コード例 #1
0
ファイル: printing.c プロジェクト: Alexandr-Galko/samba
static bool print_printjob(struct torture_context *tctx,
			   struct smbcli_tree *tree)
{
	int fnum;
	DATA_BLOB data;
	ssize_t size_written;
	const char *str;

	torture_comment(tctx, "creating printjob %s\n", TORTURE_PRINT_FILE);

	fnum = smbcli_open(tree, TORTURE_PRINT_FILE, O_RDWR|O_CREAT|O_TRUNC, DENY_NONE);
	if (fnum == -1) {
		torture_fail(tctx, "failed to open file");
	}

	str = talloc_asprintf(tctx, "TortureTestPage: %d\nData\n",0);

	data = data_blob_string_const(str);

	size_written = smbcli_write(tree, fnum, 0, data.data, 0, data.length);
	if (size_written != data.length) {
		torture_fail(tctx, "failed to write file");
	}

	torture_assert_ntstatus_ok(tctx,
		smbcli_close(tree, fnum),
		"failed to close file");

	return true;
}
コード例 #2
0
ファイル: dlz_bind9.c プロジェクト: rchicoli/samba
static isc_result_t dlz_bind9_writeable_zone_hook(dns_view_t *view,
					   const char *zone_name)
{
	struct torture_context *tctx = talloc_get_type((void *)view, struct torture_context);
	struct ldb_context *samdb = samdb_connect_url(tctx, NULL, tctx->lp_ctx,
						      system_session(tctx->lp_ctx),
						      0, lpcfg_private_path(tctx, tctx->lp_ctx, "dns/sam.ldb"));
	struct ldb_message *msg;
	int ret;
	const char *attrs[] = {
		NULL
	};
	if (!samdb) {
		torture_fail(tctx, "Failed to connect to samdb");
		return ISC_R_FAILURE;
	}

	ret = dsdb_search_one(samdb, tctx, &msg, NULL,
			      LDB_SCOPE_SUBTREE, attrs, DSDB_SEARCH_SEARCH_ALL_PARTITIONS,
			      "(&(objectClass=dnsZone)(name=%s))", zone_name);
	if (ret != LDB_SUCCESS) {
		torture_fail(tctx, talloc_asprintf(tctx, "Failed to search for %s: %s", zone_name, ldb_errstring(samdb)));
		return ISC_R_FAILURE;
	}
	talloc_free(msg);

	return ISC_R_SUCCESS;
}
コード例 #3
0
ファイル: lsa_lookup.c プロジェクト: AIdrifter/samba
static bool get_downleveltrust(struct torture_context *tctx, struct dcerpc_binding_handle *b,
			       struct policy_handle *handle,
			       struct dom_sid **sid)
{
	struct lsa_EnumTrustDom r;
	uint32_t resume_handle = 0;
	struct lsa_DomainList domains;
	int i;

	r.in.handle = handle;
	r.in.resume_handle = &resume_handle;
	r.in.max_size = 1000;
	r.out.domains = &domains;
	r.out.resume_handle = &resume_handle;

	torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumTrustDom_r(b, tctx, &r),
		"EnumTrustDom failed");

	if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NO_MORE_ENTRIES))
		torture_fail(tctx, "no trusts");

	if (domains.count == 0) {
		torture_fail(tctx, "no trusts");
	}

	for (i=0; i<domains.count; i++) {
		struct lsa_QueryTrustedDomainInfoBySid q;
		union lsa_TrustedDomainInfo *info = NULL;

		if (domains.domains[i].sid == NULL)
			continue;

		q.in.handle = handle;
		q.in.dom_sid = domains.domains[i].sid;
		q.in.level = 6;
		q.out.info = &info;

		torture_assert_ntstatus_ok(tctx, dcerpc_lsa_QueryTrustedDomainInfoBySid_r(b, tctx, &q),
			"QueryTrustedDomainInfoBySid failed");
		if (!NT_STATUS_IS_OK(q.out.result)) continue;

		if ((info->info_ex.trust_direction & 2) &&
		    (info->info_ex.trust_type == 1)) {
			*sid = domains.domains[i].sid;
			return true;
		}
	}

	torture_fail(tctx, "I need a AD DC with an outgoing trust to NT4");
}
コード例 #4
0
ファイル: unix_info2.c プロジェクト: AIdrifter/samba
static struct smbcli_state *connect_to_server(struct torture_context *tctx)
{
	NTSTATUS status;
	struct smbcli_state *cli;

	const char *host = torture_setting_string(tctx, "host", NULL);
	const char *share = torture_setting_string(tctx, "share", NULL);
	struct smbcli_options options;
	struct smbcli_session_options session_options;

	lpcfg_smbcli_options(tctx->lp_ctx, &options);
	lpcfg_smbcli_session_options(tctx->lp_ctx, &session_options);

	status = smbcli_full_connection(tctx, &cli, host, 
					lpcfg_smb_ports(tctx->lp_ctx),
					share, NULL, lpcfg_socket_options(tctx->lp_ctx),
					cmdline_credentials, 
					lpcfg_resolve_context(tctx->lp_ctx),
					tctx->ev, &options, &session_options,
					lpcfg_gensec_settings(tctx, tctx->lp_ctx));

	if (!NT_STATUS_IS_OK(status)) {
		torture_comment(tctx, "failed to connect to //%s/%s: %s\n",
			       host, share, nt_errstr(status));
		torture_fail(tctx, "Failed to connect to server");
		return NULL;
	}

	return cli;
}
コード例 #5
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_EnumPrinterKey(struct torture_context *tctx,
				LPSTR servername,
				HANDLE handle,
				LPCSTR key)
{
	LPSTR buffer = NULL;
	DWORD needed = 0;
	DWORD err = 0;
	char tmp[1024];

	torture_comment(tctx, "Testing EnumPrinterKey(%s)", key);

	err = EnumPrinterKey(handle, key, NULL, 0, &needed);
	if (err == ERROR_MORE_DATA) {
		buffer = (LPTSTR)malloc(needed);
		torture_assert(tctx, buffer, "malloc failed");
		err = EnumPrinterKey(handle, key, buffer, needed, &needed);
	}
	if (err) {
		sprintf(tmp, "EnumPrinterKey(%s) failed on [%s] (buffer size = %d), error: %s\n",
			key, servername, needed, errstr(err));
		torture_fail(tctx, tmp);
	}

	if (tctx->print) {
		print_printer_keys(buffer);
	}

	free(buffer);

	return TRUE;
}
コード例 #6
0
ファイル: irpc.c プロジェクト: Alexandr-Galko/samba
/*
  test a echodata call over the internal messaging system
*/
static bool test_echodata(struct torture_context *tctx,
						  const void *tcase_data,
						  const void *test_data)
{
	struct echo_EchoData r;
	NTSTATUS status;
	const struct irpc_test_data *data = (const struct irpc_test_data *)tcase_data;
	TALLOC_CTX *mem_ctx = tctx;
	struct dcerpc_binding_handle *irpc_handle;

	irpc_handle = irpc_binding_handle(mem_ctx, data->msg_ctx1,
					  cluster_id(0, MSG_ID2),
					  &ndr_table_rpcecho);
	torture_assert(tctx, irpc_handle, "no memory");

	/* make the call */
	r.in.in_data = (unsigned char *)talloc_strdup(mem_ctx, "0123456789");
	r.in.len = strlen((char *)r.in.in_data);

	status = dcerpc_echo_EchoData_r(irpc_handle, mem_ctx, &r);
	torture_assert_ntstatus_ok(tctx, status, "EchoData failed");

	/* check the answer */
	if (memcmp(r.out.out_data, r.in.in_data, r.in.len) != 0) {
		NDR_PRINT_OUT_DEBUG(echo_EchoData, &r);
		torture_fail(tctx, "EchoData wrong answer");
	}

	torture_comment(tctx, "Echo '%*.*s' -> '%*.*s'\n", 
	       r.in.len, r.in.len,
	       r.in.in_data,
	       r.in.len, r.in.len,
	       r.out.out_data);
	return true;
}
コード例 #7
0
ファイル: rpc.c プロジェクト: DavidMulder/samba
static bool torture_rpc_setup_machine_bdc(struct torture_context *tctx,
					  void **data)
{
	NTSTATUS status;
	struct dcerpc_binding *binding;
	struct torture_rpc_tcase *tcase = talloc_get_type(tctx->active_tcase, 
						struct torture_rpc_tcase);
	struct torture_rpc_tcase_data *tcase_data;

	status = torture_rpc_binding(tctx, &binding);
	if (NT_STATUS_IS_ERR(status))
		return false;

	*data = tcase_data = talloc_zero(tctx, struct torture_rpc_tcase_data);
	tcase_data->credentials = popt_get_cmdline_credentials();
	tcase_data->join_ctx = torture_join_domain(tctx, tcase->machine_name,
						   ACB_SVRTRUST, 
						   &tcase_data->credentials);
	if (tcase_data->join_ctx == NULL)
	    torture_fail(tctx, "Failed to join as BDC");

	status = dcerpc_pipe_connect_b(tctx, 
				&(tcase_data->pipe),
				binding,
				tcase->table,
				tcase_data->credentials, tctx->ev, tctx->lp_ctx);

	torture_assert_ntstatus_ok(tctx, status, "Error connecting to server");

	return NT_STATUS_IS_OK(status);
}
コード例 #8
0
ファイル: smb2.c プロジェクト: miguelinux/samba
static bool wrap_simple_1smb2_test(struct torture_context *torture_ctx,
				   struct torture_tcase *tcase,
				   struct torture_test *test)
{
	bool (*fn) (struct torture_context *, struct smb2_tree *);
	bool ret;
	struct smb2_tree *tree1;
	TALLOC_CTX *mem_ctx = talloc_new(torture_ctx);

	if (!torture_smb2_connection(torture_ctx, &tree1)) {
		torture_fail(torture_ctx,
			    "Establishing SMB2 connection failed\n");
		return false;
	}

	/*
	 * This is a trick:
	 * The test might close the connection. If we steal the tree context
	 * before that and free the parent instead of tree directly, we avoid
	 * a double free error.
	 */
	talloc_steal(mem_ctx, tree1);

	fn = test->fn;

	ret = fn(torture_ctx, tree1);

	talloc_free(mem_ctx);

	return ret;
}
コード例 #9
0
ファイル: ndr.c プロジェクト: sameerhussain/samba
static bool test_check_string_terminator(struct torture_context *tctx)
{
	struct ndr_pull *ndr;
	DATA_BLOB blob;
	TALLOC_CTX *mem_ctx = tctx;

	/* Simple test */
	blob = strhex_to_data_blob(tctx, "0000");

	ndr = ndr_pull_init_blob(&blob, mem_ctx);

	torture_assert_ndr_success(tctx, ndr_check_string_terminator(ndr, 1, 2),
				   "simple check_string_terminator test failed");

	torture_assert(tctx, ndr->offset == 0,
		"check_string_terminator did not reset offset");

	if (NDR_ERR_CODE_IS_SUCCESS(ndr_check_string_terminator(ndr, 1, 3))) {
		torture_fail(tctx, "check_string_terminator checked beyond string boundaries");
	}

	torture_assert(tctx, ndr->offset == 0,
		"check_string_terminator did not reset offset");

	talloc_free(ndr);

	blob = strhex_to_data_blob(tctx, "11220000");
	ndr = ndr_pull_init_blob(&blob, mem_ctx);

	torture_assert_ndr_success(tctx,
		ndr_check_string_terminator(ndr, 4, 1),
		"check_string_terminator failed to recognize terminator");

	torture_assert_ndr_success(tctx,
		ndr_check_string_terminator(ndr, 3, 1),
		"check_string_terminator failed to recognize terminator");

	if (NDR_ERR_CODE_IS_SUCCESS(ndr_check_string_terminator(ndr, 2, 1))) {
		torture_fail(tctx, "check_string_terminator erroneously reported terminator");
	}

	torture_assert(tctx, ndr->offset == 0,
		"check_string_terminator did not reset offset");
	return true;
}
コード例 #10
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_ClosePrinter(struct torture_context *tctx,
			      HANDLE handle)
{
	torture_comment(tctx, "Testing ClosePrinter");

	if (!ClosePrinter(handle)) {
		char tmp[1024];
		sprintf(tmp, "failed to close printer, error was: %s\n",
			errstr(GetLastError()));
		torture_fail(tctx, tmp);
	}

	return TRUE;
}
コード例 #11
0
ファイル: smb2.c プロジェクト: miguelinux/samba
static bool wrap_simple_2smb2_test(struct torture_context *torture_ctx,
				   struct torture_tcase *tcase,
				   struct torture_test *test)
{
	bool (*fn) (struct torture_context *, struct smb2_tree *, struct smb2_tree *);
	bool ret = false;

	struct smb2_tree *tree1;
	struct smb2_tree *tree2;
	TALLOC_CTX *mem_ctx = talloc_new(torture_ctx);

	if (!torture_smb2_connection(torture_ctx, &tree1)) {
		torture_fail(torture_ctx,
		    "Establishing SMB2 connection failed\n");
		goto done;
	}

	talloc_steal(mem_ctx, tree1);

	if (!torture_smb2_connection(torture_ctx, &tree2)) {
		torture_fail(torture_ctx,
		    "Establishing SMB2 connection failed\n");
		goto done;
	}

	talloc_steal(mem_ctx, tree2);

	fn = test->fn;

	ret = fn(torture_ctx, tree1, tree2);

done:
	/* the test may already have closed some of the connections */
	talloc_free(mem_ctx);

	return ret;
}
コード例 #12
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_GetPrinterDataEx(struct torture_context *tctx,
				  LPSTR servername,
				  LPSTR keyname,
				  LPSTR valuename,
				  HANDLE handle,
				  DWORD *type_p,
				  LPBYTE *buffer_p,
				  DWORD *size_p)
{
	LPBYTE buffer = NULL;
	DWORD needed = 0;
	DWORD type;
	DWORD err = 0;
	char tmp[1024];

	torture_comment(tctx, "Testing GetPrinterDataEx(%s - %s)", keyname, valuename);

	err = GetPrinterDataEx(handle, keyname, valuename, &type, NULL, 0, &needed);
	if (err == ERROR_MORE_DATA) {
		buffer = (LPBYTE)malloc(needed);
		torture_assert(tctx, buffer, "malloc failed");
		err = GetPrinterDataEx(handle, keyname, valuename, &type, buffer, needed, &needed);
	}
	if (err) {
		sprintf(tmp, "GetPrinterDataEx(%s) failed on [%s] (buffer size = %d), error: %s\n",
			valuename, servername, needed, errstr(err));
		torture_fail(tctx, tmp);
	}

	if (tctx->print) {
		print_printer_data(keyname, valuename, needed, buffer, type);
	}

	if (type_p) {
		*type_p = type;
	}

	if (size_p) {
		*size_p = needed;
	}

	if (buffer_p) {
		*buffer_p = buffer;
	} else {
		free(buffer);
	}

	return TRUE;
}
コード例 #13
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_GetPrinterDriver(struct torture_context *tctx,
				  LPSTR printername,
				  LPSTR architecture,
				  HANDLE handle)
{
	DWORD levels[]  = { 1, 2, 3, 4, 5, 6, 8 };
	DWORD success[] = { 1, 1, 1, 1, 1, 1, 1 };
	DWORD i;
	LPBYTE buffer = NULL;

	for (i=0; i < ARRAY_SIZE(levels); i++) {

		DWORD needed = 0;
		DWORD err = 0;
		char tmp[1024];

		torture_comment(tctx, "Testing GetPrinterDriver level %d", levels[i]);

