (i=1;i<4;i++) {
2113                 r.in.level = i;
2114
2115                 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2116                         function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2117
2118                 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2119                 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2120         }
2121
2122         ZERO_STRUCT(data);
2123         r.in.function_code = 52;
2124         r.in.data = &data;
2125
2126         torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2127                         function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2128
2129         status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2130         torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2131         torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL, "LogonControl2");
2132
2133         data.debug_level = ~0;
2134
2135         r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2136         r.in.data = &data;
2137
2138         r.in.level = 52;
2139         torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2140                         function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2141
2142         status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2143         torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2144         torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL, "LogonControl2");
2145
2146         return true;
2147 }
2148
2149 /*
2150   try a netlogon DatabaseSync2
2151 */
2152 static bool test_DatabaseSync2(struct torture_context *tctx,
2153                                struct dcerpc_pipe *p,
2154                                struct cli_credentials *machine_credentials)
2155 {
2156         struct netr_DatabaseSync2 r;
2157         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
2158         struct netr_Authenticator return_authenticator, credential;
2159
2160         struct netlogon_creds_CredentialState *creds;
2161         const uint32_t database_ids[] = {0, 1, 2};
2162         int i;
2163         struct dcerpc_binding_handle *b = p->binding_handle;
2164
2165         if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS,
2166                                     machine_credentials,
2167                                     cli_credentials_get_secure_channel_type(machine_credentials),
2168                                     &creds)) {
2169                 return false;
2170         }
2171
2172         ZERO_STRUCT(return_authenticator);
2173
2174         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2175         r.in.computername = TEST_MACHINE_NAME;
2176         r.in.preferredmaximumlength = (uint32_t)-1;
2177         r.in.return_authenticator = &return_authenticator;
2178         r.out.return_authenticator = &return_authenticator;
2179         r.out.delta_enum_array = &delta_enum_array;
2180
2181         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
2182
2183                 uint32_t sync_context = 0;
2184
2185                 r.in.database_id = database_ids[i];
2186                 r.in.sync_context = &sync_context;
2187                 r.out.sync_context = &sync_context;
2188                 r.in.restart_state = 0;
2189
2190                 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id);
2191
2192                 do {
2193                         netlogon_creds_client_authenticator(creds, &credential);
2194
2195                         r.in.credential = &credential;
2196
2197                         torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync2_r(b, tctx, &r),
2198                                 "DatabaseSync2 failed");
2199                         if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
2200                             break;
2201
2202                         /* Native mode servers don't do this */
2203                         if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
2204                                 return true;
2205                         }
2206
2207                         torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync2");
2208
2209                         if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
2210                                 torture_comment(tctx, "Credential chaining failed\n");
2211                         }
2212
2213                 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
2214         }
2215
2216         return true;
2217 }
2218
2219
2220 /*
2221   try a netlogon LogonControl2Ex
2222 */
2223 static bool test_LogonControl2Ex(struct torture_context *tctx,
2224                                  struct dcerpc_pipe *p,
2225                                  struct cli_credentials *machine_credentials)
2226
2227 {
2228         NTSTATUS status;
2229         struct netr_LogonControl2Ex r;
2230         union netr_CONTROL_DATA_INFORMATION data;
2231         union netr_CONTROL_QUERY_INFORMATION query;
2232         int i;
2233         struct dcerpc_binding_handle *b = p->binding_handle;
2234
2235         data.domain = lpcfg_workgroup(tctx->lp_ctx);
2236
2237         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2238
2239         r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
2240         r.in.data = &data;
2241         r.out.query = &query;
2242
2243         for (i=1;i<4;i++) {
2244                 r.in.level = i;
2245
2246                 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2247                        i, r.in.function_code);
2248
2249                 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2250                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2251         }
2252
2253         data.domain = lpcfg_workgroup(tctx->lp_ctx);
2254
2255         r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
2256         r.in.data = &data;
2257
2258         for (i=1;i<4;i++) {
2259                 r.in.level = i;
2260
2261                 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2262                        i, r.in.function_code);
2263
2264                 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2265                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2266         }
2267
2268         data.domain = lpcfg_workgroup(tctx->lp_ctx);
2269
2270         r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
2271         r.in.data = &data;
2272
2273         for (i=1;i<4;i++) {
2274                 r.in.level = i;
2275
2276                 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2277                        i, r.in.function_code);
2278
2279                 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2280                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2281         }
2282
2283         data.debug_level = ~0;
2284
2285         r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2286         r.in.data = &data;
2287
2288         for (i=1;i<4;i++) {
2289                 r.in.level = i;
2290
2291                 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2292                        i, r.in.function_code);
2293
2294                 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2295                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2296         }
2297
2298         return true;
2299 }
2300
2301 static bool test_netr_GetForestTrustInformation(struct torture_context *tctx,
2302                                                 struct dcerpc_pipe *p,
2303                                                 struct cli_credentials *machine_credentials)
2304 {
2305         struct netr_GetForestTrustInformation r;
2306         struct netlogon_creds_CredentialState *creds;
2307         struct netr_Authenticator a;
2308         struct netr_Authenticator return_authenticator;
2309         struct lsa_ForestTrustInformation *forest_trust_info;
2310         struct dcerpc_binding_handle *b = p->binding_handle;
2311
2312         if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2313                                     machine_credentials, &creds)) {
2314                 return false;
2315         }
2316
2317         netlogon_creds_client_authenticator(creds, &a);
2318
2319         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2320         r.in.computer_name = TEST_MACHINE_NAME;
2321         r.in.credential = &a;
2322         r.in.flags = 0;
2323         r.out.return_authenticator = &return_authenticator;
2324         r.out.forest_trust_info = &forest_trust_info;
2325
2326         torture_assert_ntstatus_ok(tctx,
2327                 dcerpc_netr_GetForestTrustInformation_r(b, tctx, &r),
2328                 "netr_GetForestTrustInformation failed");
2329         if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
2330                 torture_comment(tctx, "not considering NT_STATUS_NOT_IMPLEMENTED as an error\n");
2331         } else {
2332                 torture_assert_ntstatus_ok(tctx, r.out.result,
2333                         "netr_GetForestTrustInformation failed");
2334         }
2335
2336         torture_assert(tctx,
2337                 netlogon_creds_client_check(creds, &return_authenticator.cred),
2338                 "Credential chaining failed");
2339
2340         return true;
2341 }
2342
2343 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx,
2344                                                    struct dcerpc_pipe *p, const char *trusted_domain_name)
2345 {
2346         NTSTATUS status;
2347         struct netr_DsRGetForestTrustInformation r;
2348         struct lsa_ForestTrustInformation info, *info_ptr;
2349         struct dcerpc_binding_handle *b = p->binding_handle;
2350
2351         info_ptr = &info;
2352
2353         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2354         r.in.trusted_domain_name = trusted_domain_name;
2355         r.in.flags = 0;
2356         r.out.forest_trust_info = &info_ptr;
2357
2358         torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n");
2359
2360         status = dcerpc_netr_DsRGetForestTrustInformation_r(b, tctx, &r);
2361         torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation");
2362         torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation");
2363
2364         return true;
2365 }
2366
2367 /*
2368   try a netlogon netr_DsrEnumerateDomainTrusts
2369 */
2370 static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx,
2371                                           struct dcerpc_pipe *p)
2372 {
2373         NTSTATUS status;
2374         struct netr_DsrEnumerateDomainTrusts r;
2375         struct netr_DomainTrustList trusts;
2376         int i;
2377         struct dcerpc_binding_handle *b = p->binding_handle;
2378
