static bool test_NetrEnumerateComputerNames_level(struct torture_context *tctx,
struct dcerpc_pipe *p,
uint16_t level,
const char ***names,
int *num_names)
{
NTSTATUS status;
struct wkssvc_NetrEnumerateComputerNames r;
struct wkssvc_ComputerNamesCtr *ctr;
int i;
struct dcerpc_binding_handle *b = p->binding_handle;
ctr = talloc_zero(tctx, struct wkssvc_ComputerNamesCtr);
r.in.server_name = dcerpc_server_name(p);
r.in.name_type = level;
r.in.Reserved = 0;
r.out.ctr = &ctr;
torture_comment(tctx, "Testing NetrEnumerateComputerNames level %u\n",
r.in.name_type);
status = dcerpc_wkssvc_NetrEnumerateComputerNames_r(b, tctx, &r);
torture_assert_ntstatus_ok(tctx, status,
"NetrEnumerateComputerNames failed");
torture_assert_werr_ok(tctx, r.out.result,
"NetrEnumerateComputerNames failed");
if ((level == NetPrimaryComputerName) && ctr->count != 1) {
torture_comment(tctx,
"NetrEnumerateComputerNames did not return one "
"name but %u\n", ctr->count);
return false;
}
if (names && num_names) {
*num_names = 0;
*names = NULL;
for (i=0; i<ctr->count; i++) {
if (!add_string_to_array(tctx,
ctr->computer_name[i].string,
names,
num_names))
{
return false;
}
}
}
return true;
}
bool parse_logentry( TALLOC_CTX *mem_ctx, char *line, struct eventlog_Record_tdb *entry, bool * eor )
{
char *start = NULL, *stop = NULL;
start = line;
/* empty line signyfiying record delimeter, or we're at the end of the buffer */
if ( start == NULL || strlen( start ) == 0 ) {
DEBUG( 6,
( "parse_logentry: found end-of-record indicator.\n" ) );
*eor = True;
return True;
}
if ( !( stop = strchr( line, ':' ) ) ) {
return False;
}
DEBUG( 6, ( "parse_logentry: trying to parse [%s].\n", line ) );
if ( 0 == strncmp( start, "LEN", stop - start ) ) {
/* This will get recomputed later anyway -- probably not necessary */
entry->size = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "RS1", stop - start ) ) {
/* For now all these reserved entries seem to have the same value,
which can be hardcoded to int(1699505740) for now */
entry->reserved = talloc_strdup(mem_ctx, "eLfL");
} else if ( 0 == strncmp( start, "RCN", stop - start ) ) {
entry->record_number = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "TMG", stop - start ) ) {
entry->time_generated = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "TMW", stop - start ) ) {
entry->time_written = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "EID", stop - start ) ) {
entry->event_id = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "ETP", stop - start ) ) {
if ( strstr( start, "ERROR" ) ) {
entry->event_type = EVENTLOG_ERROR_TYPE;
} else if ( strstr( start, "WARNING" ) ) {
entry->event_type = EVENTLOG_WARNING_TYPE;
} else if ( strstr( start, "INFO" ) ) {
entry->event_type = EVENTLOG_INFORMATION_TYPE;
} else if ( strstr( start, "AUDIT_SUCCESS" ) ) {
entry->event_type = EVENTLOG_AUDIT_SUCCESS;
} else if ( strstr( start, "AUDIT_FAILURE" ) ) {
entry->event_type = EVENTLOG_AUDIT_FAILURE;
} else if ( strstr( start, "SUCCESS" ) ) {
entry->event_type = EVENTLOG_SUCCESS;
} else {
/* some other eventlog type -- currently not defined in MSDN docs, so error out */
return False;
}
}
/*
else if(0 == strncmp(start, "NST", stop - start))
{
entry->num_of_strings = atoi(stop + 1);
}
*/
else if ( 0 == strncmp( start, "ECT", stop - start ) ) {
entry->event_category = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "RS2", stop - start ) ) {
entry->reserved_flags = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "CRN", stop - start ) ) {
entry->closing_record_number = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "USL", stop - start ) ) {
entry->sid_length = atoi( stop + 1 );
} else if ( 0 == strncmp( start, "SRC", stop - start ) ) {
stop++;
while ( isspace( stop[0] ) ) {
stop++;
}
entry->source_name_len = strlen_m_term(stop);
entry->source_name = talloc_strdup(mem_ctx, stop);
if (entry->source_name_len == (uint32_t)-1 ||
entry->source_name == NULL) {
return false;
}
} else if ( 0 == strncmp( start, "SRN", stop - start ) ) {
stop++;
while ( isspace( stop[0] ) ) {
stop++;
}
entry->computer_name_len = strlen_m_term(stop);
entry->computer_name = talloc_strdup(mem_ctx, stop);
if (entry->computer_name_len == (uint32_t)-1 ||
entry->computer_name == NULL) {
return false;
}
} else if ( 0 == strncmp( start, "SID", stop - start ) ) {
smb_ucs2_t *dummy = NULL;
stop++;
while ( isspace( stop[0] ) ) {
stop++;
}
entry->sid_length = rpcstr_push_talloc(mem_ctx,
&dummy,
stop);
if (entry->sid_length == (uint32_t)-1) {
return false;
}
entry->sid = data_blob_talloc(mem_ctx, dummy, entry->sid_length);
if (entry->sid.data == NULL) {
return false;
}
} else if ( 0 == strncmp( start, "STR", stop - start ) ) {
size_t tmp_len;
int num_of_strings;
/* skip past initial ":" */
stop++;
/* now skip any other leading whitespace */
while ( isspace(stop[0])) {
stop++;
}
tmp_len = strlen_m_term(stop);
if (tmp_len == (size_t)-1) {
return false;
}
num_of_strings = entry->num_of_strings;
if (!add_string_to_array(mem_ctx, stop, &entry->strings,
&num_of_strings)) {
return false;
}
if (num_of_strings > 0xffff) {
return false;
}
entry->num_of_strings = num_of_strings;
entry->strings_len += tmp_len;
} else if ( 0 == strncmp( start, "DAT", stop - start ) ) {
/* skip past initial ":" */
stop++;
/* now skip any other leading whitespace */
while ( isspace( stop[0] ) ) {
stop++;
}
entry->data_length = strlen_m(stop);
entry->data = data_blob_talloc(mem_ctx, stop, entry->data_length);
if (!entry->data.data) {
return false;
}
} else {
/* some other eventlog entry -- not implemented, so dropping on the floor */
DEBUG( 10, ( "Unknown entry [%s]. Ignoring.\n", line ) );
/* For now return true so that we can keep on parsing this mess. Eventually
we will return False here. */
return true;
}
return true;
}