		GetPrinterDriver(handle, architecture, levels[i], NULL, 0, &needed);
		err = GetLastError();
		if (err == ERROR_INSUFFICIENT_BUFFER) {
			err = 0;
			buffer = malloc(needed);
			torture_assert(tctx, buffer, "malloc failed");
			if (!GetPrinterDriver(handle, architecture, levels[i], buffer, needed, &needed)) {
				err = GetLastError();
			}
		}
		if (err) {
			sprintf(tmp, "GetPrinterDriver failed level %d on [%s] (buffer size = %d), error: %s\n",
				levels[i], printername, needed, errstr(err));
			if (success[i]) {
				torture_fail(tctx, tmp);
			} else {
				torture_warning(tctx, tmp);
			}
		}

		if (tctx->print) {
			print_driver_info_bylevel(levels[i], buffer, 1);
		}

		free(buffer);
		buffer = NULL;
	}

	return TRUE;
}
コード例 #14
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_EnumPrinters(struct torture_context *tctx,
			      LPSTR servername)
{
	DWORD levels[]  = { 1, 2, 5 };
	DWORD success[] = { 1, 1, 1 };
	DWORD i;
	DWORD flags = PRINTER_ENUM_NAME;
	LPBYTE buffer = NULL;

	for (i=0; i < ARRAY_SIZE(levels); i++) {

		DWORD needed = 0;
		DWORD returned = 0;
		DWORD err = 0;
		char tmp[1024];

		torture_comment(tctx, "Testing EnumPrinters level %d", levels[i]);

		EnumPrinters(flags, servername, levels[i], NULL, 0, &needed, &returned);
		err = GetLastError();
		if (err == ERROR_INSUFFICIENT_BUFFER) {
			err = 0;
			buffer = malloc(needed);
			torture_assert(tctx, buffer, "malloc failed");
			if (!EnumPrinters(flags, servername, levels[i], buffer, needed, &needed, &returned)) {
				err = GetLastError();
			}
		}
		if (err) {
			sprintf(tmp, "EnumPrinters failed level %d on [%s] (buffer size = %d), error: %s\n",
				levels[i], servername, needed, errstr(err));
			if (success[i]) {
				torture_fail(tctx, tmp);
			} else {
				torture_warning(tctx, tmp);
			}
		}

		if (tctx->print) {
			print_printer_info_bylevel(levels[i], buffer, returned);
		}

		free(buffer);
		buffer = NULL;
	}

	return TRUE;
}
コード例 #15
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_OpenPrinter(struct torture_context *tctx,
			     LPSTR printername,
			     LPPRINTER_DEFAULTS defaults,
			     LPHANDLE handle)
{
	torture_comment(tctx, "Testing OpenPrinter(%s)", printername);

	if (!OpenPrinter(printername, handle, defaults)) {
		char tmp[1024];
		sprintf(tmp, "failed to open printer %s, error was: 0x%08x\n",
			printername, GetLastError());
		torture_fail(tctx, tmp);
	}

	return TRUE;
}
コード例 #16
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_EnumPrinterDataEx(struct torture_context *tctx,
				   LPSTR servername,
				   LPSTR keyname,
				   HANDLE handle,
				   LPBYTE *buffer_p,
				   DWORD *returned_p)
{
	LPBYTE buffer = NULL;
	DWORD needed = 0;
	DWORD returned = 0;
	DWORD err = 0;
	char tmp[1024];

	torture_comment(tctx, "Testing EnumPrinterDataEx(%s)", keyname);

	err = EnumPrinterDataEx(handle, keyname, NULL, 0, &needed, &returned);
	if (err == ERROR_MORE_DATA) {
		buffer = malloc(needed);
		torture_assert(tctx, buffer, "malloc failed");
		err = EnumPrinterDataEx(handle, keyname, buffer, needed, &needed, &returned);
	}
	if (err) {
		sprintf(tmp, "EnumPrinterDataEx(%s) failed on [%s] (buffer size = %d), error: %s\n",
			keyname, servername, needed, errstr(err));
		torture_fail(tctx, tmp);
	}

	if (tctx->print) {
		DWORD i;
		LPPRINTER_ENUM_VALUES v = (LPPRINTER_ENUM_VALUES)buffer;
		for (i=0; i < returned; i++) {
			print_printer_enum_values(&v[i]);
		}
	}

	if (returned_p) {
		*returned_p = returned;
	}

	if (buffer_p) {
		*buffer_p = buffer;
	} else {
		free(buffer);
	}

	return TRUE;
}
コード例 #17
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_EnumJobs(struct torture_context *tctx,
			  LPSTR printername,
			  HANDLE handle)
{
	DWORD levels[]  = { 1, 2, 3, 4 };
	DWORD success[] = { 1, 1, 1, 1 };
	DWORD i;
	LPBYTE buffer = NULL;

	for (i=0; i < ARRAY_SIZE(levels); i++) {

		DWORD needed = 0;
		DWORD returned = 0;
		DWORD err = 0;
		char tmp[1024];

		torture_comment(tctx, "Testing EnumJobs level %d", levels[i]);

		EnumJobs(handle, 0, 100, levels[i], NULL, 0, &needed, &returned);
		err = GetLastError();
		if (err == ERROR_INSUFFICIENT_BUFFER) {
			err = 0;
			buffer = malloc(needed);
			torture_assert(tctx, buffer, "malloc failed");
			if (!EnumJobs(handle, 0, 100, levels[i], buffer, needed, &needed, &returned)) {
				err = GetLastError();
			}
		}
		if (err) {
			sprintf(tmp, "EnumJobs failed level %d on [%s] (buffer size = %d), error: %s\n",
				levels[i], printername, needed, errstr(err));
			if (success[i]) {
				torture_fail(tctx, tmp);
			} else {
				torture_warning(tctx, tmp);
			}
		}

		free(buffer);
		buffer = NULL;
	}

	return TRUE;
}
コード例 #18
0
ファイル: spoolss.c プロジェクト: endisd/samba
static BOOL test_EachPrinter(struct torture_context *tctx,
			     LPSTR servername,
			     LPSTR architecture,
			     LPPRINTER_DEFAULTS defaults)
{
	DWORD needed = 0;
	DWORD returned = 0;
	DWORD err = 0;
	char tmp[1024];
	DWORD i;
	DWORD flags = PRINTER_ENUM_NAME;
	PPRINTER_INFO_1 buffer = NULL;
	BOOL ret = TRUE;

	torture_comment(tctx, "Testing EnumPrinters level %d", 1);

	EnumPrinters(flags, servername, 1, NULL, 0, &needed, &returned);
	err = GetLastError();
	if (err == ERROR_INSUFFICIENT_BUFFER) {
		err = 0;
		buffer = (PPRINTER_INFO_1)malloc(needed);
		torture_assert(tctx, buffer, "malloc failed");
		if (!EnumPrinters(flags, servername, 1, (LPBYTE)buffer, needed, &needed, &returned)) {
			err = GetLastError();
		}
	}
	if (err) {
		sprintf(tmp, "EnumPrinters failed level %d on [%s] (buffer size = %d), error: %s\n",
			1, servername, needed, errstr(err));
		torture_fail(tctx, tmp);
	}

	for (i=0; i < returned; i++) {
		ret &= test_OnePrinter(tctx, buffer[i].pName, architecture, defaults);
	}

	free(buffer);

	return ret;
}
コード例 #19
0
ファイル: libsmbclient.c プロジェクト: AIdrifter/samba
static bool test_opendir(struct torture_context *tctx,
			 SMBCCTX *ctx,
			 const char *fname,
			 bool expect_success)
{
	int handle, ret;

	torture_comment(tctx, "Testing smbc_opendir(%s)\n", fname);

	handle = smbc_opendir(fname);
	if (!expect_success) {
		return true;
	}
	if (handle < 0) {
		torture_fail(tctx, talloc_asprintf(tctx, "failed to obain file handle for '%s'", fname));
	}

	ret = smbc_closedir(handle);
	torture_assert_int_equal(tctx, ret, 0,
		talloc_asprintf(tctx, "failed to close file handle for '%s'", fname));

	return true;
}
コード例 #20
0
ファイル: samba3hide.c プロジェクト: Arkhont/samba
bool torture_samba3_hide(struct torture_context *torture)
{
	struct smbcli_state *cli;
	const char *fname = "test.txt";
	int fnum;
	NTSTATUS status;
	struct smbcli_tree *hideunread;
	struct smbcli_tree *hideunwrite;

	if (!torture_open_connection_share(
		    torture, &cli, torture, torture_setting_string(torture, "host", NULL),
		    torture_setting_string(torture, "share", NULL), torture->ev)) {
		torture_fail(torture, "torture_open_connection_share failed\n");
	}

	status = torture_second_tcon(torture, cli->session, "hideunread",
				     &hideunread);
	torture_assert_ntstatus_ok(torture, status, "second_tcon(hideunread) failed\n");

	status = torture_second_tcon(torture, cli->session, "hideunwrite",
				     &hideunwrite);
	torture_assert_ntstatus_ok(torture, status, "second_tcon(hideunwrite) failed\n");

	status = smbcli_unlink(cli->tree, fname);
	if (NT_STATUS_EQUAL(status, NT_STATUS_CANNOT_DELETE)) {
		smbcli_setatr(cli->tree, fname, 0, -1);
		smbcli_unlink(cli->tree, fname);
	}

	fnum = smbcli_open(cli->tree, fname, O_RDWR|O_CREAT, DENY_NONE);
	if (fnum == -1) {
		torture_fail(torture,
			talloc_asprintf(torture, "Failed to create %s - %s\n", fname, smbcli_errstr(cli->tree)));
	}

	smbcli_close(cli->tree, fnum);

	if (!smbcli_file_exists(cli->tree, fname)) {
		torture_fail(torture, talloc_asprintf(torture, "%s does not exist\n", fname));
	}

	/* R/W file should be visible everywhere */

	status = smbcli_chmod(cli->tree, fname, UNIX_R_USR|UNIX_W_USR);
	torture_assert_ntstatus_ok(torture, status, "smbcli_chmod failed\n");

	if (!is_writeable(torture, cli->tree, fname)) {
		torture_fail(torture, "File not writable\n");
	}
	if (!is_readable(cli->tree, fname)) {
		torture_fail(torture, "File not readable\n");
	}
	if (!is_visible(cli->tree, fname)) {
		torture_fail(torture, "r/w file not visible via normal share\n");
	}
	if (!is_visible(hideunread, fname)) {
		torture_fail(torture, "r/w file not visible via hide unreadable\n");
	}
	if (!is_visible(hideunwrite, fname)) {
		torture_fail(torture, "r/w file not visible via hide unwriteable\n");
	}

	/* R/O file should not be visible via hide unwriteable files */

	status = smbcli_chmod(cli->tree, fname, UNIX_R_USR);
	torture_assert_ntstatus_ok(torture, status, "smbcli_chmod failed\n");

	if (is_writeable(torture, cli->tree, fname)) {
		torture_fail(torture, "r/o is writable\n");
	}
	if (!is_readable(cli->tree, fname)) {
		torture_fail(torture, "r/o not readable\n");
	}
	if (!is_visible(cli->tree, fname)) {
		torture_fail(torture, "r/o file not visible via normal share\n");
	}
	if (!is_visible(hideunread, fname)) {
		torture_fail(torture, "r/o file not visible via hide unreadable\n");
	}
	if (is_visible(hideunwrite, fname)) {
		torture_fail(torture, "r/o file visible via hide unwriteable\n");
	}

	/* inaccessible file should be only visible on normal share */

	status = smbcli_chmod(cli->tree, fname, 0);
	torture_assert_ntstatus_ok(torture, status, "smbcli_chmod failed\n");

	if (is_writeable(torture, cli->tree, fname)) {
		torture_fail(torture, "inaccessible file is writable\n");
	}
	if (is_readable(cli->tree, fname)) {
		torture_fail(torture, "inaccessible file is readable\n");
	}
	if (!is_visible(cli->tree, fname)) {
		torture_fail(torture, "inaccessible file not visible via normal share\n");
	}
	if (is_visible(hideunread, fname)) {
		torture_fail(torture, "inaccessible file visible via hide unreadable\n");
	}
	if (is_visible(hideunwrite, fname)) {
		torture_fail(torture, "inaccessible file visible via hide unwriteable\n");
	}

	smbcli_chmod(cli->tree, fname, UNIX_R_USR|UNIX_W_USR);
	smbcli_unlink(cli->tree, fname);
	
	return true;
}
コード例 #21
0
static bool test_DsCrackNamesMatrix(struct torture_context *tctx,
				    struct DsPrivate *priv, const char *dn,
				    const char *user_principal_name, const char *service_principal_name)
{
	NTSTATUS status;
	const char *err_msg;
	struct drsuapi_DsCrackNames r;
	union drsuapi_DsNameRequest req;
	uint32_t level_out;
	union drsuapi_DsNameCtr ctr;
	struct dcerpc_pipe *p = priv->drs_pipe;
	TALLOC_CTX *mem_ctx = priv;

	enum drsuapi_DsNameFormat formats[] = {
		DRSUAPI_DS_NAME_FORMAT_UNKNOWN,
		DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
		DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
		DRSUAPI_DS_NAME_FORMAT_DISPLAY,
		DRSUAPI_DS_NAME_FORMAT_GUID,
		DRSUAPI_DS_NAME_FORMAT_CANONICAL,
		DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
		DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
		DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
		DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
		DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN
	};
	struct drsuapi_DsNameString names[ARRAY_SIZE(formats)];
	int i, j;

	const char *n_matrix[ARRAY_SIZE(formats)][ARRAY_SIZE(formats)];
	const char *n_from[ARRAY_SIZE(formats)];

