Ejemplo n.º 1
0
/**
   \details Create an asynchronous wait call

   This basically "parks" a call on the AsyncEMSMDB interface to allow
   asynchronous notification to the client of changes on the server.
   This call (probably) won't return immediately, but will return when
   the server makes a change, or 300 seconds (5 minutes) elapses. This
   call will then need to be re-queued if further change notifications
   are wanted.

   \param emsmdb_ctx pointer to the EMSMDB context
   \param flagsIn input flags (currently must be 0x00000000)
   \param flagsOut output flags (zero for a call completion with no changes, non-zero if there are changes)

   \return MAPI_E_SUCCESS on success, otherwise MAPI error
 */
enum MAPISTATUS emsmdb_async_waitex(struct emsmdb_context *emsmdb_ctx, uint32_t flagsIn, uint32_t *flagsOut)
{
	NTSTATUS			status;
	enum MAPISTATUS			retval;
	struct EcDoAsyncWaitEx		r;

	/* Sanity Checks */
	OPENCHANGE_RETVAL_IF(!emsmdb_ctx, MAPI_E_NOT_INITIALIZED, NULL);
	OPENCHANGE_RETVAL_IF(!(emsmdb_ctx->mem_ctx), MAPI_E_NOT_INITIALIZED, NULL);
	OPENCHANGE_RETVAL_IF(!(emsmdb_ctx->async_rpc_connection), MAPI_E_NOT_INITIALIZED, NULL);

	r.in.async_handle = &(emsmdb_ctx->async_handle);
	r.in.ulFlagsIn = flagsIn;
	r.out.pulFlagsOut = flagsOut;
	dcerpc_binding_handle_set_timeout(emsmdb_ctx->async_rpc_connection->binding_handle, 400);
	status = dcerpc_EcDoAsyncWaitEx_r(emsmdb_ctx->async_rpc_connection->binding_handle, emsmdb_ctx->mem_ctx, &r);
	retval = r.out.result;
	OPENCHANGE_RETVAL_IF(!NT_STATUS_IS_OK(status), retval, NULL);
	OPENCHANGE_RETVAL_IF(retval, retval, NULL);

	return MAPI_E_SUCCESS;
}
Ejemplo n.º 2
0
static WERROR cmd_witness_AsyncNotify(struct rpc_pipe_client *cli,
				      TALLOC_CTX *mem_ctx, int argc,
				      const char **argv)
{
	NTSTATUS status;
	WERROR result = WERR_OK;
	TALLOC_CTX *frame = talloc_stackframe();
	struct policy_handle hnd;
	struct witness_notifyResponse *response = NULL;
	uint32_t timeout;
	int i;

	use_only_one_rpc_pipe_hack(cli);

	if (argc != 2) {
		d_printf("%s <context_handle>\n", argv[0]);
		goto done;
	}

	if (!read_context_handle(argv[1], &hnd)) {
		result = WERR_INVALID_PARAMETER;
		goto done;
	}

	timeout = dcerpc_binding_handle_set_timeout(cli->binding_handle, UINT32_MAX);
	status = dcerpc_witness_AsyncNotify(cli->binding_handle, frame, hnd,
					    &response, &result);
	dcerpc_binding_handle_set_timeout(cli->binding_handle, timeout);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(0, ("dcerpc_witness_AsyncNotify failed, status: %s\n", nt_errstr(status)));
		result = ntstatus_to_werror(status);
		goto done;
	}
	if (!W_ERROR_IS_OK(result)) {
		DEBUG(0, ("dcerpc_witness_AsyncNotify failed, error: %s\n", win_errstr(result)));
		goto done;
	}

	if (response == NULL) {
		d_printf("Got an empty response\n");
		goto done;
	}

	switch(response->type) {
	case WITNESS_NOTIFY_RESOURCE_CHANGE:
		d_printf("Resource change");
		break;
	case WITNESS_NOTIFY_CLIENT_MOVE:
		d_printf("Client move");
		break;
	case WITNESS_NOTIFY_SHARE_MOVE:
		d_printf("Share move");
		break;
	case WITNESS_NOTIFY_IP_CHANGE:
		d_printf("IP change");
		break;
	default:
		d_printf("Unknown (0x%x)", (int)response->type);
	}
	d_printf(" with %d messages\n", response->num);