2379         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2380         r.in.trust_flags = 0x3f;
2381         r.out.trusts = &trusts;
2382
2383         status = dcerpc_netr_DsrEnumerateDomainTrusts_r(b, tctx, &r);
2384         torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts");
2385         torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts");
2386
2387         /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation
2388          * will show non-forest trusts and all UPN suffixes of the own forest
2389          * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */
2390
2391         if (r.out.trusts->count) {
2392                 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) {
2393                         return false;
2394                 }
2395         }
2396
2397         for (i=0; i<r.out.trusts->count; i++) {
2398
2399                 /* get info for transitive forest trusts */
2400
2401                 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
2402                         if (!test_netr_DsRGetForestTrustInformation(tctx, p,
2403                                                                     r.out.trusts->array[i].dns_name)) {
2404                                 return false;
2405                         }
2406                 }
2407         }
2408
2409         return true;
2410 }
2411
2412 static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
2413                                                   struct dcerpc_pipe *p)
2414 {
2415         NTSTATUS status;
2416         struct netr_NetrEnumerateTrustedDomains r;
2417         struct netr_Blob trusted_domains_blob;
2418         struct dcerpc_binding_handle *b = p->binding_handle;
2419
2420         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2421         r.out.trusted_domains_blob = &trusted_domains_blob;
2422
2423         status = dcerpc_netr_NetrEnumerateTrustedDomains_r(b, tctx, &r);
2424         torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
2425         torture_assert_ntstatus_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
2426
2427         return true;
2428 }
2429
2430 static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx,
2431                                                     struct dcerpc_pipe *p)
2432 {
2433         NTSTATUS status;
2434         struct netr_NetrEnumerateTrustedDomainsEx r;
2435         struct netr_DomainTrustList dom_trust_list;
2436         struct dcerpc_binding_handle *b = p->binding_handle;
2437
2438         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2439         r.out.dom_trust_list = &dom_trust_list;
2440
2441         status = dcerpc_netr_NetrEnumerateTrustedDomainsEx_r(b, tctx, &r);
2442         torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx");
2443         torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx");
2444
2445         return true;
2446 }
2447
2448
2449 static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx,
2450                                      const char *computer_name,
2451                                      const char *expected_site)
2452 {
2453         NTSTATUS status;
2454         struct netr_DsRGetSiteName r;
2455         const char *site = NULL;
2456         struct dcerpc_binding_handle *b = p->binding_handle;
2457
2458         r.in.computer_name              = computer_name;
2459         r.out.site                      = &site;
2460         torture_comment(tctx, "Testing netr_DsRGetSiteName\n");
2461
2462         status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2463         torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2464         torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
2465         torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
2466
2467         return true;
2468 }
2469
2470 /*
2471   try a netlogon netr_DsRGetDCName
2472 */
2473 static bool test_netr_DsRGetDCName(struct torture_context *tctx,
2474                                    struct dcerpc_pipe *p)
2475 {
2476         NTSTATUS status;
2477         struct netr_DsRGetDCName r;
2478         struct netr_DsRGetDCNameInfo *info = NULL;
2479         struct dcerpc_binding_handle *b = p->binding_handle;
2480
2481         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2482         r.in.domain_name        = lpcfg_dnsdomain(tctx->lp_ctx);
2483         r.in.domain_guid        = NULL;
2484         r.in.site_guid          = NULL;
2485         r.in.flags              = DS_RETURN_DNS_NAME;
2486         r.out.info              = &info;
2487
2488         status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2489         torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2490         torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2491
2492         torture_assert_int_equal(tctx,
2493                                  (info->dc_flags & (DS_DNS_CONTROLLER)),
2494                                  DS_DNS_CONTROLLER,
2495                                  "DsRGetDCName");
2496         torture_assert_int_equal(tctx,
2497                                  (info->dc_flags & (DS_DNS_DOMAIN)),
2498                                  DS_DNS_DOMAIN,
2499                                  "DsRGetDCName");
2500         torture_assert_int_equal(tctx,
2501                                  (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2502                                  DS_DNS_FOREST_ROOT,
2503                                  "DsRGetDCName");
2504
2505         r.in.domain_name        = lpcfg_workgroup(tctx->lp_ctx);
2506         r.in.flags              = 0;
2507
2508         status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2509         torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2510         torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2511
2512         torture_assert_int_equal(tctx,
2513                                  (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
2514                                  "DsRGetDCName");
2515         torture_assert_int_equal(tctx,
2516                                  (info->dc_flags & (DS_DNS_DOMAIN)), 0,
2517                                  "DsRGetDCName");
2518         torture_assert_int_equal(tctx,
2519                                  (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2520                                  DS_DNS_FOREST_ROOT,
2521                                  "DsRGetDCName");
2522
2523         if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
2524                 torture_assert_int_equal(tctx,
2525                                          (info->dc_flags & (DS_SERVER_CLOSEST)),
2526                                          DS_SERVER_CLOSEST,
2527                                          "DsRGetDCName");
2528         }
2529
2530         return test_netr_DsRGetSiteName(p, tctx,
2531                                        info->dc_unc,
2532                                        info->dc_site_name);
2533 }
2534
2535 /*
2536   try a netlogon netr_DsRGetDCNameEx
2537 */
2538 static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
2539                                      struct dcerpc_pipe *p)
2540 {
2541         NTSTATUS status;
2542         struct netr_DsRGetDCNameEx r;
2543         struct netr_DsRGetDCNameInfo *info = NULL;
2544         struct dcerpc_binding_handle *b = p->binding_handle;
2545
2546         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2547         r.in.domain_name        = lpcfg_dnsdomain(tctx->lp_ctx);
2548         r.in.domain_guid        = NULL;
2549         r.in.site_name          = NULL;
2550         r.in.flags              = DS_RETURN_DNS_NAME;
2551         r.out.info              = &info;
2552
2553         status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2554         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2555         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2556
2557         torture_assert_int_equal(tctx,
2558                                  (info->dc_flags & (DS_DNS_CONTROLLER)),
2559                                  DS_DNS_CONTROLLER,
2560                                  "DsRGetDCNameEx");
2561         torture_assert_int_equal(tctx,
2562                                  (info->dc_flags & (DS_DNS_DOMAIN)),
2563                                  DS_DNS_DOMAIN,
2564                                  "DsRGetDCNameEx");
2565         torture_assert_int_equal(tctx,
2566                                  (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2567                                  DS_DNS_FOREST_ROOT,
2568                                  "DsRGetDCNameEx");
2569
2570         r.in.domain_name        = lpcfg_workgroup(tctx->lp_ctx);
2571         r.in.flags              = 0;
2572
2573         status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2574         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2575         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2576
2577         torture_assert_int_equal(tctx,
2578                                  (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
2579                                  "DsRGetDCNameEx");
2580         torture_assert_int_equal(tctx,
2581                                  (info->dc_flags & (DS_DNS_DOMAIN)), 0,
2582                                  "DsRGetDCNameEx");
2583         torture_assert_int_equal(tctx,
2584                                  (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2585                                  DS_DNS_FOREST_ROOT,
2586                                  "DsRGetDCNameEx");
2587
2588         if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
2589                 torture_assert_int_equal(tctx,
2590                                          (info->dc_flags & (DS_SERVER_CLOSEST)),
2591                                          DS_SERVER_CLOSEST,
2592                                          "DsRGetDCNameEx");
2593         }
2594
2595         return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2596                                         info->dc_site_name);
2597 }
2598
2599 /*
2600   try a netlogon netr_DsRGetDCNameEx2
2601 */
2602 static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
2603                                       struct dcerpc_pipe *p)
2604 {
2605         NTSTATUS status;
2606         struct netr_DsRGetDCNameEx2 r;
2607         struct netr_DsRGetDCNameInfo *info = NULL;
2608         struct dcerpc_binding_handle *b = p->binding_handle;
2609
2610         torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
2611         ZERO_STRUCT(r.in);
2612         r.in.flags              = DS_RETURN_DNS_NAME;
2613         r.out.info              = &info;
2614