	ZERO_STRUCT(r);
	r.in.bind_handle		= &priv->bind_handle;
	r.in.level			= 1;
	r.in.req			= &req;
	r.in.req->req1.codepage		= 1252; /* german */
	r.in.req->req1.language		= 0x00000407; /* german */
	r.in.req->req1.count		= 1;
	r.in.req->req1.names		= names;
	r.in.req->req1.format_flags	= DRSUAPI_DS_NAME_FLAG_NO_FLAGS;

	r.out.level_out			= &level_out;
	r.out.ctr			= &ctr;

	n_matrix[0][0] = dn;

	for (i = 0; i < ARRAY_SIZE(formats); i++) {
		r.in.req->req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
		r.in.req->req1.format_desired	= formats[i];
		names[0].str = dn;
		status = dcerpc_drsuapi_DsCrackNames_r(p->binding_handle, mem_ctx, &r);
		if (!NT_STATUS_IS_OK(status)) {
			const char *errstr = nt_errstr(status);
			err_msg = talloc_asprintf(mem_ctx,
					"testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d failed - %s",
					names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired, errstr);
			torture_fail(tctx, err_msg);
		} else if (!W_ERROR_IS_OK(r.out.result)) {
			err_msg = talloc_asprintf(mem_ctx,
					"testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d failed - %s",
			       names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired, win_errstr(r.out.result));
			torture_fail(tctx, err_msg);
		}
			
		switch (formats[i]) {
		case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:	
			if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE) {
				err_msg = talloc_asprintf(mem_ctx,
						"Unexpected error (%d): This name lookup should fail",
						r.out.ctr->ctr1->array[0].status);
				torture_fail(tctx, err_msg);
			}
			torture_comment(tctx, __location__ ": (expected) error\n");
			break;
		case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
			if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) {
				err_msg = talloc_asprintf(mem_ctx,
						"Unexpected error (%d): This name lookup should fail",
						r.out.ctr->ctr1->array[0].status);
				torture_fail(tctx, err_msg);
			}
			torture_comment(tctx, __location__ ": (expected) error\n");
			break;
		case DRSUAPI_DS_NAME_FORMAT_UNKNOWN:	/* should fail as we ask server to convert to Unknown format */
		case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:	
		case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:	
			if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR) {
				err_msg = talloc_asprintf(mem_ctx,
						"Unexpected error (%d): This name lookup should fail",
						r.out.ctr->ctr1->array[0].status);
				torture_fail(tctx, err_msg);
			}
			torture_comment(tctx, __location__ ": (expected) error\n");
			break;
		default:
			if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
				err_msg = talloc_asprintf(mem_ctx,
						"DsCrackNames error: %d",
						r.out.ctr->ctr1->array[0].status);
				torture_fail(tctx, err_msg);
			}
			break;
		}

		switch (formats[i]) {
		case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
			n_from[i] = user_principal_name;
			break;
		case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:	
			n_from[i] = service_principal_name;
			break;
		case DRSUAPI_DS_NAME_FORMAT_UNKNOWN:
		case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:	
		case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:	
			n_from[i] = NULL;
			break;
		default:
			n_from[i] = r.out.ctr->ctr1->array[0].result_name;
			printf("%s\n", n_from[i]);
			break;
		}
	}

	for (i = 0; i < ARRAY_SIZE(formats); i++) {
		for (j = 0; j < ARRAY_SIZE(formats); j++) {
			r.in.req->req1.format_offered	= formats[i];
			r.in.req->req1.format_desired	= formats[j];
			if (!n_from[i]) {
				n_matrix[i][j] = NULL;
				continue;
			}
			names[0].str = n_from[i];
			status = dcerpc_drsuapi_DsCrackNames_r(p->binding_handle, mem_ctx, &r);
			if (!NT_STATUS_IS_OK(status)) {
				const char *errstr = nt_errstr(status);
				err_msg = talloc_asprintf(mem_ctx,
						"testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
						names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired, errstr);
				torture_fail(tctx, err_msg);
			} else if (!W_ERROR_IS_OK(r.out.result)) {
				err_msg = talloc_asprintf(mem_ctx,
						"testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
						names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired,
						win_errstr(r.out.result));
				torture_fail(tctx, err_msg);
			}
			
			if (r.out.ctr->ctr1->array[0].status == DRSUAPI_DS_NAME_STATUS_OK) {
				n_matrix[i][j] = r.out.ctr->ctr1->array[0].result_name;
			} else {
				n_matrix[i][j] = NULL;
			}
		}
	}

	for (i = 0; i < ARRAY_SIZE(formats); i++) {
		for (j = 0; j < ARRAY_SIZE(formats); j++) {
			if (n_matrix[i][j] == n_from[j]) {
				
			/* We don't have a from name for these yet (and we can't map to them to find it out) */
			} else if (n_matrix[i][j] == NULL && n_from[i] == NULL) {
				
			/* we can't map to these two */
			} else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL) {
			} else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL) {
			} else if (n_matrix[i][j] == NULL && n_from[j] != NULL) {
				err_msg = talloc_asprintf(mem_ctx,
						"dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s",
						formats[i], formats[j], n_matrix[i][j], n_from[j]);
				torture_fail(tctx, err_msg);
			} else if (n_matrix[i][j] != NULL && n_from[j] == NULL) {
				err_msg = talloc_asprintf(mem_ctx,
						"dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s",
						formats[i], formats[j], n_matrix[i][j], n_from[j]);
				torture_fail(tctx, err_msg);
			} else if (strcmp(n_matrix[i][j], n_from[j]) != 0) {
				err_msg = talloc_asprintf(mem_ctx,
						"dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s",
						formats[i], formats[j], n_matrix[i][j], n_from[j]);
				torture_fail(tctx, err_msg);
			}
		}
	}

	return true;
}
コード例 #22
0
bool test_DsCrackNames(struct torture_context *tctx,
		       struct DsPrivate *priv)
{
	NTSTATUS status;
	const char *err_msg;
	struct drsuapi_DsCrackNames r;
	union drsuapi_DsNameRequest req;
	uint32_t level_out;
	union drsuapi_DsNameCtr ctr;
	struct drsuapi_DsNameString names[1];
	const char *dns_domain;
	const char *nt4_domain;
	const char *FQDN_1779_name;
	struct ldb_context *ldb;
	struct ldb_dn *FQDN_1779_dn;
	struct ldb_dn *realm_dn;
	const char *realm_dn_str;
	const char *realm_canonical;
	const char *realm_canonical_ex;
	const char *user_principal_name;
	char *user_principal_name_short;
	const char *service_principal_name;
	const char *canonical_name;
	const char *canonical_ex_name;
	const char *dom_sid;
	const char *test_dc = torture_join_netbios_name(priv->join);
	struct dcerpc_pipe *p = priv->drs_pipe;
	TALLOC_CTX *mem_ctx = priv;

	ZERO_STRUCT(r);
	r.in.bind_handle		= &priv->bind_handle;
	r.in.level			= 1;
	r.in.req			= &req;
	r.in.req->req1.codepage		= 1252; /* german */
	r.in.req->req1.language		= 0x00000407; /* german */
	r.in.req->req1.count		= 1;
	r.in.req->req1.names		= names;
	r.in.req->req1.format_flags	= DRSUAPI_DS_NAME_FLAG_NO_FLAGS;

	r.in.req->req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
	r.in.req->req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;

	r.out.level_out			= &level_out;
	r.out.ctr			= &ctr;

	dom_sid = dom_sid_string(mem_ctx, torture_join_sid(priv->join));
	
	names[0].str = dom_sid;

	torture_comment(tctx, "Testing DsCrackNames with name '%s' desired format:%d\n",
			names[0].str, r.in.req->req1.format_desired);

	status = dcerpc_drsuapi_DsCrackNames_r(p->binding_handle, mem_ctx, &r);
	if (!NT_STATUS_IS_OK(status)) {
		const char *errstr = nt_errstr(status);
		err_msg = talloc_asprintf(mem_ctx, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr);
		torture_fail(tctx, err_msg);
	} else if (!W_ERROR_IS_OK(r.out.result)) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed - %s", win_errstr(r.out.result));
		torture_fail(tctx, err_msg);
	} else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed on name - %d",
					  r.out.ctr->ctr1->array[0].status);
		torture_fail(tctx, err_msg);
	}

	dns_domain = r.out.ctr->ctr1->array[0].dns_domain_name;
	nt4_domain = r.out.ctr->ctr1->array[0].result_name;

	r.in.req->req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_GUID;

	torture_comment(tctx, "Testing DsCrackNames with name '%s' desired format:%d\n",
			names[0].str, r.in.req->req1.format_desired);

	status = dcerpc_drsuapi_DsCrackNames_r(p->binding_handle, mem_ctx, &r);
	if (!NT_STATUS_IS_OK(status)) {
		const char *errstr = nt_errstr(status);
		err_msg = talloc_asprintf(mem_ctx, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr);
		torture_fail(tctx, err_msg);
	} else if (!W_ERROR_IS_OK(r.out.result)) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed - %s", win_errstr(r.out.result));
		torture_fail(tctx, err_msg);
	} else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed on name - %d",
					  r.out.ctr->ctr1->array[0].status);
		torture_fail(tctx, err_msg);
	}

	priv->domain_dns_name = r.out.ctr->ctr1->array[0].dns_domain_name;
	priv->domain_guid_str = r.out.ctr->ctr1->array[0].result_name;
	GUID_from_string(priv->domain_guid_str, &priv->domain_guid);

	r.in.req->req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;

	torture_comment(tctx, "Testing DsCrackNames with name '%s' desired format:%d\n",
			names[0].str, r.in.req->req1.format_desired);

	status = dcerpc_drsuapi_DsCrackNames_r(p->binding_handle, mem_ctx, &r);
	if (!NT_STATUS_IS_OK(status)) {
		const char *errstr = nt_errstr(status);
		err_msg = talloc_asprintf(mem_ctx, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr);
		torture_fail(tctx, err_msg);
	} else if (!W_ERROR_IS_OK(r.out.result)) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed - %s", win_errstr(r.out.result));
		torture_fail(tctx, err_msg);
	} else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed on name - %d",
					  r.out.ctr->ctr1->array[0].status);
		torture_fail(tctx, err_msg);
	}

	ldb = ldb_init(mem_ctx, tctx->ev);
	
	realm_dn_str = r.out.ctr->ctr1->array[0].result_name;
	realm_dn =  ldb_dn_new(mem_ctx, ldb, realm_dn_str);
	realm_canonical = ldb_dn_canonical_string(mem_ctx, realm_dn);

	if (strcmp(realm_canonical,
		   talloc_asprintf(mem_ctx, "%s/", dns_domain))!= 0) {
		err_msg = talloc_asprintf(mem_ctx, "local Round trip on canonical name failed: %s != %s!",
				          realm_canonical,
				          talloc_asprintf(mem_ctx, "%s/", dns_domain));
		torture_fail(tctx, err_msg);
	};

	realm_canonical_ex = ldb_dn_canonical_ex_string(mem_ctx, realm_dn);

	if (strcmp(realm_canonical_ex, 
		   talloc_asprintf(mem_ctx, "%s\n", dns_domain))!= 0) {
		err_msg = talloc_asprintf(mem_ctx, "local Round trip on canonical ex name failed: %s != %s!",
				          realm_canonical,
				          talloc_asprintf(mem_ctx, "%s\n", dns_domain));
		torture_fail(tctx, err_msg);
	};

	r.in.req->req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
	r.in.req->req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
	names[0].str = nt4_domain;

	torture_comment(tctx, "Testing DsCrackNames with name '%s' desired format:%d\n",
			names[0].str, r.in.req->req1.format_desired);

	status = dcerpc_drsuapi_DsCrackNames_r(p->binding_handle, mem_ctx, &r);
	if (!NT_STATUS_IS_OK(status)) {
		const char *errstr = nt_errstr(status);
		err_msg = talloc_asprintf(mem_ctx, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr);
		torture_fail(tctx, err_msg);
	} else if (!W_ERROR_IS_OK(r.out.result)) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed - %s", win_errstr(r.out.result));
		torture_fail(tctx, err_msg);
	} else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed on name - %d",
					  r.out.ctr->ctr1->array[0].status);
		torture_fail(tctx, err_msg);
	}

	priv->domain_obj_dn = r.out.ctr->ctr1->array[0].result_name;

	r.in.req->req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
	r.in.req->req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
	names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc);

	torture_comment(tctx, "Testing DsCrackNames with name '%s' desired format:%d\n",
			names[0].str, r.in.req->req1.format_desired);

	status = dcerpc_drsuapi_DsCrackNames_r(p->binding_handle, mem_ctx, &r);
	if (!NT_STATUS_IS_OK(status)) {
		const char *errstr = nt_errstr(status);
		err_msg = talloc_asprintf(mem_ctx, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr);
		torture_fail(tctx, err_msg);
	} else if (!W_ERROR_IS_OK(r.out.result)) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed - %s", win_errstr(r.out.result));
		torture_fail(tctx, err_msg);
	} else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed on name - %d",
					  r.out.ctr->ctr1->array[0].status);
		torture_fail(tctx, err_msg);
	}