	for (i=0; i < response->num; i++) {
		print_notify_response(&response->messages[i], response->type);
	}
done:
	talloc_free(frame);
	return result;
}
Ejemplo n.º 3
0
static bool test_fsrvp_sc_create(struct torture_context *tctx,
				 struct dcerpc_pipe *p,
				 const char *share,
				 enum test_fsrvp_inject inject,
				 struct fssagent_share_mapping_1 **sc_map)
{
	struct fss_IsPathSupported r_pathsupport_get;
	struct fss_GetSupportedVersion r_version_get;
	struct fss_SetContext r_context_set;
	struct fss_StartShadowCopySet r_scset_start;
	struct fss_AddToShadowCopySet r_scset_add1;
	struct fss_AddToShadowCopySet r_scset_add2;
	struct fss_PrepareShadowCopySet r_scset_prep;
	struct fss_CommitShadowCopySet r_scset_commit;
	struct fss_ExposeShadowCopySet r_scset_expose;
	struct fss_GetShareMapping r_sharemap_get;
	struct dcerpc_binding_handle *b = p->binding_handle;
	NTSTATUS status;
	time_t start_time;
	TALLOC_CTX *tmp_ctx = talloc_new(tctx);
	struct fssagent_share_mapping_1 *map = NULL;
	int sleep_time;

	/*
	 * PrepareShadowCopySet & CommitShadowCopySet often exceed the default
	 * 60 second dcerpc request timeout against Windows Server "8" Beta.
	 */
	dcerpc_binding_handle_set_timeout(b, 240);

	ZERO_STRUCT(r_pathsupport_get);
	r_pathsupport_get.in.ShareName = share;
	status = dcerpc_fss_IsPathSupported_r(b, tmp_ctx, &r_pathsupport_get);
	torture_assert_ntstatus_ok(tctx, status,
				   "IsPathSupported failed");
	torture_assert_int_equal(tctx, r_pathsupport_get.out.result, 0,
				 "failed IsPathSupported response");
	torture_assert(tctx, r_pathsupport_get.out.SupportedByThisProvider,
		       "path not supported");

	ZERO_STRUCT(r_version_get);
	status = dcerpc_fss_GetSupportedVersion_r(b, tmp_ctx, &r_version_get);
	torture_assert_ntstatus_ok(tctx, status,
				   "GetSupportedVersion failed");
	torture_assert_int_equal(tctx, r_version_get.out.result, 0,
				 "failed GetSupportedVersion response");

	ZERO_STRUCT(r_context_set);
	r_context_set.in.Context = FSRVP_CTX_BACKUP;
	status = dcerpc_fss_SetContext_r(b, tmp_ctx, &r_context_set);
	torture_assert_ntstatus_ok(tctx, status, "SetContext failed");
	torture_assert_int_equal(tctx, r_context_set.out.result, 0,
				 "failed SetContext response");

	if (inject == TEST_FSRVP_TOUT_SET_CTX) {
		sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
					    "sequence timeout", 180);
		torture_comment(tctx, "sleeping for %d\n", sleep_time);
		smb_msleep((sleep_time * 1000) + 500);
	}

	ZERO_STRUCT(r_scset_start);
	r_scset_start.in.ClientShadowCopySetId = GUID_random();
	status = dcerpc_fss_StartShadowCopySet_r(b, tmp_ctx, &r_scset_start);
	torture_assert_ntstatus_ok(tctx, status,
				   "StartShadowCopySet failed");
	if (inject == TEST_FSRVP_TOUT_SET_CTX) {
		/* expect error due to message sequence timeout after set_ctx */
		torture_assert_int_equal(tctx, r_scset_start.out.result,
					 FSRVP_E_BAD_STATE,
					 "StartShadowCopySet timeout response");
		goto done;
	}
	torture_assert_int_equal(tctx, r_scset_start.out.result, 0,
				 "failed StartShadowCopySet response");
	torture_comment(tctx, "%s: shadow-copy set created\n",
			GUID_string(tmp_ctx, r_scset_start.out.pShadowCopySetId));

	if (inject == TEST_FSRVP_TOUT_START_SET) {
		sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
					    "sequence timeout", 180);
		torture_comment(tctx, "sleeping for %d\n", sleep_time);
		smb_msleep((sleep_time * 1000) + 500);
	}