2615         status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2616         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2617         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2618
2619         torture_assert_int_equal(tctx,
2620                                  (info->dc_flags & (DS_DNS_CONTROLLER)),
2621                                  DS_DNS_CONTROLLER,
2622                                  "DsRGetDCNameEx2");
2623         torture_assert_int_equal(tctx,
2624                                  (info->dc_flags & (DS_DNS_DOMAIN)),
2625                                  DS_DNS_DOMAIN,
2626                                  "DsRGetDCNameEx2");
2627         torture_assert_int_equal(tctx,
2628                                  (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2629                                  DS_DNS_FOREST_ROOT,
2630                                  "DsRGetDCNameEx2");
2631
2632         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2633         r.in.client_account     = NULL;
2634         r.in.mask               = 0x00000000;
2635         r.in.domain_name        = lpcfg_dnsdomain(tctx->lp_ctx);
2636         r.in.domain_guid        = NULL;
2637         r.in.site_name          = NULL;
2638         r.in.flags              = DS_RETURN_DNS_NAME;
2639         r.out.info              = &info;
2640
2641         torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n");
2642
2643         status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2644         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2645         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2646
2647         r.in.domain_name        = lpcfg_workgroup(tctx->lp_ctx);
2648         r.in.flags              = 0;
2649
2650         status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2651         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2652         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2653
2654         torture_assert_int_equal(tctx,
2655                                  (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
2656                                  "DsRGetDCNameEx2");
2657         torture_assert_int_equal(tctx,
2658                                  (info->dc_flags & (DS_DNS_DOMAIN)), 0,
2659                                  "DsRGetDCNameEx2");
2660         torture_assert_int_equal(tctx,
2661                                  (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2662                                  DS_DNS_FOREST_ROOT,
2663                                  "DsRGetDCNameEx2");
2664
2665         if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
2666                 torture_assert_int_equal(tctx,
2667                                          (info->dc_flags & (DS_SERVER_CLOSEST)),
2668                                          DS_SERVER_CLOSEST,
2669                                          "DsRGetDCNameEx2");
2670         }
2671
2672         torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client account\n");
2673         r.in.client_account     = TEST_MACHINE_NAME"$";
2674         r.in.mask               = ACB_SVRTRUST;
2675         r.in.flags              = DS_RETURN_FLAT_NAME;
2676         r.out.info              = &info;
2677
2678         status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2679         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2680         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2681
2682         return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2683                                         info->dc_site_name);
2684 }
2685
2686 /* This is a substitution for "samdb_server_site_name" which relies on the
2687  * correct "lp_ctx" and therefore can't be used here. */
2688 static const char *server_site_name(struct torture_context *tctx,
2689                                     struct ldb_context *ldb)
2690 {
2691         TALLOC_CTX *tmp_ctx;
2692         struct ldb_dn *dn, *server_dn;
2693         const struct ldb_val *site_name_val;
2694         const char *server_dn_str, *site_name;
2695
2696         tmp_ctx = talloc_new(ldb);
2697         if (tmp_ctx == NULL) {
2698                 goto failed;
2699         }
2700
2701         dn = ldb_dn_new(tmp_ctx, ldb, "");
2702         if (dn == NULL) {
2703                 goto failed;
2704         }
2705
2706         server_dn_str = samdb_search_string(ldb, tmp_ctx, dn, "serverName",
2707                                             NULL);
2708         if (server_dn_str == NULL) {
2709                 goto failed;
2710         }
2711
2712         server_dn = ldb_dn_new(tmp_ctx, ldb, server_dn_str);
2713         if (server_dn == NULL) {
2714                 goto failed;
2715         }
2716
2717         /* CN=<Server name>, CN=Servers, CN=<Site name>, CN=Sites, ... */
2718         site_name_val = ldb_dn_get_component_val(server_dn, 2);
2719         if (site_name_val == NULL) {
2720                 goto failed;
2721         }
2722
2723         site_name = (const char *) site_name_val->data;
2724
2725         talloc_steal(tctx, site_name);
2726         talloc_free(tmp_ctx);
2727
2728         return site_name;
2729
2730 failed:
2731         talloc_free(tmp_ctx);
2732         return NULL;
2733 }
2734
2735 static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx,
2736                                             struct dcerpc_pipe *p)
2737 {
2738         char *url;
2739         struct ldb_context *sam_ctx = NULL;
2740         NTSTATUS status;
2741         struct netr_DsrGetDcSiteCoverageW r;
2742         struct DcSitesCtr *ctr = NULL;
2743         struct dcerpc_binding_handle *b = p->binding_handle;
2744
2745         torture_comment(tctx, "This does only pass with the default site\n");
2746
2747         /* We won't double-check this when we are over 'local' transports */
2748         if (dcerpc_server_name(p)) {
2749                 /* Set up connection to SAMDB on DC */
2750                 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2751                 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2752                                            NULL,
2753                                            cmdline_credentials,
2754                                            0);
2755
2756                 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2757         }
2758
2759         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2760         r.out.ctr = &ctr;
2761
2762         status = dcerpc_netr_DsrGetDcSiteCoverageW_r(b, tctx, &r);
2763         torture_assert_ntstatus_ok(tctx, status, "failed");
2764         torture_assert_werr_ok(tctx, r.out.result, "failed");
2765
2766         torture_assert(tctx, ctr->num_sites == 1,
2767                        "we should per default only get the default site");
2768         if (sam_ctx != NULL) {
2769                 torture_assert_casestr_equal(tctx, ctr->sites[0].string,
2770                                              server_site_name(tctx, sam_ctx),
2771                                              "didn't return default site");
2772         }
2773
2774         return true;
2775 }
2776
2777 static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
2778                                              struct dcerpc_pipe *p)
2779 {
2780         char *url;
2781         struct ldb_context *sam_ctx = NULL;
2782         NTSTATUS status;
2783         struct netr_DsRAddressToSitenamesW r;
2784         struct netr_DsRAddress addrs[6];
2785         struct sockaddr_in *addr;
2786 #ifdef HAVE_IPV6
2787         struct sockaddr_in6 *addr6;
2788 #endif
2789         struct netr_DsRAddressToSitenamesWCtr *ctr;
2790         struct dcerpc_binding_handle *b = p->binding_handle;
2791         uint32_t i;
2792         int ret;
2793
2794         torture_comment(tctx, "This does only pass with the default site\n");
2795
2796         /* We won't double-check this when we are over 'local' transports */
2797         if (dcerpc_server_name(p)) {
2798                 /* Set up connection to SAMDB on DC */
2799                 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2800                 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2801                                            NULL,
2802                                            cmdline_credentials,
2803                                            0);
2804
2805                 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2806         }
2807
2808         /* First try valid IP addresses */
2809
2810         addrs[0].size = sizeof(struct sockaddr_in);
2811         addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2812         addr = (struct sockaddr_in *) addrs[0].buffer;
2813         addrs[0].buffer[0] = AF_INET;
2814         ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2815         torture_assert(tctx, ret > 0, "inet_pton failed");
2816
2817         addrs[1].size = sizeof(struct sockaddr_in);
2818         addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2819         addr = (struct sockaddr_in *) addrs[1].buffer;
2820         addrs[1].buffer[0] = AF_INET;
2821         ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2822         torture_assert(tctx, ret > 0, "inet_pton failed");
2823
2824         addrs[2].size = sizeof(struct sockaddr_in);
2825         addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2826         addr = (struct sockaddr_in *) addrs[2].buffer;
2827         addrs[2].buffer[0] = AF_INET;
2828         ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2829         torture_assert(tctx, ret > 0, "inet_pton failed");
2830
2831 #ifdef HAVE_IPV6
2832         addrs[3].size = sizeof(struct sockaddr_in6);
2833         addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2834         addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2835         addrs[3].buffer[0] = AF_INET6;
2836         ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2837         torture_assert(tctx, ret > 0, "inet_pton failed");
2838
2839         addrs[4].size = sizeof(struct sockaddr_in6);
2840         addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2841         addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2842         addrs[4].buffer[0] = AF_INET6;
2843         ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2844         torture_assert(tctx, ret > 0, "inet_pton failed");
2845
2846         addrs[5].size = sizeof(struct sockaddr_in6);
2847         addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2848         addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2849         addrs[5].buffer[0] = AF_INET6;
2850         ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2851         torture_assert(tctx, ret > 0, "inet_pton failed");
2852 #else
2853         /* the test cases are repeated to have exactly 6. This is for