	FQDN_1779_name = r.out.ctr->ctr1->array[0].result_name;

	r.in.req->req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_GUID;
	r.in.req->req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
	names[0].str = priv->domain_guid_str;

	torture_comment(tctx, "Testing DsCrackNames with name '%s' desired format:%d\n",
			names[0].str, r.in.req->req1.format_desired);

	status = dcerpc_drsuapi_DsCrackNames_r(p->binding_handle, mem_ctx, &r);
	if (!NT_STATUS_IS_OK(status)) {
		const char *errstr = nt_errstr(status);
		err_msg = talloc_asprintf(mem_ctx, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr);
		torture_fail(tctx, err_msg);
	} else if (!W_ERROR_IS_OK(r.out.result)) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed - %s", win_errstr(r.out.result));
		torture_fail(tctx, err_msg);
	} else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
		err_msg = talloc_asprintf(mem_ctx, "DsCrackNames failed on name - %d",
					  r.out.ctr->ctr1->array[0].status);
		torture_fail(tctx, err_msg);
	}

	if (strcmp(priv->domain_dns_name, r.out.ctr->ctr1->array[0].dns_domain_name) != 0) {
		err_msg = talloc_asprintf(mem_ctx,
				"DsCrackNames failed to return same DNS name - expected %s got %s",
				priv->domain_dns_name, r.out.ctr->ctr1->array[0].dns_domain_name);
		torture_fail(tctx, err_msg);
	}

	FQDN_1779_dn = ldb_dn_new(mem_ctx, ldb, FQDN_1779_name);

	canonical_name = ldb_dn_canonical_string(mem_ctx, FQDN_1779_dn);
	canonical_ex_name = ldb_dn_canonical_ex_string(mem_ctx, FQDN_1779_dn);

	user_principal_name = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, dns_domain);

	/* form up a user@DOMAIN */
	user_principal_name_short = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, nt4_domain);
	/* variable nt4_domain includs a trailing \ */
	user_principal_name_short[strlen(user_principal_name_short) - 1] = '\0';
	
	service_principal_name = talloc_asprintf(mem_ctx, "HOST/%s", test_dc);
	{
		
		struct {
			enum drsuapi_DsNameFormat format_offered;
			enum drsuapi_DsNameFormat format_desired;
			const char *comment;
			const char *str;
			const char *expected_str;
			const char *expected_dns;
			enum drsuapi_DsNameStatus status;
			enum drsuapi_DsNameStatus alternate_status;
			enum drsuapi_DsNameFlags flags;
			bool skip;
		} crack[] = {
			{
				.format_offered	= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
				.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
				.str = user_principal_name,
				.expected_str = FQDN_1779_name,
				.status = DRSUAPI_DS_NAME_STATUS_OK
			},
			{
				.format_offered	= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
				.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
				.str = user_principal_name_short,
				.expected_str = FQDN_1779_name,
				.status = DRSUAPI_DS_NAME_STATUS_OK
			},
			{
				.format_offered	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
コード例 #23
0
ファイル: dbspeed.c プロジェクト: AllardJ/Tomato
/*
  test ldb speed
*/
static bool test_ldb_speed(struct torture_context *torture, const void *_data)
{
	struct timeval tv;
	struct ldb_context *ldb;
	int timelimit = torture_setting_int(torture, "timelimit", 10);
	int i, count;
	TALLOC_CTX *tmp_ctx = talloc_new(torture);
	struct ldb_ldif *ldif;
	const char *init_ldif = "dn: @INDEXLIST\n" \
		"@IDXATTR: UID\n";
	float ldb_speed;

	unlink("./test.ldb");

	torture_comment(torture, "Testing ldb speed for sidmap\n");

	ldb = ldb_wrap_connect(tmp_ctx, torture->ev, torture->lp_ctx, "tdb://test.ldb", 
				NULL, NULL, LDB_FLG_NOSYNC, NULL);
	if (!ldb) {
		unlink("./test.ldb");
		talloc_free(tmp_ctx);
		torture_fail(torture, "Failed to open test.ldb");
	}

	/* add an index */
	ldif = ldb_ldif_read_string(ldb, &init_ldif);
	if (ldif == NULL) goto failed;
	if (ldb_add(ldb, ldif->msg) != LDB_SUCCESS) goto failed;
	talloc_free(ldif);

	torture_comment(torture, "Adding %d SID records\n", torture_entries);

	for (i=0;i<torture_entries;i++) {
		if (!ldb_add_record(ldb, i)) {
			torture_result(torture, TORTURE_FAIL, "Failed to add SID %d\n", i);
			goto failed;
		}
	}

	if (talloc_total_blocks(torture) > 100) {
		torture_result(torture, TORTURE_FAIL, "memory leak in ldb add\n");
		goto failed;
	}

	torture_comment(torture, "Testing for %d seconds\n", timelimit);

	tv = timeval_current();

	for (count=0;timeval_elapsed(&tv) < timelimit;count++) {
		struct ldb_dn *dn;
		struct ldb_result *res;

		i = random() % torture_entries;
		dn = ldb_dn_new_fmt(tmp_ctx, ldb, "SID=S-1-5-21-53173311-3623041448-2049097239-%u", i);
		if (ldb_search(ldb, tmp_ctx, &res, dn, LDB_SCOPE_BASE, NULL, NULL) != LDB_SUCCESS || res->count != 1) {
			torture_fail(torture, talloc_asprintf(torture, "Failed to find SID %d", i));
		}
		talloc_free(res);
		talloc_free(dn);
		if (ldb_search(ldb, tmp_ctx, &res, NULL, LDB_SCOPE_SUBTREE, NULL, "(UID=%u)", i) != LDB_SUCCESS || res->count != 1) {
			torture_fail(torture, talloc_asprintf(torture, "Failed to find UID %d", i));
		}
		talloc_free(res);
	}

	if (talloc_total_blocks(torture) > 100) {
		unlink("./test.ldb");
		talloc_free(tmp_ctx);
		torture_fail(torture, "memory leak in ldb search");
	}

	ldb_speed = count/timeval_elapsed(&tv);
	torture_comment(torture, "ldb speed %.2f ops/sec\n", ldb_speed);

	torture_comment(torture, "ldb/tdb speed ratio is %.2f%%\n", (100*ldb_speed/tdb_speed));
	

	unlink("./test.ldb");
	talloc_free(tmp_ctx);
	return true;

failed:
	unlink("./test.ldb");
	talloc_free(tmp_ctx);
	return false;
}
コード例 #24
0
ファイル: idtree.c プロジェクト: 0x24bin/winexe-1
static bool torture_local_idtree_simple(struct torture_context *tctx)
{
	struct idr_context *idr;
	int i, ret;
	int *ids;
	int *present;
	extern int torture_numops;
	int n = torture_numops;
	TALLOC_CTX *mem_ctx = tctx;

	idr = idr_init(mem_ctx);

	ids = talloc_zero_array(mem_ctx, int, n);
	present = talloc_zero_array(mem_ctx, int, n);

	for (i=0;i<n;i++) {
		ids[i] = -1;
	}

	for (i=0;i<n;i++) {
		int ii = random() % n;
		void *p = idr_find(idr, ids[ii]);
		if (present[ii]) {
			if (p != &ids[ii]) {
				torture_fail(tctx, talloc_asprintf(tctx, 
						"wrong ptr at %d - %p should be %p", 
				       ii, p, &ids[ii]));
			}
			if (random() % 7 == 0) {
				if (idr_remove(idr, ids[ii]) != 0) {
					torture_fail(tctx, talloc_asprintf(tctx,
						"remove failed at %d (id=%d)", 
					       i, ids[ii]));
				}
				present[ii] = 0;
				ids[ii] = -1;
			}
		} else {
			if (p != NULL) {
				torture_fail(tctx, 
					     talloc_asprintf(tctx,
							     "non-present at %d gave %p (would be %d)", 
							     ii, p, 
							     (int)((((char *)p) - (char *)(&ids[0])) / sizeof(int))));
			}
			if (random() % 5) {
				ids[ii] = idr_get_new(idr, &ids[ii], n);
				if (ids[ii] < 0) {
					torture_fail(tctx, talloc_asprintf(tctx,
						"alloc failure at %d (ret=%d)", 
					       ii, ids[ii]));
				} else {
					present[ii] = 1;
				}
			}
		}
	}

	torture_comment(tctx, "done %d random ops\n", i);

	for (i=0;i<n;i++) {
		if (present[i]) {
			if (idr_remove(idr, ids[i]) != 0) {
				torture_fail(tctx, talloc_asprintf(tctx,
						"delete failed on cleanup at %d (id=%d)", 
				       i, ids[i]));
			}
		}
	}

	/* now test some limits */
	for (i=0;i<25000;i++) {
		ret = idr_get_new_above(idr, &ids[0], random() % 25000, 0x10000-3);
		torture_assert(tctx, ret != -1, "idr_get_new_above failed");
	}

	ret = idr_get_new_above(idr, &ids[0], 0x10000-2, 0x10000);
	torture_assert_int_equal(tctx, ret, 0x10000-2, "idr_get_new_above failed");
	ret = idr_get_new_above(idr, &ids[0], 0x10000-1, 0x10000);
	torture_assert_int_equal(tctx, ret, 0x10000-1, "idr_get_new_above failed");
	ret = idr_get_new_above(idr, &ids[0], 0x10000, 0x10000);
	torture_assert_int_equal(tctx, ret, 0x10000, "idr_get_new_above failed");
	ret = idr_get_new_above(idr, &ids[0], 0x10000+1, 0x10000);
	torture_assert_int_equal(tctx, ret, -1, "idr_get_new_above succeeded above limit");
	ret = idr_get_new_above(idr, &ids[0], 0x10000+2, 0x10000);
	torture_assert_int_equal(tctx, ret, -1, "idr_get_new_above succeeded above limit");

	torture_comment(tctx, "cleaned up\n");
	return true;
}
コード例 #25
0
ファイル: pac.c プロジェクト: 0x24bin/winexe-1
/* Check with a known 'well formed' PAC, from my test server */
static bool torture_pac_saved_check(struct torture_context *tctx)
{
	NTSTATUS nt_status;
	enum ndr_err_code ndr_err;
	DATA_BLOB tmp_blob, validate_blob;
	struct PAC_DATA *pac_data, pac_data2;
	struct PAC_LOGON_INFO *logon_info;
	union netr_Validation validation;
	const char *pac_file, *pac_kdc_key, *pac_member_key;
	struct auth_serversupplied_info *server_info_out;

	krb5_keyblock server_keyblock;
	krb5_keyblock krbtgt_keyblock, *krbtgt_keyblock_p;
	struct samr_Password *krbtgt_bytes, *krbsrv_bytes;
	
	krb5_error_code ret;
	struct smb_krb5_context *smb_krb5_context;

	const char *principal_string;
	char *broken_principal_string;
	krb5_principal client_principal;
	const char *authtime_string;
	time_t authtime;
	TALLOC_CTX *mem_ctx = tctx;

	torture_assert(tctx, 0 == smb_krb5_init_context(mem_ctx, NULL,
							tctx->lp_ctx,
							&smb_krb5_context),
		       "smb_krb5_init_context");

	pac_kdc_key = torture_setting_string(tctx, "pac_kdc_key", 
					     "B286757148AF7FD252C53603A150B7E7");

	pac_member_key = torture_setting_string(tctx, "pac_member_key", 
						"D217FAEAE5E6B5F95CCC94077AB8A5FC");

	torture_comment(tctx, "Using pac_kdc_key '%s'\n", pac_kdc_key);
	torture_comment(tctx, "Using pac_member_key '%s'\n", pac_member_key);

	/* The krbtgt key in use when the above PAC was generated.
	 * This is an arcfour-hmac-md5 key, extracted with our 'net
	 * samdump' tool. */
	if (*pac_kdc_key == 0) {
		krbtgt_bytes = NULL;
	} else {
		krbtgt_bytes = smbpasswd_gethexpwd(mem_ctx, pac_kdc_key);
		if (!krbtgt_bytes) {
			torture_fail(tctx, "(saved test) Could not interpret krbtgt key");
		}
	}

	krbsrv_bytes = smbpasswd_gethexpwd(mem_ctx, pac_member_key);
	if (!krbsrv_bytes) {
		torture_fail(tctx, "(saved test) Could not interpret krbsrv key");
	}

	ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
				 ENCTYPE_ARCFOUR_HMAC,
				 krbsrv_bytes->hash, sizeof(krbsrv_bytes->hash),
				 &server_keyblock);
	torture_assert(tctx, !ret,
		       talloc_asprintf(tctx,
				       "(saved test) Server Keyblock encoding failed: %s", 
				       smb_get_krb5_error_message(smb_krb5_context->krb5_context, 
								  ret, mem_ctx)));

	if (krbtgt_bytes) {
		ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
					 ENCTYPE_ARCFOUR_HMAC,
					 krbtgt_bytes->hash, sizeof(krbtgt_bytes->hash),
					 &krbtgt_keyblock);
		if (ret) {
			krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
						    &server_keyblock);
			torture_fail(tctx, 
				     talloc_asprintf(tctx, 
						     "(saved test) Server Keyblock encoding failed: %s", 
						     smb_get_krb5_error_message(smb_krb5_context->krb5_context, 
										ret, mem_ctx)));
		}
		krbtgt_keyblock_p = &krbtgt_keyblock;
	} else {
		krbtgt_keyblock_p = NULL;
	}

	pac_file = torture_setting_string(tctx, "pac_file", NULL);
	if (pac_file) {
		tmp_blob.data = (uint8_t *)file_load(pac_file, &tmp_blob.length, 0, mem_ctx);
		torture_comment(tctx, "(saved test) Loaded pac of size %ld from %s\n", (long)tmp_blob.length, pac_file);
	} else {
		tmp_blob = data_blob_talloc(mem_ctx, saved_pac, sizeof(saved_pac));
	}
	
	dump_data(10,tmp_blob.data,tmp_blob.length);

	principal_string = torture_setting_string(tctx, "pac_client_principal", 
						  "[email protected]");

	authtime_string = torture_setting_string(tctx, "pac_authtime", "1120440609");
	authtime = strtoull(authtime_string, NULL, 0);

	ret = krb5_parse_name(smb_krb5_context->krb5_context, principal_string, 
			      &client_principal);
	if (ret) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		torture_fail(tctx,  
			     talloc_asprintf(tctx, 
					     "(saved test) parsing of client principal [%s] failed: %s", 
					     principal_string, 
					     smb_get_krb5_error_message(smb_krb5_context->krb5_context, ret, mem_ctx)));
	}