	ZERO_STRUCT(r_scset_add1);
	r_scset_add1.in.ClientShadowCopyId = GUID_random();
	r_scset_add1.in.ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
	r_scset_add1.in.ShareName = share;
	status = dcerpc_fss_AddToShadowCopySet_r(b, tmp_ctx, &r_scset_add1);
	torture_assert_ntstatus_ok(tctx, status,
				   "AddToShadowCopySet failed");
	if (inject == TEST_FSRVP_TOUT_START_SET) {
		torture_assert_int_equal(tctx, r_scset_add1.out.result,
					 HRES_ERROR_V(HRES_E_INVALIDARG),
					 "AddToShadowCopySet timeout response");
		goto done;
	}
	torture_assert_int_equal(tctx, r_scset_add1.out.result, 0,
				 "failed AddToShadowCopySet response");
	torture_comment(tctx, "%s(%s): %s added to shadow-copy set\n",
			GUID_string(tmp_ctx, r_scset_start.out.pShadowCopySetId),
			GUID_string(tmp_ctx, r_scset_add1.out.pShadowCopyId),
			r_scset_add1.in.ShareName);

	/* attempts to add the same share twice should fail */
	ZERO_STRUCT(r_scset_add2);
	r_scset_add2.in.ClientShadowCopyId = GUID_random();
	r_scset_add2.in.ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
	r_scset_add2.in.ShareName = share;
	status = dcerpc_fss_AddToShadowCopySet_r(b, tmp_ctx, &r_scset_add2);
	torture_assert_ntstatus_ok(tctx, status,
				   "AddToShadowCopySet failed");
	torture_assert_int_equal(tctx, r_scset_add2.out.result,
				 FSRVP_E_OBJECT_ALREADY_EXISTS,
				 "failed AddToShadowCopySet response");

	if (inject == TEST_FSRVP_TOUT_ADD_TO_SET) {
		sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
					    "sequence timeout", 1800);
		torture_comment(tctx, "sleeping for %d\n", sleep_time);
		smb_msleep((sleep_time * 1000) + 500);
	}

	start_time = time_mono(NULL);
	ZERO_STRUCT(r_scset_prep);
	r_scset_prep.in.ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
//	r_scset_prep.in.TimeOutInMilliseconds = (1800 * 1000);	/* win8 */
	r_scset_prep.in.TimeOutInMilliseconds = (240 * 1000);
	status = dcerpc_fss_PrepareShadowCopySet_r(b, tmp_ctx, &r_scset_prep);
	torture_assert_ntstatus_ok(tctx, status,
				   "PrepareShadowCopySet failed");
	if (inject == TEST_FSRVP_TOUT_ADD_TO_SET) {
		torture_assert_int_equal(tctx, r_scset_prep.out.result,
					 HRES_ERROR_V(HRES_E_INVALIDARG),
					 "PrepareShadowCopySet tout response");
		goto done;
	}
	torture_assert_int_equal(tctx, r_scset_prep.out.result, 0,
				 "failed PrepareShadowCopySet response");
	torture_comment(tctx, "%s: prepare completed in %llu secs\n",
			GUID_string(tmp_ctx, r_scset_start.out.pShadowCopySetId),
			(unsigned long long)(time_mono(NULL) - start_time));

	if (inject == TEST_FSRVP_TOUT_PREPARE) {
		sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
					    "sequence timeout", 1800);
		torture_comment(tctx, "sleeping for %d\n", sleep_time);
		smb_msleep((sleep_time * 1000) + 500);
	}

	start_time = time_mono(NULL);
	ZERO_STRUCT(r_scset_commit);
	r_scset_commit.in.ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
	r_scset_commit.in.TimeOutInMilliseconds = (180 * 1000);	/* win8 */
	status = dcerpc_fss_CommitShadowCopySet_r(b, tmp_ctx, &r_scset_commit);
	torture_assert_ntstatus_ok(tctx, status,
				   "CommitShadowCopySet failed");
	if (inject == TEST_FSRVP_TOUT_PREPARE) {
		torture_assert_int_equal(tctx, r_scset_commit.out.result,
					 HRES_ERROR_V(HRES_E_INVALIDARG),
					 "CommitShadowCopySet tout response");
		goto done;
	}
	torture_assert_int_equal(tctx, r_scset_commit.out.result, 0,
				 "failed CommitShadowCopySet response");
	torture_comment(tctx, "%s: commit completed in %llu secs\n",
			GUID_string(tmp_ctx, r_scset_start.out.pShadowCopySetId),
			(unsigned long long)(time_mono(NULL) - start_time));