2854          * compatibility with IPv4-only machines */
2855         addrs[3].size = sizeof(struct sockaddr_in);
2856         addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2857         addr = (struct sockaddr_in *) addrs[3].buffer;
2858         addrs[3].buffer[0] = AF_INET;
2859         ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2860         torture_assert(tctx, ret > 0, "inet_pton failed");
2861
2862         addrs[4].size = sizeof(struct sockaddr_in);
2863         addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2864         addr = (struct sockaddr_in *) addrs[4].buffer;
2865         addrs[4].buffer[0] = AF_INET;
2866         ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2867         torture_assert(tctx, ret > 0, "inet_pton failed");
2868
2869         addrs[5].size = sizeof(struct sockaddr_in);
2870         addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2871         addr = (struct sockaddr_in *) addrs[5].buffer;
2872         addrs[5].buffer[0] = AF_INET;
2873         ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2874         torture_assert(tctx, ret > 0, "inet_pton failed");
2875 #endif
2876
2877         ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
2878
2879         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2880         r.in.count = 6;
2881         r.in.addresses = addrs;
2882         r.out.ctr = &ctr;
2883
2884         status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2885         torture_assert_ntstatus_ok(tctx, status, "failed");
2886         torture_assert_werr_ok(tctx, r.out.result, "failed");
2887
2888         if (sam_ctx != NULL) {
2889                 for (i = 0; i < 3; i++) {
2890                         torture_assert_casestr_equal(tctx,
2891                                                      ctr->sitename[i].string,
2892                                                      server_site_name(tctx, sam_ctx),
2893                                                      "didn't return default site");
2894                 }
2895                 for (i = 3; i < 6; i++) {
2896                         /* Windows returns "NULL" for the sitename if it isn't
2897                          * IPv6 configured */
2898                         if (torture_setting_bool(tctx, "samba4", false)) {
2899                                 torture_assert_casestr_equal(tctx,
2900                                                              ctr->sitename[i].string,
2901                                                              server_site_name(tctx, sam_ctx),
2902                                                              "didn't return default site");
2903                         }
2904                 }
2905         }
2906
2907         /* Now try invalid ones (too short buffers) */
2908
2909         addrs[0].size = 0;
2910         addrs[1].size = 1;
2911         addrs[2].size = 4;
2912
2913         addrs[3].size = 0;
2914         addrs[4].size = 1;
2915         addrs[5].size = 4;
2916
2917         status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2918         torture_assert_ntstatus_ok(tctx, status, "failed");
2919         torture_assert_werr_ok(tctx, r.out.result, "failed");
2920
2921         for (i = 0; i < 6; i++) {
2922                 torture_assert(tctx, ctr->sitename[i].string == NULL,
2923                                "sitename should be null");
2924         }
2925
2926         /* Now try invalid ones (wrong address types) */
2927
2928         addrs[0].size = 10;
2929         addrs[0].buffer[0] = AF_UNSPEC;
2930         addrs[1].size = 10;
2931         addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2932         addrs[2].size = 10;
2933         addrs[2].buffer[0] = AF_UNIX;
2934
2935         addrs[3].size = 10;
2936         addrs[3].buffer[0] = 250;
2937         addrs[4].size = 10;
2938         addrs[4].buffer[0] = 251;
2939         addrs[5].size = 10;
2940         addrs[5].buffer[0] = 252;
2941
2942         status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2943         torture_assert_ntstatus_ok(tctx, status, "failed");
2944         torture_assert_werr_ok(tctx, r.out.result, "failed");
2945
2946         for (i = 0; i < 6; i++) {
2947                 torture_assert(tctx, ctr->sitename[i].string == NULL,
2948                                "sitename should be null");
2949         }
2950
2951         return true;
2952 }
2953
2954 static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
2955                                                struct dcerpc_pipe *p)
2956 {
2957         char *url;
2958         struct ldb_context *sam_ctx = NULL;
2959         NTSTATUS status;
2960         struct netr_DsRAddressToSitenamesExW r;
2961         struct netr_DsRAddress addrs[6];
2962         struct sockaddr_in *addr;
2963 #ifdef HAVE_IPV6
2964         struct sockaddr_in6 *addr6;
2965 #endif
2966         struct netr_DsRAddressToSitenamesExWCtr *ctr;
2967         struct dcerpc_binding_handle *b = p->binding_handle;
2968         uint32_t i;
2969         int ret;
2970
2971         torture_comment(tctx, "This does pass with the default site\n");
2972
2973         /* We won't double-check this when we are over 'local' transports */
2974         if (dcerpc_server_name(p)) {
2975                 /* Set up connection to SAMDB on DC */
2976                 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2977                 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2978                                            NULL,
2979                                            cmdline_credentials,
2980                                            0);
2981
2982                 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2983         }
2984
2985         /* First try valid IP addresses */
2986
2987         addrs[0].size = sizeof(struct sockaddr_in);
2988         addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2989         addr = (struct sockaddr_in *) addrs[0].buffer;
2990         addrs[0].buffer[0] = AF_INET;
2991         ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2992         torture_assert(tctx, ret > 0, "inet_pton failed");
2993
2994         addrs[1].size = sizeof(struct sockaddr_in);
2995         addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2996         addr = (struct sockaddr_in *) addrs[1].buffer;
2997         addrs[1].buffer[0] = AF_INET;
2998         ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2999         torture_assert(tctx, ret > 0, "inet_pton failed");
3000
3001         addrs[2].size = sizeof(struct sockaddr_in);
3002         addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
3003         addr = (struct sockaddr_in *) addrs[2].buffer;
3004         addrs[2].buffer[0] = AF_INET;
3005         ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
3006         torture_assert(tctx, ret > 0, "inet_pton failed");
3007
3008 #ifdef HAVE_IPV6
3009         addrs[3].size = sizeof(struct sockaddr_in6);
3010         addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
3011         addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
3012         addrs[3].buffer[0] = AF_INET6;
3013         ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
3014         torture_assert(tctx, ret > 0, "inet_pton failed");
3015
3016         addrs[4].size = sizeof(struct sockaddr_in6);
3017         addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
3018         addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
3019         addrs[4].buffer[0] = AF_INET6;
3020         ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
3021         torture_assert(tctx, ret > 0, "inet_pton failed");
3022
3023         addrs[5].size = sizeof(struct sockaddr_in6);
3024         addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
3025         addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
3026         addrs[5].buffer[0] = AF_INET6;
3027         ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
3028         torture_assert(tctx, ret > 0, "inet_pton failed");
3029 #else
3030         /* the test cases are repeated to have exactly 6. This is for
3031          * compatibility with IPv4-only machines */
3032         addrs[3].size = sizeof(struct sockaddr_in);
3033         addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
3034         addr = (struct sockaddr_in *) addrs[3].buffer;
3035         addrs[3].buffer[0] = AF_INET;
3036         ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
3037         torture_assert(tctx, ret > 0, "inet_pton failed");
3038
3039         addrs[4].size = sizeof(struct sockaddr_in);
3040         addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
3041         addr = (struct sockaddr_in *) addrs[4].buffer;
3042         addrs[4].buffer[0] = AF_INET;
3043         ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
3044         torture_assert(tctx, ret > 0, "inet_pton failed");
3045
3046         addrs[5].size = sizeof(struct sockaddr_in);
3047         addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
3048         addr = (struct sockaddr_in *) addrs[5].buffer;
3049         addrs[5].buffer[0] = AF_INET;
3050         ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
3051         torture_assert(tctx, ret > 0, "inet_pton failed");
3052 #endif
3053
3054         ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
3055
3056         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3057         r.in.count = 6;
3058         r.in.addresses = addrs;
3059         r.out.ctr = &ctr;
3060
3061         status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
3062         torture_assert_ntstatus_ok(tctx, status, "failed");
3063         torture_assert_werr_ok(tctx, r.out.result, "failed");
3064
3065         if (sam_ctx != NULL) {
3066                 for (i = 0; i < 3; i++) {
3067                         torture_assert_casestr_equal(tctx,
3068                                                      ctr->sitename[i].string,
3069                                                      server_site_name(tctx, sam_ctx),
3070                                                      "didn't return default site");
3071                         torture_assert(tctx, ctr->subnetname[i].string == NULL,
3072                                        "subnet should be null");
3073                 }
3074                 for (i = 3; i < 6; i++) {
3075                         /* Windows returns "NULL" for the sitename if it isn't
3076                          * IPv6 configured */
3077                         if (torture_setting_bool(tctx, "samba4", false)) {
3078                                 torture_assert_casestr_equal(tctx,
3079                                                              ctr->sitename[i].string,