	/* Decode and verify the signaure on the PAC */
	nt_status = kerberos_decode_pac(mem_ctx, 
					lp_iconv_convenience(tctx->lp_ctx),
					&pac_data,
					tmp_blob,
					smb_krb5_context->krb5_context,
					krbtgt_keyblock_p,
					&server_keyblock, 
					client_principal, authtime, NULL);
	if (!NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
		
		torture_fail(tctx, talloc_asprintf(tctx, 
						   "(saved test) PAC decoding failed: %s", 
						   nt_errstr(nt_status)));
	}

	/* Now check we can read it back (using Heimdal's pac parsing) */
	nt_status = kerberos_pac_blob_to_server_info(mem_ctx, 
						     lp_iconv_convenience(tctx->lp_ctx),
						     tmp_blob, 
						     smb_krb5_context->krb5_context,
						     &server_info_out);

	if (!NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
		
		torture_fail(tctx, talloc_asprintf(tctx, 
						   "(saved test) Heimdal PAC decoding failed: %s", 
						   nt_errstr(nt_status)));
	}

	if (!pac_file &&
	    !dom_sid_equal(dom_sid_parse_talloc(mem_ctx, 
						"S-1-5-21-3048156945-3961193616-3706469200-1005"), 
			   server_info_out->account_sid)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		torture_fail(tctx,  
			     talloc_asprintf(tctx, 
					     "(saved test) Heimdal PAC Decode resulted in *different* domain SID: %s != %s",
					     "S-1-5-21-3048156945-3961193616-3706469200-1005", 
					     dom_sid_string(mem_ctx, server_info_out->account_sid)));
	}

	talloc_free(server_info_out);

	/* Parse the PAC again, for the logon info this time (using Samba4's parsing) */
	nt_status = kerberos_pac_logon_info(mem_ctx, 
					    lp_iconv_convenience(tctx->lp_ctx),
					    &logon_info,
					    tmp_blob,
					    smb_krb5_context->krb5_context,
					    krbtgt_keyblock_p,
					    &server_keyblock,
					    client_principal, authtime, NULL);

	if (!NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
	
		torture_fail(tctx,  
			     talloc_asprintf(tctx, 
					     "(saved test) PAC decoding (for logon info) failed: %s", 
					     nt_errstr(nt_status)));
	}

	validation.sam3 = &logon_info->info3;
	nt_status = make_server_info_netlogon_validation(mem_ctx,
							 "",
							 3, &validation,
							 &server_info_out); 
	if (!NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		torture_fail(tctx,  
			     talloc_asprintf(tctx, 
					     "(saved test) PAC decoding (make server info) failed: %s", 
					     nt_errstr(nt_status)));
	}

	if (!pac_file &&
	    !dom_sid_equal(dom_sid_parse_talloc(mem_ctx, 
						"S-1-5-21-3048156945-3961193616-3706469200-1005"), 
			   server_info_out->account_sid)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		torture_fail(tctx,  
			     talloc_asprintf(tctx, 
					     "(saved test) PAC Decode resulted in *different* domain SID: %s != %s",
					     "S-1-5-21-3048156945-3961193616-3706469200-1005", 
					     dom_sid_string(mem_ctx, server_info_out->account_sid)));
	}

	if (krbtgt_bytes == NULL) {
		torture_comment(tctx, "skipping PAC encoding tests as non kdc key\n");
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
		return true;
	}

	ret = kerberos_encode_pac(mem_ctx, 
				  lp_iconv_convenience(tctx->lp_ctx),
				  pac_data,
				  smb_krb5_context->krb5_context,
				  krbtgt_keyblock_p,
				  &server_keyblock,
				  &validate_blob);

	if (ret != 0) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		torture_fail(tctx, "(saved test) PAC push failed");
	}

	dump_data(10, validate_blob.data, validate_blob.length);

	/* compare both the length and the data bytes after a
	 * pull/push cycle.  This ensures we use the exact same
	 * pointer, padding etc algorithms as win2k3.
	 */
	if (tmp_blob.length != validate_blob.length) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		torture_fail(tctx, 
			     talloc_asprintf(tctx, 
					     "(saved test) PAC push failed: original buffer length[%u] != created buffer length[%u]",
					     (unsigned)tmp_blob.length, (unsigned)validate_blob.length));
	}

	if (memcmp(tmp_blob.data, validate_blob.data, tmp_blob.length) != 0) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		DEBUG(0, ("tmp_data:\n"));
		dump_data(0, tmp_blob.data, tmp_blob.length);
		DEBUG(0, ("validate_blob:\n"));
		dump_data(0, validate_blob.data, validate_blob.length);

		torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC push failed: length[%u] matches, but data does not", (unsigned)tmp_blob.length));
	}

	ret = kerberos_create_pac(mem_ctx, 
				  lp_iconv_convenience(tctx->lp_ctx),
				  server_info_out,
				  smb_krb5_context->krb5_context,
				  krbtgt_keyblock_p,
				  &server_keyblock,
				  client_principal, authtime,
				  &validate_blob);

	if (ret != 0) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		torture_fail(tctx, "(saved test) regnerated PAC create failed");
	}

	dump_data(10,validate_blob.data,validate_blob.length);

	/* compare both the length and the data bytes after a
	 * pull/push cycle.  This ensures we use the exact same
	 * pointer, padding etc algorithms as win2k3.
	 */
	if (tmp_blob.length != validate_blob.length) {
		ndr_err = ndr_pull_struct_blob(&validate_blob, mem_ctx, 
					       lp_iconv_convenience(tctx->lp_ctx), &pac_data2,
					       (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA);
		nt_status = ndr_map_error2ntstatus(ndr_err);
		torture_assert_ntstatus_ok(tctx, nt_status, "can't parse the PAC");
		
		NDR_PRINT_DEBUG(PAC_DATA, pac_data);

		NDR_PRINT_DEBUG(PAC_DATA, &pac_data2);

		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		torture_fail(tctx, talloc_asprintf(tctx, 
						   "(saved test) PAC regenerate failed: original buffer length[%u] != created buffer length[%u]",
						   (unsigned)tmp_blob.length, (unsigned)validate_blob.length));
	}

	if (memcmp(tmp_blob.data, validate_blob.data, tmp_blob.length) != 0) {
		ndr_err = ndr_pull_struct_blob(&validate_blob, mem_ctx, 
					       lp_iconv_convenience(tctx->lp_ctx), &pac_data2,
					       (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA);
		nt_status = ndr_map_error2ntstatus(ndr_err);
		torture_assert_ntstatus_ok(tctx, nt_status, "can't parse the PAC");
		
		NDR_PRINT_DEBUG(PAC_DATA, pac_data);

		NDR_PRINT_DEBUG(PAC_DATA, &pac_data2);

		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

		DEBUG(0, ("tmp_data:\n"));
		dump_data(0, tmp_blob.data, tmp_blob.length);
		DEBUG(0, ("validate_blob:\n"));
		dump_data(0, validate_blob.data, validate_blob.length);

		torture_fail(tctx, talloc_asprintf(tctx, 
						   "(saved test) PAC regenerate failed: length[%u] matches, but data does not", (unsigned)tmp_blob.length));
	}

	/* Break the auth time, to ensure we check this vital detail (not setting this caused all the pain in the first place... */
	nt_status = kerberos_decode_pac(mem_ctx, 
					lp_iconv_convenience(tctx->lp_ctx),
					&pac_data,
					tmp_blob,
					smb_krb5_context->krb5_context,
					krbtgt_keyblock_p,
					&server_keyblock,
					client_principal, 
					authtime + 1, NULL);
	if (NT_STATUS_IS_OK(nt_status)) {

		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
		torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on broken auth time (time + 1)");
	}

	/* Break the client principal */
	krb5_free_principal(smb_krb5_context->krb5_context, client_principal);

	broken_principal_string = talloc_strdup(mem_ctx, principal_string);
	broken_principal_string[0]++;

	ret = krb5_parse_name(smb_krb5_context->krb5_context,
			      broken_principal_string, &client_principal);
	if (ret) {

		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		torture_fail(tctx, talloc_asprintf(tctx, 
						   "(saved test) parsing of broken client principal failed: %s", 
						   smb_get_krb5_error_message(smb_krb5_context->krb5_context, ret, mem_ctx)));
	}

	nt_status = kerberos_decode_pac(mem_ctx, 
					lp_iconv_convenience(tctx->lp_ctx),
					&pac_data,
					tmp_blob,
					smb_krb5_context->krb5_context,
					krbtgt_keyblock_p,
					&server_keyblock,
					client_principal, 
					authtime, NULL);
	if (NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on modified principal");
	}

	/* Finally...  Bugger up the signature, and check we fail the checksum */
	tmp_blob.data[tmp_blob.length - 2]++;

	nt_status = kerberos_decode_pac(mem_ctx, 
					lp_iconv_convenience(tctx->lp_ctx),
					&pac_data,
					tmp_blob,
					smb_krb5_context->krb5_context,
					krbtgt_keyblock_p,
					&server_keyblock,
					client_principal, 
					authtime, NULL);
	if (NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    krbtgt_keyblock_p);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on broken checksum");
	}

	krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
				    krbtgt_keyblock_p);
	krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
				    &server_keyblock);
	return true;
}
コード例 #26
0
ファイル: pac.c プロジェクト: 0x24bin/winexe-1
static bool torture_pac_self_check(struct torture_context *tctx)
{
	NTSTATUS nt_status;
	DATA_BLOB tmp_blob;
	struct PAC_DATA *pac_data;
	struct PAC_LOGON_INFO *logon_info;
	union netr_Validation validation;

	/* Generate a nice, arbitary keyblock */
	uint8_t server_bytes[16];
	uint8_t krbtgt_bytes[16];
	krb5_keyblock server_keyblock;
	krb5_keyblock krbtgt_keyblock;
	
	krb5_error_code ret;

	struct smb_krb5_context *smb_krb5_context;

	struct auth_serversupplied_info *server_info;
	struct auth_serversupplied_info *server_info_out;

	krb5_principal client_principal;
	time_t logon_time = time(NULL);

	TALLOC_CTX *mem_ctx = tctx;

	torture_assert(tctx, 0 == smb_krb5_init_context(mem_ctx, 
							NULL,
							tctx->lp_ctx,
							&smb_krb5_context), 
		       "smb_krb5_init_context");

	generate_random_buffer(server_bytes, 16);
	generate_random_buffer(krbtgt_bytes, 16);

	ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
				 ENCTYPE_ARCFOUR_HMAC,
				 server_bytes, sizeof(server_bytes),
				 &server_keyblock);
	torture_assert(tctx, !ret, talloc_asprintf(tctx, 
						   "(self test) Server Keyblock encoding failed: %s", 
						   smb_get_krb5_error_message(smb_krb5_context->krb5_context, 
									      ret, mem_ctx)));

	ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
				 ENCTYPE_ARCFOUR_HMAC,
				 krbtgt_bytes, sizeof(krbtgt_bytes),
				 &krbtgt_keyblock);
	if (ret) {
		char *err = smb_get_krb5_error_message(smb_krb5_context->krb5_context, 
						       ret, mem_ctx);
	
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);

		torture_fail(tctx, talloc_asprintf(tctx, 
						   "(self test) KRBTGT Keyblock encoding failed: %s", err));
	}

	/* We need an input, and this one requires no underlying database */
	nt_status = auth_anonymous_server_info(mem_ctx, lp_netbios_name(tctx->lp_ctx), &server_info);

	if (!NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &krbtgt_keyblock);
		torture_fail(tctx, "auth_anonymous_server_info");
	}

	ret = krb5_parse_name_flags(smb_krb5_context->krb5_context, 
				    server_info->account_name, 
				    KRB5_PRINCIPAL_PARSE_NO_REALM, 
				    &client_principal);
	if (ret) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &krbtgt_keyblock);
		torture_fail(tctx, "krb5_parse_name_flags(norealm)");
	}

	/* OK, go ahead and make a PAC */
	ret = kerberos_create_pac(mem_ctx, 
				  lp_iconv_convenience(tctx->lp_ctx),
				  server_info, 
				  smb_krb5_context->krb5_context,  
				  &krbtgt_keyblock,
				  &server_keyblock,
				  client_principal,
				  logon_time,
				  &tmp_blob);
	
	if (ret) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &krbtgt_keyblock);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, 
				    client_principal);

		torture_fail(tctx, talloc_asprintf(tctx,
						   "(self test) PAC encoding failed: %s", 
						   smb_get_krb5_error_message(smb_krb5_context->krb5_context, 
									      ret, mem_ctx)));
	}

	dump_data(10,tmp_blob.data,tmp_blob.length);

	/* Now check that we can read it back (using full decode and validate) */
	nt_status = kerberos_decode_pac(mem_ctx, 
					lp_iconv_convenience(tctx->lp_ctx),
					&pac_data,
					tmp_blob,
					smb_krb5_context->krb5_context,
					&krbtgt_keyblock,
					&server_keyblock,
					client_principal, 
					logon_time, NULL);

	if (!NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &krbtgt_keyblock);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, 
				    client_principal);

		torture_fail(tctx, talloc_asprintf(tctx,
						   "(self test) PAC decoding failed: %s", 
						   nt_errstr(nt_status)));
	}

	/* Now check we can read it back (using Heimdal's pac parsing) */
	nt_status = kerberos_pac_blob_to_server_info(mem_ctx, 
						     lp_iconv_convenience(tctx->lp_ctx),
						     tmp_blob, 
						     smb_krb5_context->krb5_context,
						     &server_info_out);

	if (!dom_sid_equal(server_info->account_sid, 
			   server_info_out->account_sid)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &krbtgt_keyblock);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, 
				    client_principal);

		torture_fail(tctx,  
			     talloc_asprintf(tctx, 
					     "(self test) PAC Decode resulted in *different* domain SID: %s != %s",
					     dom_sid_string(mem_ctx, server_info->account_sid), 
					     dom_sid_string(mem_ctx, server_info_out->account_sid)));
	}
	talloc_free(server_info_out);