	if (inject == TEST_FSRVP_TOUT_COMMIT) {
		sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
					    "sequence timeout", 180);
		torture_comment(tctx, "sleeping for %d\n", sleep_time);
		smb_msleep((sleep_time * 1000) + 500);
	} else if (inject == TEST_FSRVP_STOP_B4_EXPOSE) {
		/* return partial snapshot information */
		map = talloc_zero(tctx, struct fssagent_share_mapping_1);
		map->ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
		map->ShadowCopyId = *r_scset_add1.out.pShadowCopyId;
		goto done;
	}
NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
					    TALLOC_CTX *mem_ctx,
					    const char *account_name,
					    const unsigned char orig_trust_passwd_hash[16],
					    const char *new_trust_pwd_cleartext,
					    const unsigned char new_trust_passwd_hash[16],
					    enum netr_SchannelType sec_channel_type)
{
	NTSTATUS result, status;
	struct netr_Authenticator clnt_creds, srv_cred;
	struct dcerpc_binding_handle *b = cli->binding_handle;

	if (!cli->dc) {
		uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
		result = rpccli_netlogon_setup_creds(cli,
						     cli->desthost, /* server name */
						     lp_workgroup(), /* domain */
						     lp_netbios_name(), /* client name */
						     account_name, /* machine account name */
						     orig_trust_passwd_hash,
						     sec_channel_type,
						     &neg_flags);
		if (!NT_STATUS_IS_OK(result)) {
			DEBUG(3,("rpccli_netlogon_set_trust_password: unable to setup creds (%s)!\n",
				 nt_errstr(result)));
			return result;
		}
	}

	netlogon_creds_client_authenticator(cli->dc, &clnt_creds);

	if (cli->dc->negotiate_flags & NETLOGON_NEG_PASSWORD_SET2) {

		struct netr_CryptPassword new_password;
		uint32_t old_timeout;

		init_netr_CryptPassword(new_trust_pwd_cleartext,
					cli->dc,
					&new_password);

		old_timeout = dcerpc_binding_handle_set_timeout(b, 600000);

		status = dcerpc_netr_ServerPasswordSet2(b, mem_ctx,
							cli->srv_name_slash,
							cli->dc->account_name,
							sec_channel_type,
							cli->dc->computer_name,
							&clnt_creds,
							&srv_cred,
							&new_password,
							&result);

		dcerpc_binding_handle_set_timeout(b, old_timeout);

		if (!NT_STATUS_IS_OK(status)) {
			DEBUG(0,("dcerpc_netr_ServerPasswordSet2 failed: %s\n",
				nt_errstr(status)));
			return status;
		}
	} else {

		struct samr_Password new_password;
		uint32_t old_timeout;

		memcpy(new_password.hash, new_trust_passwd_hash, sizeof(new_password.hash));
		netlogon_creds_des_encrypt(cli->dc, &new_password);

		old_timeout = dcerpc_binding_handle_set_timeout(b, 600000);

		status = dcerpc_netr_ServerPasswordSet(b, mem_ctx,
						       cli->srv_name_slash,
						       cli->dc->account_name,
						       sec_channel_type,
						       cli->dc->computer_name,
						       &clnt_creds,
						       &srv_cred,
						       &new_password,
						       &result);

		dcerpc_binding_handle_set_timeout(b, old_timeout);

		if (!NT_STATUS_IS_OK(status)) {
			DEBUG(0,("dcerpc_netr_ServerPasswordSet failed: %s\n",
				nt_errstr(status)));
			return status;
		}
	}

	/* Always check returned credentials. */
	if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
		DEBUG(0,("credentials chain check failed\n"));
		return NT_STATUS_ACCESS_DENIED;
	}

	if (!NT_STATUS_IS_OK(result)) {
		DEBUG(0,("dcerpc_netr_ServerPasswordSet{2} failed: %s\n",
			nt_errstr(result)));
		return result;
	}

	return result;
}