3080                                                              server_site_name(tctx, sam_ctx),
3081                                                              "didn't return default site");
3082                         }
3083                         torture_assert(tctx, ctr->subnetname[i].string == NULL,
3084                                        "subnet should be null");
3085                 }
3086         }
3087
3088         /* Now try invalid ones (too short buffers) */
3089
3090         addrs[0].size = 0;
3091         addrs[1].size = 1;
3092         addrs[2].size = 4;
3093
3094         addrs[3].size = 0;
3095         addrs[4].size = 1;
3096         addrs[5].size = 4;
3097
3098         status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
3099         torture_assert_ntstatus_ok(tctx, status, "failed");
3100         torture_assert_werr_ok(tctx, r.out.result, "failed");
3101
3102         for (i = 0; i < 6; i++) {
3103                 torture_assert(tctx, ctr->sitename[i].string == NULL,
3104                                "sitename should be null");
3105                 torture_assert(tctx, ctr->subnetname[i].string == NULL,
3106                                "subnet should be null");
3107         }
3108
3109         addrs[0].size = 10;
3110         addrs[0].buffer[0] = AF_UNSPEC;
3111         addrs[1].size = 10;
3112         addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
3113         addrs[2].size = 10;
3114         addrs[2].buffer[0] = AF_UNIX;
3115
3116         addrs[3].size = 10;
3117         addrs[3].buffer[0] = 250;
3118         addrs[4].size = 10;
3119         addrs[4].buffer[0] = 251;
3120         addrs[5].size = 10;
3121         addrs[5].buffer[0] = 252;
3122
3123         status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
3124         torture_assert_ntstatus_ok(tctx, status, "failed");
3125         torture_assert_werr_ok(tctx, r.out.result, "failed");
3126
3127         for (i = 0; i < 6; i++) {
3128                 torture_assert(tctx, ctr->sitename[i].string == NULL,
3129                                "sitename should be null");
3130                 torture_assert(tctx, ctr->subnetname[i].string == NULL,
3131                                "subnet should be null");
3132         }
3133
3134         return true;
3135 }
3136
3137 static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx,
3138                                          struct dcerpc_pipe *p,
3139                                          struct cli_credentials *machine_credentials)
3140 {
3141         struct netr_ServerGetTrustInfo r;
3142
3143         struct netr_Authenticator a;
3144         struct netr_Authenticator return_authenticator;
3145         struct samr_Password new_owf_password;
3146         struct samr_Password old_owf_password;
3147         struct netr_TrustInfo *trust_info;
3148
3149         struct netlogon_creds_CredentialState *creds;
3150         struct dcerpc_binding_handle *b = p->binding_handle;
3151
3152         if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3153                                     machine_credentials, &creds)) {
3154                 return false;
3155         }
3156
3157         netlogon_creds_client_authenticator(creds, &a);
3158
3159         r.in.server_name                = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3160         r.in.account_name               = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
3161         r.in.secure_channel_type        = cli_credentials_get_secure_channel_type(machine_credentials);
3162         r.in.computer_name              = TEST_MACHINE_NAME;
3163         r.in.credential                 = &a;
3164
3165         r.out.return_authenticator      = &return_authenticator;
3166         r.out.new_owf_password          = &new_owf_password;
3167         r.out.old_owf_password          = &old_owf_password;
3168         r.out.trust_info                = &trust_info;
3169
3170         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerGetTrustInfo_r(b, tctx, &r),
3171                 "ServerGetTrustInfo failed");
3172         torture_assert_ntstatus_ok(tctx, r.out.result, "ServerGetTrustInfo failed");
3173         torture_assert(tctx, netlogon_creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed");
3174
3175         return true;
3176 }
3177
3178
3179 static bool test_GetDomainInfo(struct torture_context *tctx,
3180                                struct dcerpc_pipe *p,
3181                                struct cli_credentials *machine_credentials)
3182 {
3183         struct netr_LogonGetDomainInfo r;
3184         struct netr_WorkstationInformation q1;
3185         struct netr_Authenticator a;
3186         struct netlogon_creds_CredentialState *creds;
3187         struct netr_OsVersion os;
3188         union netr_WorkstationInfo query;
3189         union netr_DomainInfo info;
3190         const char* const attrs[] = { "dNSHostName", "operatingSystem",
3191                 "operatingSystemServicePack", "operatingSystemVersion",
3192                 "servicePrincipalName", NULL };
3193         char *url;
3194         struct ldb_context *sam_ctx = NULL;
3195         struct ldb_message **res;
3196         struct ldb_message_element *spn_el;
3197         int ret, i;
3198         char *version_str;
3199         const char *old_dnsname = NULL;
3200         char **spns = NULL;
3201         int num_spns = 0;
3202         char *temp_str;
3203         struct dcerpc_binding_handle *b = p->binding_handle;
3204
3205         torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
3206
3207         if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3208                                     machine_credentials, &creds)) {
3209                 return false;
3210         }
3211
3212         /* We won't double-check this when we are over 'local' transports */
3213         if (dcerpc_server_name(p)) {
3214                 /* Set up connection to SAMDB on DC */
3215                 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
3216                 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
3217                                            NULL,
3218                                            cmdline_credentials,
3219                                            0);
3220
3221                 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
3222         }
3223
3224         torture_comment(tctx, "Testing netr_LogonGetDomainInfo 1st call (no variation of DNS hostname)\n");
3225         netlogon_creds_client_authenticator(creds, &a);
3226
3227         ZERO_STRUCT(r);
3228         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3229         r.in.computer_name = TEST_MACHINE_NAME;
3230         r.in.credential = &a;
3231         r.in.level = 1;
3232         r.in.return_authenticator = &a;
3233         r.in.query = &query;
3234         r.out.return_authenticator = &a;
3235         r.out.info = &info;
3236
3237         ZERO_STRUCT(os);
3238         os.os.MajorVersion = 123;
3239         os.os.MinorVersion = 456;
3240         os.os.BuildNumber = 789;
3241         os.os.CSDVersion = "Service Pack 10";
3242         os.os.ServicePackMajor = 10;
3243         os.os.ServicePackMinor = 1;
3244         os.os.SuiteMask = NETR_VER_SUITE_SINGLEUSERTS;
3245         os.os.ProductType = NETR_VER_NT_SERVER;
3246         os.os.Reserved = 0;
3247
3248         version_str = talloc_asprintf(tctx, "%d.%d (%d)", os.os.MajorVersion,
3249                 os.os.MinorVersion, os.os.BuildNumber);
3250
3251         ZERO_STRUCT(q1);
3252         q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3253                 lpcfg_dnsdomain(tctx->lp_ctx));
3254         q1.sitename = "Default-First-Site-Name";
3255         q1.os_version.os = &os;
3256         q1.os_name.string = talloc_asprintf(tctx,
3257                                             "Tortured by Samba4 RPC-NETLOGON: %s",
3258                                             timestring(tctx, time(NULL)));
3259
3260         /* The workstation handles the "servicePrincipalName" and DNS hostname
3261            updates */
3262         q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3263
3264         query.workstation_info = &q1;
3265
3266         if (sam_ctx) {
3267                 /* Gets back the old DNS hostname in AD */
3268                 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3269                                    "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3270                 old_dnsname =
3271                         ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL);
3272
3273                 /* Gets back the "servicePrincipalName"s in AD */
3274                 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3275                 if (spn_el != NULL) {
3276                         for (i=0; i < spn_el->num_values; i++) {
3277                                 spns = talloc_realloc(tctx, spns, char *, i + 1);
3278                                 spns[i] = (char *) spn_el->values[i].data;
3279                         }
3280                         num_spns = i;
3281                 }
3282         }
3283
3284         torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3285                 "LogonGetDomainInfo failed");
3286         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3287         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3288
3289         smb_msleep(250);
3290
3291         if (sam_ctx) {
3292                 /* AD workstation infos entry check */
3293                 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3294                                    "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3295                 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3296                 torture_assert_str_equal(tctx,
3297                                          ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3298                                          q1.os_name.string, "'operatingSystem' wrong!");
3299                 torture_assert_str_equal(tctx,
3300                                          ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL),
3301                                          os.os.CSDVersion, "'operatingSystemServicePack' wrong!");
3302                 torture_assert_str_equal(tctx,
3303                                          ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL),
3304                                          version_str, "'operatingSystemVersion' wrong!");
3305
3306                 if (old_dnsname != NULL) {
3307                         /* If before a DNS hostname was set then it should remain
3308                            the same in combination with the "servicePrincipalName"s.