	/* Now check that we can read it back (yet again) */
	nt_status = kerberos_pac_logon_info(mem_ctx, 
					    lp_iconv_convenience(tctx->lp_ctx),
					    &logon_info,
					    tmp_blob,
					    smb_krb5_context->krb5_context,
					    &krbtgt_keyblock,
					    &server_keyblock,
					    client_principal, 
					    logon_time, 
					    NULL);
	
	if (!NT_STATUS_IS_OK(nt_status)) {
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &krbtgt_keyblock);
		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
					    &server_keyblock);
		krb5_free_principal(smb_krb5_context->krb5_context, 
				    client_principal);
		
		torture_fail(tctx,  
			     talloc_asprintf(tctx, 
					     "(self test) PAC decoding (for logon info) failed: %s", 
					     nt_errstr(nt_status)));
	}
	
	krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
				    &krbtgt_keyblock);
	krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
				    &server_keyblock);
	krb5_free_principal(smb_krb5_context->krb5_context, 
			    client_principal);

	/* And make a server info from the samba-parsed PAC */
	validation.sam3 = &logon_info->info3;
	nt_status = make_server_info_netlogon_validation(mem_ctx,
							 "",
							 3, &validation,
							 &server_info_out); 
	if (!NT_STATUS_IS_OK(nt_status)) {
		torture_fail(tctx, 
			     talloc_asprintf(tctx, 
					     "(self test) PAC decoding (make server info) failed: %s", 
					     nt_errstr(nt_status)));
	}
	
	if (!dom_sid_equal(server_info->account_sid, 
			   server_info_out->account_sid)) {
		torture_fail(tctx,  
			     talloc_asprintf(tctx, 
					     "(self test) PAC Decode resulted in *different* domain SID: %s != %s",
					     dom_sid_string(mem_ctx, server_info->account_sid), 
					     dom_sid_string(mem_ctx, server_info_out->account_sid)));
	}
	return true;
}
コード例 #27
0
ファイル: qfileinfo.c プロジェクト: DanilKorotenko/samba
/* basic testing of all RAW_FILEINFO_* calls 
   for each call we test that it succeeds, and where possible test 
   for consistency between the calls. 
*/
static bool torture_raw_qfileinfo_internals(struct torture_context *torture, 
					    TALLOC_CTX *mem_ctx, 	
					    struct smbcli_tree *tree, 
					    int fnum, const char *fname,
					    bool is_ipc)
{
	int i;
	bool ret = true;
	int count;
	union smb_fileinfo *s1, *s2;	
	NTTIME correct_time;
	uint64_t correct_size;
	uint32_t correct_attrib;
	const char *correct_name;
	bool skip_streams = false;

	/* scan all the fileinfo and pathinfo levels */
	for (i=0; levels[i].name; i++) {
		if (!levels[i].only_paths) {
			levels[i].fnum_finfo.generic.level = levels[i].level;
			levels[i].fnum_finfo.generic.in.file.fnum = fnum;
			levels[i].fnum_status = smb_raw_fileinfo(tree, mem_ctx, 
								 &levels[i].fnum_finfo);
		}

		if (!levels[i].only_handles) {
			levels[i].fname_finfo.generic.level = levels[i].level;
			levels[i].fname_finfo.generic.in.file.path = talloc_strdup(mem_ctx, fname);
			levels[i].fname_status = smb_raw_pathinfo(tree, mem_ctx, 
								  &levels[i].fname_finfo);
		}
	}

	/* check for completely broken levels */
	for (count=i=0; levels[i].name; i++) {
		uint32_t cap = tree->session->transport->negotiate.capabilities;
		/* see if this server claims to support this level */
		if ((cap & levels[i].capability_mask) != levels[i].capability_mask) {
			continue;
		}

		if (is_ipc) {
			if (levels[i].expected_ipc_access_denied && NT_STATUS_EQUAL(NT_STATUS_ACCESS_DENIED, levels[i].fname_status)) {
			} else if (!levels[i].only_handles &&
				   NT_STATUS_EQUAL(levels[i].fname_status,
				   NT_STATUS_NOT_SUPPORTED)) {
				torture_warning(torture, "fname level %s %s",
					levels[i].name,
					nt_errstr(levels[i].fname_status));
				continue;
			} else if (!levels[i].only_handles && !NT_STATUS_EQUAL(NT_STATUS_INVALID_DEVICE_REQUEST, levels[i].fname_status)) {
				printf("ERROR: fname level %s failed, expected NT_STATUS_INVALID_DEVICE_REQUEST - %s\n", 
				       levels[i].name, nt_errstr(levels[i].fname_status));
				count++;
			}
			if (!levels[i].only_paths &&
			   (NT_STATUS_EQUAL(levels[i].fnum_status,
			    NT_STATUS_NOT_SUPPORTED) ||
			    NT_STATUS_EQUAL(levels[i].fnum_status,
			    NT_STATUS_NOT_IMPLEMENTED))) {
				torture_warning(torture, "fnum level %s %s",
					levels[i].name,
					nt_errstr(levels[i].fnum_status));
				continue;
			}
			if (!levels[i].only_paths && !NT_STATUS_EQUAL(levels[i].expected_ipc_fnum_status, levels[i].fnum_status)) {
				printf("ERROR: fnum level %s failed, expected %s - %s\n", 
				       levels[i].name, nt_errstr(levels[i].expected_ipc_fnum_status), 
				       nt_errstr(levels[i].fnum_status));
				count++;
			}
		} else {
			if (!levels[i].only_paths &&
			   (NT_STATUS_EQUAL(levels[i].fnum_status,
			    NT_STATUS_NOT_SUPPORTED) ||
			    NT_STATUS_EQUAL(levels[i].fnum_status,
			    NT_STATUS_NOT_IMPLEMENTED))) {
				torture_warning(torture, "fnum level %s %s",
					levels[i].name,
					nt_errstr(levels[i].fnum_status));
				continue;
			}

			if (!levels[i].only_handles &&
			   (NT_STATUS_EQUAL(levels[i].fname_status,
			    NT_STATUS_NOT_SUPPORTED) ||
			    NT_STATUS_EQUAL(levels[i].fname_status,
			    NT_STATUS_NOT_IMPLEMENTED))) {
                                torture_warning(torture, "fname level %s %s",
					levels[i].name,
					nt_errstr(levels[i].fname_status));
				continue;
			}

			if (!levels[i].only_paths && !NT_STATUS_IS_OK(levels[i].fnum_status)) {
				printf("ERROR: fnum level %s failed - %s\n", 
				       levels[i].name, nt_errstr(levels[i].fnum_status));
				count++;
			}
			if (!levels[i].only_handles && !NT_STATUS_IS_OK(levels[i].fname_status)) {
				printf("ERROR: fname level %s failed - %s\n", 
				       levels[i].name, nt_errstr(levels[i].fname_status));
				count++;
			}
		}
		
	}

	if (count != 0) {
		ret = false;
		printf("%d levels failed\n", count);
		if (count > 35) {
			torture_fail(torture, "too many level failures - giving up");
		}
	}

	/* see if we can do streams */
	s1 = fnum_find("STREAM_INFO");
	if (!s1 || s1->stream_info.out.num_streams == 0) {
		if (!is_ipc) {
			printf("STREAM_INFO broken (%d) - skipping streams checks\n",
			       s1 ? s1->stream_info.out.num_streams : -1);
		}
		skip_streams = true;
	}	


	/* this code is incredibly repititive but doesn't lend itself to loops, so
	   we use lots of macros to make it less painful */

	/* first off we check the levels that are supposed to be aliases. It will be quite rare for 
	   this code to fail, but we need to check it for completeness */



#define ALIAS_CHECK(sname1, sname2) \
	do { \
		s1 = fnum_find(sname1);	 s2 = fnum_find(sname2); \
		if (s1 && s2) { INFO_CHECK } \
		s1 = fname_find(is_ipc, sname1); s2 = fname_find(is_ipc, sname2); \
		if (s1 && s2) { INFO_CHECK } \
		s1 = fnum_find(sname1);	 s2 = fname_find(is_ipc, sname2); \
		if (s1 && s2) { INFO_CHECK } \
	} while (0)

#define INFO_CHECK \
		STRUCT_EQUAL(basic_info,  create_time, basic_info, create_time); \
		STRUCT_EQUAL(basic_info,  access_time, basic_info, access_time); \
		STRUCT_EQUAL(basic_info,  write_time,  basic_info, write_time); \
		STRUCT_EQUAL(basic_info,  change_time, basic_info, change_time); \
		VAL_EQUAL   (basic_info,  attrib,      basic_info, attrib);

	ALIAS_CHECK("BASIC_INFO", "BASIC_INFORMATION");

#undef INFO_CHECK
#define INFO_CHECK \
		VAL_EQUAL(standard_info,  alloc_size,     standard_info, alloc_size); \
		VAL_EQUAL(standard_info,  size,           standard_info, size); \
		VAL_EQUAL(standard_info,  nlink,          standard_info, nlink); \
		VAL_EQUAL(standard_info,  delete_pending, standard_info, delete_pending); \
		VAL_EQUAL(standard_info,  directory,      standard_info, directory);

	ALIAS_CHECK("STANDARD_INFO", "STANDARD_INFORMATION");

#undef INFO_CHECK
#define INFO_CHECK \
		VAL_EQUAL(ea_info,  ea_size,     ea_info, ea_size);

	ALIAS_CHECK("EA_INFO", "EA_INFORMATION");

#undef INFO_CHECK
#define INFO_CHECK \
		STR_EQUAL(name_info,  fname,   name_info, fname);

	ALIAS_CHECK("NAME_INFO", "NAME_INFORMATION");

#undef INFO_CHECK
#define INFO_CHECK \
		STRUCT_EQUAL(all_info,  create_time,           all_info, create_time); \
		STRUCT_EQUAL(all_info,  access_time,           all_info, access_time); \
		STRUCT_EQUAL(all_info,  write_time,            all_info, write_time); \
		STRUCT_EQUAL(all_info,  change_time,           all_info, change_time); \
		   VAL_EQUAL(all_info,  attrib,                all_info, attrib); \
		   VAL_EQUAL(all_info,  alloc_size,            all_info, alloc_size); \
		   VAL_EQUAL(all_info,  size,                  all_info, size); \
		   VAL_EQUAL(all_info,  nlink,                 all_info, nlink); \
		   VAL_EQUAL(all_info,  delete_pending,        all_info, delete_pending); \
		   VAL_EQUAL(all_info,  directory,             all_info, directory); \
		   VAL_EQUAL(all_info,  ea_size,               all_info, ea_size); \
		   STR_EQUAL(all_info,  fname,                 all_info, fname);

	ALIAS_CHECK("ALL_INFO", "ALL_INFORMATION");

#undef INFO_CHECK
#define INFO_CHECK \
		VAL_EQUAL(compression_info, compressed_size,compression_info, compressed_size); \
		VAL_EQUAL(compression_info, format,         compression_info, format); \
		VAL_EQUAL(compression_info, unit_shift,     compression_info, unit_shift); \
		VAL_EQUAL(compression_info, chunk_shift,    compression_info, chunk_shift); \
		VAL_EQUAL(compression_info, cluster_shift,  compression_info, cluster_shift);

	ALIAS_CHECK("COMPRESSION_INFO", "COMPRESSION_INFORMATION");


#undef INFO_CHECK
#define INFO_CHECK \
		STR_EQUAL(alt_name_info,  fname,   alt_name_info, fname);

	ALIAS_CHECK("ALT_NAME_INFO", "ALT_NAME_INFORMATION");


#define TIME_CHECK_NT(sname, stype, tfield) do { \
	s1 = fnum_find(sname); \
	if (s1 && memcmp(&s1->stype.out.tfield, &correct_time, sizeof(correct_time)) != 0) { \
		printf("(%d) handle %s/%s incorrect - %s should be %s\n", __LINE__, #stype, #tfield,  \
		       nt_time_string(mem_ctx, s1->stype.out.tfield), \
		       nt_time_string(mem_ctx, correct_time)); \
		ret = false; \
	} \
	s1 = fname_find(is_ipc, sname); \
	if (s1 && memcmp(&s1->stype.out.tfield, &correct_time, sizeof(correct_time)) != 0) { \
		printf("(%d) path %s/%s incorrect - %s should be %s\n", __LINE__, #stype, #tfield,  \
		       nt_time_string(mem_ctx, s1->stype.out.tfield), \
		       nt_time_string(mem_ctx, correct_time)); \
		ret = false; \
	}} while (0)

#define TIME_CHECK_DOS(sname, stype, tfield) do { \
	s1 = fnum_find(sname); \
	if (s1 && dos_nt_time_cmp(s1->stype.out.tfield, correct_time) != 0) { \
		printf("(%d) handle %s/%s incorrect - %s should be %s\n", __LINE__, #stype, #tfield,  \
		       timestring(mem_ctx, s1->stype.out.tfield), \
		       nt_time_string(mem_ctx, correct_time)); \
		ret = false; \
	} \
	s1 = fname_find(is_ipc, sname); \
	if (s1 && dos_nt_time_cmp(s1->stype.out.tfield, correct_time) != 0) { \
		printf("(%d) path %s/%s incorrect - %s should be %s\n", __LINE__, #stype, #tfield,  \
		       timestring(mem_ctx, s1->stype.out.tfield), \
		       nt_time_string(mem_ctx, correct_time)); \
		ret = false; \
	}} while (0)

#if 0 /* unused */
#define TIME_CHECK_UNX(sname, stype, tfield) do { \
	s1 = fnum_find(sname); \
	if (s1 && unx_nt_time_cmp(s1->stype.out.tfield, correct_time) != 0) { \
		printf("(%d) handle %s/%s incorrect - %s should be %s\n", __LINE__, #stype, #tfield,  \
		       timestring(mem_ctx, s1->stype.out.tfield), \
		       nt_time_string(mem_ctx, correct_time)); \
		ret = false; \
	} \
	s1 = fname_find(is_ipc, sname); \
	if (s1 && unx_nt_time_cmp(s1->stype.out.tfield, correct_time) != 0) { \
		printf("(%d) path %s/%s incorrect - %s should be %s\n", __LINE__, #stype, #tfield,  \
		       timestring(mem_ctx, s1->stype.out.tfield), \
		       nt_time_string(mem_ctx, correct_time)); \
		ret = false; \
	}} while (0)
#endif

	/* now check that all the times that are supposed to be equal are correct */
	s1 = fnum_find("BASIC_INFO");
	correct_time = s1->basic_info.out.create_time;
	torture_comment(torture, "create_time: %s\n", nt_time_string(mem_ctx, correct_time));