3309                            The DNS hostname should also be returned by our
3310                            "LogonGetDomainInfo" call (in the domain info structure). */
3311
3312                         torture_assert_str_equal(tctx,
3313                                                  ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3314                                                  old_dnsname, "'DNS hostname' was not set!");
3315
3316                         spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3317                         torture_assert(tctx, ((spns != NULL) && (spn_el != NULL)),
3318                                        "'servicePrincipalName's not set!");
3319                         torture_assert(tctx, spn_el->num_values == num_spns,
3320                                        "'servicePrincipalName's incorrect!");
3321                         for (i=0; (i < spn_el->num_values) && (i < num_spns); i++)
3322                                 torture_assert_str_equal(tctx,
3323                                                          (char *) spn_el->values[i].data,
3324                                 spns[i], "'servicePrincipalName's incorrect!");
3325
3326                         torture_assert_str_equal(tctx,
3327                                                  info.domain_info->dns_hostname.string,
3328                                                  old_dnsname,
3329                                                  "Out 'DNS hostname' doesn't match the old one!");
3330                 } else {
3331                         /* If no DNS hostname was set then also now none should be set,
3332                            the "servicePrincipalName"s should remain empty and no DNS
3333                            hostname should be returned by our "LogonGetDomainInfo"
3334                            call (in the domain info structure). */
3335
3336                         torture_assert(tctx,
3337                                        ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL) == NULL,
3338                                        "'DNS hostname' was set!");
3339
3340                         spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3341                         torture_assert(tctx, ((spns == NULL) && (spn_el == NULL)),
3342                                        "'servicePrincipalName's were set!");
3343
3344                         torture_assert(tctx,
3345                                        info.domain_info->dns_hostname.string == NULL,
3346                                        "Out 'DNS host name' was set!");
3347                 }
3348         }
3349
3350         /* Checks "workstation flags" */
3351         torture_assert(tctx,
3352                 info.domain_info->workstation_flags
3353                 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3354                 "Out 'workstation flags' don't match!");
3355
3356
3357         torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call (variation of DNS hostname doesn't work)\n");
3358         netlogon_creds_client_authenticator(creds, &a);
3359
3360         /* Wipe out the osVersion, and prove which values still 'stick' */
3361         q1.os_version.os = NULL;
3362
3363         /* Change also the DNS hostname to test differences in behaviour */
3364         talloc_free(discard_const_p(char, q1.dns_hostname));
3365         q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3366                 lpcfg_dnsdomain(tctx->lp_ctx));
3367
3368         /* The workstation handles the "servicePrincipalName" and DNS hostname
3369            updates */
3370         q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3371
3372         torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3373                 "LogonGetDomainInfo failed");
3374         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3375
3376         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3377
3378         smb_msleep(250);
3379
3380         if (sam_ctx) {
3381                 /* AD workstation infos entry check */
3382                 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3383                                    "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3384                 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3385
3386                 torture_assert_str_equal(tctx,
3387                                          ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3388                                          q1.os_name.string, "'operatingSystem' should stick!");
3389                 torture_assert(tctx,
3390                                ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3391                                "'operatingSystemServicePack' shouldn't stick!");
3392                 torture_assert(tctx,
3393                                ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3394                                "'operatingSystemVersion' shouldn't stick!");
3395
3396                 /* The DNS host name shouldn't have been updated by the server */
3397
3398                 torture_assert_str_equal(tctx,
3399                                          ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3400                                          old_dnsname, "'DNS host name' did change!");
3401
3402                 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3403                    updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3404                    3.5.4.3.9 */
3405                 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3406                 torture_assert(tctx, spn_el != NULL,
3407                                "There should exist 'servicePrincipalName's in AD!");
3408                 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3409                 for (i=0; i < spn_el->num_values; i++)
3410                         if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3411                                 break;
3412                 torture_assert(tctx, i != spn_el->num_values,
3413                                "'servicePrincipalName' HOST/<Netbios name> not found!");
3414                 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3415                 for (i=0; i < spn_el->num_values; i++)
3416                         if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3417                                 break;
3418                 torture_assert(tctx, i != spn_el->num_values,
3419                                "'servicePrincipalName' HOST/<FQDN name> not found!");
3420
3421                 /* Check that the out DNS hostname was set properly */
3422                 torture_assert_str_equal(tctx, info.domain_info->dns_hostname.string,
3423                                          old_dnsname, "Out 'DNS hostname' doesn't match the old one!");
3424         }
3425
3426         /* Checks "workstation flags" */
3427         torture_assert(tctx,
3428                 info.domain_info->workstation_flags == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3429                 "Out 'workstation flags' don't match!");
3430
3431
3432         /* Now try the same but the workstation flags set to 0 */
3433
3434         torture_comment(tctx, "Testing netr_LogonGetDomainInfo 3rd call (variation of DNS hostname doesn't work)\n");
3435         netlogon_creds_client_authenticator(creds, &a);
3436
3437         /* Change also the DNS hostname to test differences in behaviour */
3438         talloc_free(discard_const_p(char, q1.dns_hostname));
3439         q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3440                 lpcfg_dnsdomain(tctx->lp_ctx));
3441
3442         /* Wipe out the osVersion, and prove which values still 'stick' */
3443         q1.os_version.os = NULL;
3444
3445         /* Let the DC handle the "servicePrincipalName" and DNS hostname
3446            updates */
3447         q1.workstation_flags = 0;
3448
3449         torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3450                 "LogonGetDomainInfo failed");
3451         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3452         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3453
3454         smb_msleep(250);
3455
3456         if (sam_ctx) {
3457                 /* AD workstation infos entry check */
3458                 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3459                                    "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3460                 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3461
3462                 torture_assert_str_equal(tctx,
3463                                          ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3464                                          q1.os_name.string, "'operatingSystem' should stick!");
3465                 torture_assert(tctx,
3466                                ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3467                                "'operatingSystemServicePack' shouldn't stick!");
3468                 torture_assert(tctx,
3469                                ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3470                                "'operatingSystemVersion' shouldn't stick!");
3471
3472                 /* The DNS host name shouldn't have been updated by the server */
3473
3474                 torture_assert_str_equal(tctx,
3475                                          ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3476                                          old_dnsname, "'DNS host name' did change!");
3477
3478                 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3479                    updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3480                    3.5.4.3.9 */
3481                 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3482                 torture_assert(tctx, spn_el != NULL,
3483                                "There should exist 'servicePrincipalName's in AD!");