	TIME_CHECK_NT ("BASIC_INFO",               basic_info, create_time);
	TIME_CHECK_NT ("BASIC_INFORMATION",        basic_info, create_time);
	TIME_CHECK_DOS("GETATTRE",                 getattre,   create_time);
	TIME_CHECK_DOS("STANDARD",                 standard,   create_time);
	TIME_CHECK_DOS("EA_SIZE",                  ea_size,    create_time);
	TIME_CHECK_NT ("ALL_INFO",                 all_info,   create_time);
	TIME_CHECK_NT ("NETWORK_OPEN_INFORMATION", network_open_information, create_time);

	s1 = fnum_find("BASIC_INFO");
	correct_time = s1->basic_info.out.access_time;
	torture_comment(torture, "access_time: %s\n", nt_time_string(mem_ctx, correct_time));

	TIME_CHECK_NT ("BASIC_INFO",               basic_info, access_time);
	TIME_CHECK_NT ("BASIC_INFORMATION",        basic_info, access_time);
	TIME_CHECK_DOS("GETATTRE",                 getattre,   access_time);
	TIME_CHECK_DOS("STANDARD",                 standard,   access_time);
	TIME_CHECK_DOS("EA_SIZE",                  ea_size,    access_time);
	TIME_CHECK_NT ("ALL_INFO",                 all_info,   access_time);
	TIME_CHECK_NT ("NETWORK_OPEN_INFORMATION", network_open_information, access_time);

	s1 = fnum_find("BASIC_INFO");
	correct_time = s1->basic_info.out.write_time;
	torture_comment(torture, "write_time : %s\n", nt_time_string(mem_ctx, correct_time));

	TIME_CHECK_NT ("BASIC_INFO",               basic_info, write_time);
	TIME_CHECK_NT ("BASIC_INFORMATION",        basic_info, write_time);
	TIME_CHECK_DOS("GETATTR",                  getattr,    write_time);
	TIME_CHECK_DOS("GETATTRE",                 getattre,   write_time);
	TIME_CHECK_DOS("STANDARD",                 standard,   write_time);
	TIME_CHECK_DOS("EA_SIZE",                  ea_size,    write_time);
	TIME_CHECK_NT ("ALL_INFO",                 all_info,   write_time);
	TIME_CHECK_NT ("NETWORK_OPEN_INFORMATION", network_open_information, write_time);

	s1 = fnum_find("BASIC_INFO");
	correct_time = s1->basic_info.out.change_time;
	torture_comment(torture, "change_time: %s\n", nt_time_string(mem_ctx, correct_time));

	TIME_CHECK_NT ("BASIC_INFO",               basic_info, change_time);
	TIME_CHECK_NT ("BASIC_INFORMATION",        basic_info, change_time);
	TIME_CHECK_NT ("ALL_INFO",                 all_info,   change_time);
	TIME_CHECK_NT ("NETWORK_OPEN_INFORMATION", network_open_information, change_time);


#define SIZE_CHECK(sname, stype, tfield) do { \
	s1 = fnum_find(sname); \
	if (s1 && s1->stype.out.tfield != correct_size) { \
		printf("(%d) handle %s/%s incorrect - %u should be %u\n", __LINE__, #stype, #tfield,  \
		       (unsigned int)s1->stype.out.tfield, \
		       (unsigned int)correct_size); \
		ret = false; \
	} \
	s1 = fname_find(is_ipc, sname); \
	if (s1 && s1->stype.out.tfield != correct_size) { \
		printf("(%d) path %s/%s incorrect - %u should be %u\n", __LINE__, #stype, #tfield,  \
		       (unsigned int)s1->stype.out.tfield, \
		       (unsigned int)correct_size); \
		ret = false; \
	}} while (0)

	s1 = fnum_find("STANDARD_INFO");
	correct_size = s1->standard_info.out.size;
	torture_comment(torture, "size: %u\n", (unsigned int)correct_size);
	
	SIZE_CHECK("GETATTR",                  getattr,                  size);
	SIZE_CHECK("GETATTRE",                 getattre,                 size);
	SIZE_CHECK("STANDARD",                 standard,                 size);
	SIZE_CHECK("EA_SIZE",                  ea_size,                  size);
	SIZE_CHECK("STANDARD_INFO",            standard_info,            size);
	SIZE_CHECK("STANDARD_INFORMATION",     standard_info,            size);
	SIZE_CHECK("ALL_INFO",                 all_info,                 size);
	SIZE_CHECK("ALL_INFORMATION",          all_info,                 size);
	SIZE_CHECK("COMPRESSION_INFO",         compression_info,         compressed_size);
	SIZE_CHECK("COMPRESSION_INFORMATION",  compression_info,         compressed_size);
	SIZE_CHECK("NETWORK_OPEN_INFORMATION", network_open_information, size);
	if (!skip_streams) {
		SIZE_CHECK("STREAM_INFO",              stream_info,   streams[0].size);
		SIZE_CHECK("STREAM_INFORMATION",       stream_info,   streams[0].size);
	}


	s1 = fnum_find("STANDARD_INFO");
	correct_size = s1->standard_info.out.alloc_size;
	torture_comment(torture, "alloc_size: %u\n", (unsigned int)correct_size);
	
	SIZE_CHECK("GETATTRE",                 getattre,                 alloc_size);
	SIZE_CHECK("STANDARD",                 standard,                 alloc_size);
	SIZE_CHECK("EA_SIZE",                  ea_size,                  alloc_size);
	SIZE_CHECK("STANDARD_INFO",            standard_info,            alloc_size);
	SIZE_CHECK("STANDARD_INFORMATION",     standard_info,            alloc_size);
	SIZE_CHECK("ALL_INFO",                 all_info,                 alloc_size);
	SIZE_CHECK("ALL_INFORMATION",          all_info,                 alloc_size);
	SIZE_CHECK("NETWORK_OPEN_INFORMATION", network_open_information, alloc_size);
	if (!skip_streams) {
		SIZE_CHECK("STREAM_INFO",              stream_info,   streams[0].alloc_size);
		SIZE_CHECK("STREAM_INFORMATION",       stream_info,   streams[0].alloc_size);
	}

#define ATTRIB_CHECK(sname, stype, tfield) do { \
	s1 = fnum_find(sname); \
	if (s1 && s1->stype.out.tfield != correct_attrib) { \
		printf("(%d) handle %s/%s incorrect - 0x%x should be 0x%x\n", __LINE__, #stype, #tfield,  \
		       (unsigned int)s1->stype.out.tfield, \
		       (unsigned int)correct_attrib); \
		ret = false; \
	} \
	s1 = fname_find(is_ipc, sname); \
	if (s1 && s1->stype.out.tfield != correct_attrib) { \
		printf("(%d) path %s/%s incorrect - 0x%x should be 0x%x\n", __LINE__, #stype, #tfield,  \
		       (unsigned int)s1->stype.out.tfield, \
		       (unsigned int)correct_attrib); \
		ret = false; \
	}} while (0)

	s1 = fnum_find("BASIC_INFO");
	correct_attrib = s1->basic_info.out.attrib;
	torture_comment(torture, "attrib: 0x%x\n", (unsigned int)correct_attrib);
	
	ATTRIB_CHECK("GETATTR",                   getattr,                   attrib);
	if (!is_ipc) {
		ATTRIB_CHECK("GETATTRE",                  getattre,                  attrib);
		ATTRIB_CHECK("STANDARD",                  standard,                  attrib);
		ATTRIB_CHECK("EA_SIZE",                   ea_size,                   attrib);
	}
	ATTRIB_CHECK("BASIC_INFO",                basic_info,                attrib);
	ATTRIB_CHECK("BASIC_INFORMATION",         basic_info,                attrib);
	ATTRIB_CHECK("ALL_INFO",                  all_info,                  attrib);
	ATTRIB_CHECK("ALL_INFORMATION",           all_info,                  attrib);
	ATTRIB_CHECK("NETWORK_OPEN_INFORMATION",  network_open_information,  attrib);
	ATTRIB_CHECK("ATTRIBUTE_TAG_INFORMATION", attribute_tag_information, attrib);

	correct_name = fname;
	torture_comment(torture, "name: %s\n", correct_name);

#define NAME_CHECK(sname, stype, tfield, flags) do { \
	s1 = fnum_find(sname); \
	if (s1 && (strcmp_safe(s1->stype.out.tfield.s, correct_name) != 0 || \
	    		wire_bad_flags(&s1->stype.out.tfield, flags, tree->session->transport))) { \
		printf("(%d) handle %s/%s incorrect - '%s/%d'\n", __LINE__, #stype, #tfield,  \
		       s1->stype.out.tfield.s, s1->stype.out.tfield.private_length); \
		ret = false; \
	} \
	s1 = fname_find(is_ipc, sname); \
	if (s1 && (strcmp_safe(s1->stype.out.tfield.s, correct_name) != 0 || \
	    		wire_bad_flags(&s1->stype.out.tfield, flags, tree->session->transport))) { \
		printf("(%d) path %s/%s incorrect - '%s/%d'\n", __LINE__, #stype, #tfield,  \
		       s1->stype.out.tfield.s, s1->stype.out.tfield.private_length); \
		ret = false; \
	}} while (0)

	NAME_CHECK("NAME_INFO",        name_info, fname, STR_UNICODE);
	NAME_CHECK("NAME_INFORMATION", name_info, fname, STR_UNICODE);

	/* the ALL_INFO file name is the full path on the filesystem */
	s1 = fnum_find("ALL_INFO");
	if (s1 && !s1->all_info.out.fname.s) {
		torture_fail(torture, "ALL_INFO didn't give a filename");
	}
	if (s1 && s1->all_info.out.fname.s) {
		char *p = strrchr(s1->all_info.out.fname.s, '\\');
		if (!p) {
			printf("Not a full path in all_info/fname? - '%s'\n", 
			       s1->all_info.out.fname.s);
			ret = false;
		} else {
			if (strcmp_safe(correct_name, p) != 0) {
				printf("incorrect basename in all_info/fname - '%s'\n",
				       s1->all_info.out.fname.s);
				ret = false;
			}
		}
		if (wire_bad_flags(&s1->all_info.out.fname, STR_UNICODE, tree->session->transport)) {
			printf("Should not null terminate all_info/fname\n");
			ret = false;
		}
	}

	s1 = fnum_find("ALT_NAME_INFO");
	if (s1) {
		correct_name = s1->alt_name_info.out.fname.s;
	}

	if (!correct_name) {
		torture_comment(torture, "no alternate name information\n");
	} else {
		torture_comment(torture, "alt_name: %s\n", correct_name);
		
		NAME_CHECK("ALT_NAME_INFO",        alt_name_info, fname, STR_UNICODE);
		NAME_CHECK("ALT_NAME_INFORMATION", alt_name_info, fname, STR_UNICODE);
		
		/* and make sure we can open by alternate name */
		smbcli_close(tree, fnum);
		fnum = smbcli_nt_create_full(tree, correct_name, 0, 
					     SEC_RIGHTS_FILE_ALL,
					     FILE_ATTRIBUTE_NORMAL,
					     NTCREATEX_SHARE_ACCESS_DELETE|
					     NTCREATEX_SHARE_ACCESS_READ|
					     NTCREATEX_SHARE_ACCESS_WRITE, 
					     NTCREATEX_DISP_OVERWRITE_IF, 
					     0, 0);
		if (fnum == -1) {
			printf("Unable to open by alt_name - %s\n", smbcli_errstr(tree));
			ret = false;
		}
		
		if (!skip_streams) {
			correct_name = "::$DATA";
			torture_comment(torture, "stream_name: %s\n", correct_name);
			
			NAME_CHECK("STREAM_INFO",        stream_info, streams[0].stream_name, STR_UNICODE);
			NAME_CHECK("STREAM_INFORMATION", stream_info, streams[0].stream_name, STR_UNICODE);
		}
	}
		
	/* make sure the EAs look right */
	s1 = fnum_find("ALL_EAS");
	s2 = fnum_find("ALL_INFO");
	if (s1) {
		for (i=0;i<s1->all_eas.out.num_eas;i++) {
			printf("  flags=%d %s=%*.*s\n", 
			       s1->all_eas.out.eas[i].flags,
			       s1->all_eas.out.eas[i].name.s,
			       (int)s1->all_eas.out.eas[i].value.length,
			       (int)s1->all_eas.out.eas[i].value.length,
			       s1->all_eas.out.eas[i].value.data);
		}
	}
	if (s1 && s2) {
		if (s1->all_eas.out.num_eas == 0) {
			if (s2->all_info.out.ea_size != 0) {
				printf("ERROR: num_eas==0 but fnum all_info.out.ea_size == %d\n",
				       s2->all_info.out.ea_size);
			}
		} else {
			if (s2->all_info.out.ea_size != 
			    ea_list_size(s1->all_eas.out.num_eas, s1->all_eas.out.eas)) {
				printf("ERROR: ea_list_size=%d != fnum all_info.out.ea_size=%d\n",
				       (int)ea_list_size(s1->all_eas.out.num_eas, s1->all_eas.out.eas),
				       (int)s2->all_info.out.ea_size);
			}
		}
	}
	s2 = fname_find(is_ipc, "ALL_EAS");
	if (s2) {
		VAL_EQUAL(all_eas, num_eas, all_eas, num_eas);
		for (i=0;i<s1->all_eas.out.num_eas;i++) {
			VAL_EQUAL(all_eas, eas[i].flags, all_eas, eas[i].flags);
			STR_EQUAL(all_eas, eas[i].name, all_eas, eas[i].name);
			VAL_EQUAL(all_eas, eas[i].value.length, all_eas, eas[i].value.length);
		}
	}