3484                 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3485                 for (i=0; i < spn_el->num_values; i++)
3486                         if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3487                                 break;
3488                 torture_assert(tctx, i != spn_el->num_values,
3489                                "'servicePrincipalName' HOST/<Netbios name> not found!");
3490                 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3491                 for (i=0; i < spn_el->num_values; i++)
3492                         if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3493                                 break;
3494                 torture_assert(tctx, i != spn_el->num_values,
3495                                "'servicePrincipalName' HOST/<FQDN name> not found!");
3496
3497                 /* Here the server gives us NULL as the out DNS hostname */
3498                 torture_assert(tctx, info.domain_info->dns_hostname.string == NULL,
3499                                "Out 'DNS hostname' should be NULL!");
3500         }
3501
3502         /* Checks "workstation flags" */
3503         torture_assert(tctx,
3504                 info.domain_info->workstation_flags == 0,
3505                 "Out 'workstation flags' don't match!");
3506
3507
3508         torture_comment(tctx, "Testing netr_LogonGetDomainInfo 4th call (verification of DNS hostname and check for trusted domains)\n");
3509         netlogon_creds_client_authenticator(creds, &a);
3510
3511         /* Put the DNS hostname back */
3512         talloc_free(discard_const_p(char, q1.dns_hostname));
3513         q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3514                 lpcfg_dnsdomain(tctx->lp_ctx));
3515
3516         /* The workstation handles the "servicePrincipalName" and DNS hostname
3517            updates */
3518         q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3519
3520         torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3521                 "LogonGetDomainInfo failed");
3522         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3523         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3524
3525         smb_msleep(250);
3526
3527         /* Now the in/out DNS hostnames should be the same */
3528         torture_assert_str_equal(tctx,
3529                 info.domain_info->dns_hostname.string,
3530                 query.workstation_info->dns_hostname,
3531                 "In/Out 'DNS hostnames' don't match!");
3532         old_dnsname = info.domain_info->dns_hostname.string;
3533
3534         /* Checks "workstation flags" */
3535         torture_assert(tctx,
3536                 info.domain_info->workstation_flags
3537                 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3538                 "Out 'workstation flags' don't match!");
3539
3540         /* Checks for trusted domains */
3541         torture_assert(tctx,
3542                 (info.domain_info->trusted_domain_count != 0)
3543                 && (info.domain_info->trusted_domains != NULL),
3544                 "Trusted domains have been requested!");
3545
3546
3547         torture_comment(tctx, "Testing netr_LogonGetDomainInfo 5th call (check for trusted domains)\n");
3548         netlogon_creds_client_authenticator(creds, &a);
3549
3550         /* The workstation handles the "servicePrincipalName" and DNS hostname
3551            updates and requests inbound trusts */
3552         q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
3553                 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS;
3554
3555         torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3556                 "LogonGetDomainInfo failed");
3557         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3558         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3559
3560         smb_msleep(250);
3561
3562         /* Checks "workstation flags" */
3563         torture_assert(tctx,
3564                 info.domain_info->workstation_flags
3565                 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
3566                         | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
3567                 "Out 'workstation flags' don't match!");
3568
3569         /* Checks for trusted domains */
3570         torture_assert(tctx,
3571                 (info.domain_info->trusted_domain_count != 0)
3572                 && (info.domain_info->trusted_domains != NULL),
3573                 "Trusted domains have been requested!");
3574
3575
3576         torture_comment(tctx, "Testing netr_LogonGetDomainInfo 6th call (no DNS hostname)\n");
3577         netlogon_creds_client_authenticator(creds, &a);
3578
3579         query.workstation_info->dns_hostname = NULL;
3580
3581         torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3582                 "LogonGetDomainInfo failed");
3583         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3584         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3585
3586         /* The old DNS hostname should stick */
3587         torture_assert_str_equal(tctx,
3588                 info.domain_info->dns_hostname.string,
3589                 old_dnsname,
3590                 "'DNS hostname' changed!");
3591
3592         torture_comment(tctx, "Testing netr_LogonGetDomainInfo 7th call (extra workstation flags)\n");
3593         netlogon_creds_client_authenticator(creds, &a);
3594
3595         q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
3596                 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS | 0x4;
3597
3598         /* Put the DNS hostname back */
3599         talloc_free(discard_const_p(char, q1.dns_hostname));
3600         q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3601                 lpcfg_dnsdomain(tctx->lp_ctx));
3602
3603         torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3604                 "LogonGetDomainInfo failed");
3605         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3606         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3607
3608         /* Checks "workstation flags" */
3609         torture_assert(tctx,
3610                 info.domain_info->workstation_flags
3611                 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
3612                         | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
3613                 "Out 'workstation flags' don't match!");
3614
3615         if (!torture_setting_bool(tctx, "dangerous", false)) {
3616                 torture_comment(tctx, "Not testing netr_LogonGetDomainInfo 8th call (no workstation info) - enable dangerous tests in order to do so\n");
3617         } else {
3618                 /* Try a call without the workstation information structure */
3619
3620                 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 8th call (no workstation info)\n");
3621                 netlogon_creds_client_authenticator(creds, &a);
3622
3623                 query.workstation_info = NULL;
3624
3625                 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3626                         "LogonGetDomainInfo failed");
3627                 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3628                 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3629         }
3630
3631         return true;
3632 }
3633
3634 static bool test_GetDomainInfo_async(struct torture_context *tctx,
3635                                      struct dcerpc_pipe *p,
3636                                      struct cli_credentials *machine_credentials)
3637 {
3638         NTSTATUS status;
3639         struct netr_LogonGetDomainInfo r;
3640         struct netr_WorkstationInformation q1;
3641         struct netr_Authenticator a;
3642 #define ASYNC_COUNT 100
3643         struct netlogon_creds_CredentialState *creds;
3644         struct netlogon_creds_CredentialState *creds_async[ASYNC_COUNT];
3645         struct tevent_req *req[ASYNC_COUNT];
3646         int i;
3647         union netr_WorkstationInfo query;
3648         union netr_DomainInfo info;
3649
3650         torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT);
3651
3652         if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3653                                     machine_credentials, &creds)) {
3654                 return false;
3655         }
3656
3657         ZERO_STRUCT(r);
3658         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3659         r.in.computer_name = TEST_MACHINE_NAME;
3660         r.in.credential = &a;
3661         r.in.level = 1;
3662         r.in.return_authenticator = &a;
3663         r.in.query = &query;
3664         r.out.return_authenticator = &a;
3665         r.out.info = &info;
3666
3667         ZERO_STRUCT(q1);
3668         q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3669                 lpcfg_dnsdomain(tctx->lp_ctx));
3670         q1.sitename = "Default-First-Site-Name";
3671         q1.os_name.string = "UNIX/Linux or similar";
3672
3673         query.workstation_info = &q1;
3674
3675         for (i=0;i<ASYNC_COUNT;i++) {
3676                 netlogon_creds_client_authenticator(creds, &a);
3677
3678                 creds_async[i] = (struct netlogon_creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds));
3679                 req[i] = dcerpc_netr_LogonGetDomainInfo_r_send(tctx, tctx->ev, p->binding_handle, &r);
3680
3681                 /* even with this flush per request a w2k3 server seems to
3682                    clag with multiple outstanding requests. bleergh. */
3683                 torture_assert_int_equal(tctx, tevent_loop_once(dcerpc_event_context(p)), 0,
3684                                          "tevent_loop_once failed");
3685         }
3686
3687         for (i=0;i<ASYNC_COUNT;i++) {
3688                 torture_assert_int_equal(tctx, tevent_req_poll(req[i], tctx->ev), true,
3689                                          "tevent_req_poll() failed");
3690
3691                 status = dcerpc_netr_LogonGetDomainInfo_r_recv(req[i], tctx);
3692
3693                 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async");
3694                 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async");
3695
3696                 torture_assert(tctx, netlogon_creds_client_check(creds_async[i], &a.cred),
3697                         "Credential chaining failed at async");
3698         }
3699
3700         torture_comment(tctx,
3701                         "Testing netr_LogonGetDomainInfo - async count %d OK\n", ASYNC_COUNT);
3702
3703         return true;
3704 }
3705
3706 static bool test_ManyGetDCName(struct torture_context *tctx,
3707                                struct dcerpc_pipe *p)
3708 {
3709         NTSTATUS status;
3710         struct dcerpc_pipe *p2;
3711         struct lsa_ObjectAttribute attr;
3712         struct lsa_QosInfo qos;
3713         struct lsa_OpenPolicy2 o;
3714         struct policy_handle lsa_handle;
3715         struct lsa_DomainList domains;
3716
3717         struct lsa_EnumTrustDom t;
3718         uint32_t resume_handle = 0;
3719         struct netr_GetAnyDCName d;
3720         const char *dcname = NULL;
3721         struct dcerpc_binding_handle *b = p->binding_handle;
3722         struct dcerpc_binding_handle *b2;
3723
3724         int i;
3725
3726         if (p->conn->transport.transport != NCACN_NP) {
3727                 return true;
3728         }
3729
3730         torture_comment(tctx, "Torturing GetDCName\n");
3731
3732         status = dcerpc_secondary_connection(p, &p2, p->binding);
3733         torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection");
3734
3735         status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc);
3736         torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection");
3737         b2 = p2->binding_handle;
3738
3739         qos.len = 0;
3740         qos.impersonation_level = 2;
3741         qos.context_mode = 1;
3742         qos.effective_only = 0;
3743
3744         attr.len = 0;
3745         attr.root_dir = NULL;
3746         attr.object_name = NULL;
3747         attr.attributes = 0;
3748         attr.sec_desc = NULL;
3749         attr.sec_qos = &qos;
3750
3751         o.in.system_name = "\\";
3752         o.in.attr = &attr;
3753         o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3754         o.out.handle = &lsa_handle;
3755
3756         torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenPolicy2_r(b2, tctx, &o),
3757                 "OpenPolicy2 failed");
3758         torture_assert_ntstatus_ok(tctx, o.out.result, "OpenPolicy2 failed");
3759
3760         t.in.handle = &lsa_handle;
3761         t.in.resume_handle = &resume_handle;
3762         t.in.max_size = 1000;
3763         t.out.domains = &domains;
3764         t.out.resume_handle = &resume_handle;
3765
3766         torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumTrustDom_r(b2, tctx, &t),
3767                 "EnumTrustDom failed");
3768
3769         if ((!NT_STATUS_IS_OK(t.out.result) &&
3770              (!NT_STATUS_EQUAL(t.out.result, NT_STATUS_NO_MORE_ENTRIES))))
3771                 torture_fail(tctx, "Could not list domains");
3772
3773         talloc_free(p2);
3774
3775         d.in.logon_server = talloc_asprintf(tctx, "\\\\%s",
3776                                             dcerpc_server_name(p));
3777         d.out.dcname = &dcname;
3778
3779         for (i=0; i<domains.count * 4; i++) {
3780                 struct lsa_DomainInfo *info =
3781                         &domains.domains[rand()%domains.count];
3782
3783                 d.in.domainname = info->name.string;
3784
3785                 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &d);
3786                 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
3787
3788                 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string,
3789                        dcname ? dcname : "unknown");
3790         }
3791
3792         return true;
3793 }
3794
3795 static bool test_SetPassword_with_flags(struct torture_context *tctx,
3796                                         struct dcerpc_pipe *p,
3797                                         struct cli_credentials *machine_credentials)
3798 {
3799         uint32_t flags[] = { 0, NETLOGON_NEG_STRONG_KEYS };
3800         struct netlogon_creds_CredentialState *creds;
3801         int i;
3802
3803         if (!test_SetupCredentials2(p, tctx, 0,
3804                                     machine_credentials,
3805                                     cli_credentials_get_secure_channel_type(machine_credentials),
3806                                     &creds)) {
3807                 torture_skip(tctx, "DC does not support negotiation of 64bit session keys");
3808         }
3809
3810         for (i=0; i < ARRAY_SIZE(flags); i++) {
3811                 torture_assert(tctx,
3812                         test_SetPassword_flags(tctx, p, machine_credentials, flags[i]),
3813                         talloc_asprintf(tctx, "failed to test SetPassword negotiating with 0x%08x flags", flags[i]));
3814         }
3815
3816         return true;
3817 }
3818
3819 struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
3820 {
3821         struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon");
3822         struct torture_rpc_tcase *tcase;
3823         struct torture_test *test;
3824
3825         tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3826                                                   &ndr_table_netlogon, TEST_MACHINE_NAME);
3827
3828         torture_rpc_tcase_add_test(tcase, "Broken RPC binding handle",
3829                                    test_netr_broken_binding_handle);
3830
3831         torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
3832         torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
3833         torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3834         torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3835         torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3836         torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword);
3837         torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords);
3838         torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo);
3839         torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync);
3840         torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas);
3841         torture_rpc_tcase_add_test_creds(tcase, "DatabaseRedo", test_DatabaseRedo);
3842         torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas);
3843         torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync);
3844         torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName);
3845         torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName);
3846         torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName);
3847         torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2);
3848         torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts);
3849         torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3850         torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx);
3851         test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async);
3852         test->dangerous = true;
3853         torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName);
3854         torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx);
3855         torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2);
3856         torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW);
3857         torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
3858         torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
3859         torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
3860         torture_rpc_tcase_add_test_creds(tcase, "GetForestTrustInformation", test_netr_GetForestTrustInformation);
3861
3862         return suite;
3863 }
3864
3865 struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
3866 {
3867         struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon-s3");
3868         struct torture_rpc_tcase *tcase;
3869
3870         tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3871                                                   &ndr_table_netlogon, TEST_MACHINE_NAME);
3872
3873         torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3874         torture_rpc_tcase_add_test_creds(tcase, "SamLogon_NULL_domain", test_SamLogon_NULL_domain);
3875         torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3876         torture_rpc_tcase_add_test_creds(tcase, "SetPassword_with_flags", test_SetPassword_with_flags);
3877         torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3878         torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3879
3880         return suite;
3881 }
3882
3883 struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx)
3884 {
3885         struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon.admin");
3886         struct torture_rpc_tcase *tcase;
3887
3888         tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3889                                                   &ndr_table_netlogon, TEST_MACHINE_NAME);
3890         torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3891         torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3892         torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3893
3894         tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "netlogon",
3895                                                   &ndr_table_netlogon, TEST_MACHINE_NAME);
3896         torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3897         torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3898         torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3899
3900         tcase = torture_suite_add_rpc_iface_tcase(suite, "netlogon",
3901                                                   &ndr_table_netlogon);
3902         torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3903         torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3904         torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3905
3906         return suite;
3907 }
Michael's Samba GIT