#define VAL_CHECK(sname1, stype1, tfield1, sname2, stype2, tfield2) do { \
	s1 = fnum_find(sname1); s2 = fnum_find(sname2); \
	if (s1 && s2 && s1->stype1.out.tfield1 != s2->stype2.out.tfield2) { \
		printf("(%d) handle %s/%s != %s/%s - 0x%x vs 0x%x\n", __LINE__, \
                       #stype1, #tfield1, #stype2, #tfield2,  \
		       s1->stype1.out.tfield1, s2->stype2.out.tfield2); \
		ret = false; \
	} \
	s1 = fname_find(is_ipc, sname1); s2 = fname_find(is_ipc, sname2); \
	if (s1 && s2 && s1->stype1.out.tfield1 != s2->stype2.out.tfield2) { \
		printf("(%d) path %s/%s != %s/%s - 0x%x vs 0x%x\n", __LINE__, \
                       #stype1, #tfield1, #stype2, #tfield2,  \
		       s1->stype1.out.tfield1, s2->stype2.out.tfield2); \
		ret = false; \
	} \
	s1 = fnum_find(sname1); s2 = fname_find(is_ipc, sname2); \
	if (s1 && s2 && s1->stype1.out.tfield1 != s2->stype2.out.tfield2) { \
		printf("(%d) handle %s/%s != path %s/%s - 0x%x vs 0x%x\n", __LINE__, \
                       #stype1, #tfield1, #stype2, #tfield2,  \
		       s1->stype1.out.tfield1, s2->stype2.out.tfield2); \
		ret = false; \
	} \
	s1 = fname_find(is_ipc, sname1); s2 = fnum_find(sname2); \
	if (s1 && s2 && s1->stype1.out.tfield1 != s2->stype2.out.tfield2) { \
		printf("(%d) path %s/%s != handle %s/%s - 0x%x vs 0x%x\n", __LINE__, \
                       #stype1, #tfield1, #stype2, #tfield2,  \
		       s1->stype1.out.tfield1, s2->stype2.out.tfield2); \
		ret = false; \
	}} while (0)

	VAL_CHECK("STANDARD_INFO", standard_info, delete_pending, 
		  "ALL_INFO",      all_info,      delete_pending);
	VAL_CHECK("STANDARD_INFO", standard_info, directory, 
		  "ALL_INFO",      all_info,      directory);
	VAL_CHECK("STANDARD_INFO", standard_info, nlink, 
		  "ALL_INFO",      all_info,      nlink);
	s1 = fnum_find("BASIC_INFO");
	if (s1 && is_ipc) {
		if (s1->basic_info.out.attrib != FILE_ATTRIBUTE_NORMAL) {
			printf("(%d) attrib basic_info/nlink incorrect - %d should be %d\n", __LINE__, s1->basic_info.out.attrib, (int)FILE_ATTRIBUTE_NORMAL);
			ret = false;
		}
	}
	s1 = fnum_find("STANDARD_INFO");
	if (s1 && is_ipc) {
		if (s1->standard_info.out.nlink != 1) {
			printf("(%d) nlinks standard_info/nlink incorrect - %d should be 1\n", __LINE__, s1->standard_info.out.nlink);
			ret = false;
		}
		if (s1->standard_info.out.delete_pending != 1) {
			printf("(%d) nlinks standard_info/delete_pending incorrect - %d should be 1\n", __LINE__, s1->standard_info.out.delete_pending);
			ret = false;
		}
	}
	VAL_CHECK("EA_INFO",       ea_info,       ea_size, 
		  "ALL_INFO",      all_info,      ea_size);
	if (!is_ipc) {
		VAL_CHECK("EA_SIZE",       ea_size,       ea_size, 
			  "ALL_INFO",      all_info,      ea_size);
	}

#define NAME_PATH_CHECK(sname, stype, field) do { \
	s1 = fname_find(is_ipc, sname); s2 = fnum_find(sname); \
        if (s1 && s2) { \
		VAL_EQUAL(stype, field, stype, field); \
	} \
} while (0)


	s1 = fnum_find("INTERNAL_INFORMATION");
	if (s1) {
		torture_comment(torture, "file_id=%.0f\n", (double)s1->internal_information.out.file_id);
	}

	NAME_PATH_CHECK("INTERNAL_INFORMATION", internal_information, file_id);
	NAME_PATH_CHECK("POSITION_INFORMATION", position_information, position);
	if (s1 && s2) {
		printf("fnum pos = %.0f, fname pos = %.0f\n",
		       (double)s2->position_information.out.position,
		       (double)s1->position_information.out.position );
	}
	NAME_PATH_CHECK("MODE_INFORMATION", mode_information, mode);
	NAME_PATH_CHECK("ALIGNMENT_INFORMATION", alignment_information, alignment_requirement);
	NAME_PATH_CHECK("ATTRIBUTE_TAG_INFORMATION", attribute_tag_information, attrib);
	NAME_PATH_CHECK("ATTRIBUTE_TAG_INFORMATION", attribute_tag_information, reparse_tag);

#if 0
	/* these are expected to differ */
	NAME_PATH_CHECK("ACCESS_INFORMATION", access_information, access_flags);
#endif

#if 0 /* unused */
#define UNKNOWN_CHECK(sname, stype, tfield) do { \
	s1 = fnum_find(sname); \
	if (s1 && s1->stype.out.tfield != 0) { \
		printf("(%d) handle %s/%s unknown != 0 (0x%x)\n", __LINE__, \
                       #stype, #tfield, \
		       (unsigned int)s1->stype.out.tfield); \
	} \
	s1 = fname_find(is_ipc, sname); \
	if (s1 && s1->stype.out.tfield != 0) { \
		printf("(%d) path %s/%s unknown != 0 (0x%x)\n", __LINE__, \
                       #stype, #tfield, \
		       (unsigned int)s1->stype.out.tfield); \
	}} while (0)
#endif
	/* now get a bit fancier .... */
	
	/* when we set the delete disposition then the link count should drop
	   to 0 and delete_pending should be 1 */
	
	return ret;
}
コード例 #28
0
ファイル: schannel.c プロジェクト: DanilKorotenko/samba
static bool test_schannel_anonymous_setPassword(struct torture_context *tctx,
						uint32_t dcerpc_flags,
						bool use2)
{
	NTSTATUS status, result;
	const char *binding = torture_setting_string(tctx, "binding", NULL);
	struct dcerpc_binding *b;
	struct dcerpc_pipe *p = NULL;
	struct cli_credentials *credentials;
	bool ok = true;

	credentials = cli_credentials_init(NULL);
	torture_assert(tctx, credentials != NULL, "Bad credentials");
	cli_credentials_set_anonymous(credentials);

	status = dcerpc_parse_binding(tctx, binding, &b);
	torture_assert_ntstatus_ok(tctx, status, "Bad binding string");

	status = dcerpc_binding_set_flags(b, dcerpc_flags, DCERPC_AUTH_OPTIONS);
	torture_assert_ntstatus_ok(tctx, status, "set flags");

	status = dcerpc_pipe_connect_b(tctx,
				       &p,
				       b,
				       &ndr_table_netlogon,
				       credentials,
				       tctx->ev,
				       tctx->lp_ctx);
	torture_assert_ntstatus_ok(tctx, status, "Failed to connect without schannel");

	if (use2) {
		struct netr_ServerPasswordSet2 r = {};
		struct netr_Authenticator credential = {};
		struct netr_Authenticator return_authenticator = {};
		struct netr_CryptPassword new_password = {};

		r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
		r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
		r.in.secure_channel_type = 0;
		r.in.computer_name = TEST_MACHINE_NAME;
		r.in.credential = &credential;
		r.in.new_password = &new_password;
		r.out.return_authenticator = &return_authenticator;

		status = dcerpc_netr_ServerPasswordSet2_r(p->binding_handle, tctx, &r);
		result = r.out.result;
	} else {
		struct netr_ServerPasswordSet r = {};
		struct netr_Authenticator credential = {};
		struct netr_Authenticator return_authenticator = {};
		struct samr_Password new_password = {};

		r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
		r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
		r.in.secure_channel_type = 0;
		r.in.computer_name = TEST_MACHINE_NAME;
		r.in.credential = &credential;
		r.in.new_password = &new_password;
		r.out.return_authenticator = &return_authenticator;

		status = dcerpc_netr_ServerPasswordSet_r(p->binding_handle, tctx, &r);
		result = r.out.result;
	}

	torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet failed");

	if (NT_STATUS_IS_OK(result)) {
		torture_fail(tctx, "unexpectedly received NT_STATUS_OK");
	}

	return ok;
}
コード例 #29
0
ファイル: spoolss_access.c プロジェクト: rchicoli/samba
static bool torture_rpc_spoolss_access_setup_common(struct torture_context *tctx, struct torture_access_context *t)
{
    void *testuser;
    const char *testuser_passwd;
    struct cli_credentials *test_credentials;
    struct dom_sid *test_sid;
    struct dcerpc_pipe *p;
    const char *printername;
    const char *binding = torture_setting_string(tctx, "binding", NULL);
    struct dcerpc_pipe *spoolss_pipe;

    testuser = torture_create_testuser_max_pwlen(tctx, t->user.username,
               torture_setting_string(tctx, "workgroup", NULL),
               ACB_NORMAL,
               &testuser_passwd,
               32);
    if (!testuser) {
        torture_fail(tctx, "Failed to create test user");
    }

    test_credentials = cli_credentials_init(tctx);
    cli_credentials_set_workstation(test_credentials, "localhost", CRED_SPECIFIED);
    cli_credentials_set_domain(test_credentials, lpcfg_workgroup(tctx->lp_ctx),
                               CRED_SPECIFIED);
    cli_credentials_set_username(test_credentials, t->user.username, CRED_SPECIFIED);
    cli_credentials_set_password(test_credentials, testuser_passwd, CRED_SPECIFIED);
    test_sid = discard_const_p(struct dom_sid,
                               torture_join_user_sid(testuser));

    if (t->user.num_builtin_memberships) {
        struct dcerpc_pipe *samr_pipe = torture_join_samr_pipe(testuser);

        torture_assert(tctx,
                       spoolss_access_setup_membership(tctx, samr_pipe,
                               t->user.num_builtin_memberships,
                               t->user.builtin_memberships,
                               test_sid),
                       "failed to setup membership");
    }

    if (t->user.num_privs) {
        struct dcerpc_pipe *lsa_pipe;

        torture_assert_ntstatus_ok(tctx,
                                   torture_rpc_connection(tctx, &lsa_pipe, &ndr_table_lsarpc),
                                   "Error connecting to server");

        torture_assert(tctx,
                       spoolss_access_setup_privs(tctx, lsa_pipe,
                               t->user.num_privs,
                               t->user.privs,
                               test_sid,
                               &t->user.privs_present),
                       "failed to setup privs");
        talloc_free(lsa_pipe);
    }

    torture_assert_ntstatus_ok(tctx,
                               torture_rpc_connection(tctx, &spoolss_pipe, &ndr_table_spoolss),
                               "Error connecting to server");

    torture_assert(tctx,
                   test_EnumPrinters_findone(tctx, spoolss_pipe, &printername),
                   "failed to enumerate printers");

    if (t->user.sd && printername) {
        torture_assert(tctx,
                       spoolss_access_setup_sd(tctx, spoolss_pipe,
                                               printername,
                                               test_sid,
                                               &t->sd_orig),
                       "failed to setup sd");
    }

    talloc_free(spoolss_pipe);

    torture_assert_ntstatus_ok(tctx,
                               dcerpc_pipe_connect(tctx, &p, binding, &ndr_table_spoolss,
                                       test_credentials, tctx->ev, tctx->lp_ctx),
                               "Error connecting to server");

    t->spoolss_pipe = p;
    t->printername = printername;
    t->user.testuser = testuser;

    return true;
}
コード例 #30
0
ファイル: dbspeed.c プロジェクト: AllardJ/Tomato
/*
  test tdb speed
*/
static bool test_tdb_speed(struct torture_context *torture, const void *_data)
{
	struct timeval tv;
	struct tdb_wrap *tdbw;
	int timelimit = torture_setting_int(torture, "timelimit", 10);
	int i, count;
	TALLOC_CTX *tmp_ctx = talloc_new(torture);

	unlink("test.tdb");

	torture_comment(torture, "Testing tdb speed for sidmap\n");

	tdbw = tdb_wrap_open(tmp_ctx, "test.tdb", 
			     10000, 0, O_RDWR|O_CREAT|O_TRUNC, 0600);
	if (!tdbw) {
		unlink("test.tdb");
		talloc_free(tmp_ctx);
		torture_fail(torture, "Failed to open test.tdb");
	}

	torture_comment(torture, "Adding %d SID records\n", torture_entries);

	for (i=0;i<torture_entries;i++) {
		if (!tdb_add_record(tdbw, 
				    "S-1-5-21-53173311-3623041448-2049097239-%u",
				    "UID %u", i)) {
			torture_result(torture, TORTURE_FAIL, "Failed to add SID %d\n", i);
			goto failed;
		}
		if (!tdb_add_record(tdbw, 
				    "UID %u",
				    "S-1-5-21-53173311-3623041448-2049097239-%u", i)) {
			torture_result(torture, TORTURE_FAIL, "Failed to add UID %d\n", i);
			goto failed;
		}
	}

	torture_comment(torture, "Testing for %d seconds\n", timelimit);

	tv = timeval_current();

	for (count=0;timeval_elapsed(&tv) < timelimit;count++) {
		TDB_DATA key, data;
		i = random() % torture_entries;
		key.dptr = (uint8_t *)talloc_asprintf(tmp_ctx, "S-1-5-21-53173311-3623041448-2049097239-%u", i);
		key.dsize = strlen((char *)key.dptr)+1;
		data = tdb_fetch(tdbw->tdb, key);
		talloc_free(key.dptr);
		if (data.dptr == NULL) {
			torture_result(torture, TORTURE_FAIL, "Failed to fetch SID %d\n", i);
			goto failed;
		}
		free(data.dptr);
		key.dptr = (uint8_t *)talloc_asprintf(tmp_ctx, "UID %u", i);
		key.dsize = strlen((char *)key.dptr)+1;
		data = tdb_fetch(tdbw->tdb, key);
		talloc_free(key.dptr);
		if (data.dptr == NULL) {
			torture_result(torture, TORTURE_FAIL, "Failed to fetch UID %d\n", i);
			goto failed;
		}
		free(data.dptr);
	}

	tdb_speed = count/timeval_elapsed(&tv);
	torture_comment(torture, "tdb speed %.2f ops/sec\n", tdb_speed);
	

	unlink("test.tdb");
	talloc_free(tmp_ctx);
	return true;

failed:
	unlink("test.tdb");
	talloc_free(tmp_ctx);
	return false;
}