bool torture_delshare(struct torture_context *torture)
{
struct dcerpc_pipe *p;
struct dcerpc_binding *binding;
struct libnet_context* libnetctx;
const char *host;
NTSTATUS status;
bool ret = true;
struct libnet_DelShare share;
host = torture_setting_string(torture, "host", NULL);
status = torture_rpc_binding(torture, &binding);
torture_assert_ntstatus_ok(torture, status, "Failed to get binding");
libnetctx = libnet_context_init(torture->ev, torture->lp_ctx);
libnetctx->cred = cmdline_credentials;
status = torture_rpc_connection(torture,
&p,
&ndr_table_srvsvc);
torture_assert_ntstatus_ok(torture, status, "Failed to get rpc connection");
if (!test_addshare(p, torture, host, TEST_SHARENAME)) {
return false;
}
share.in.server_name = binding->host;
share.in.share_name = TEST_SHARENAME;
status = libnet_DelShare(libnetctx, torture, &share);
torture_assert_ntstatus_ok(torture, status, "Failed to delete share");
return ret;
}
static bool test_bind(struct torture_context *tctx,
const void *private_data)
{
struct dcerpc_binding *binding;
struct dcerpc_pipe *p;
const uint32_t *flags = (const uint32_t *)private_data;
torture_assert_ntstatus_ok(tctx,
torture_rpc_binding(tctx, &binding),
"failed to parse binding string");
binding->flags &= ~DCERPC_AUTH_OPTIONS;
binding->flags |= *flags;
torture_assert_ntstatus_ok(tctx,
dcerpc_pipe_connect_b(tctx, &p, binding,
&ndr_table_lsarpc,
cmdline_credentials,
tctx->ev,
tctx->lp_ctx),
"failed to connect pipe");
torture_assert(tctx,
test_openpolicy(tctx, p),
"failed to test openpolicy");
talloc_free(p);
return true;
}
/**
* open a rpc connection to a specific transport
*/
NTSTATUS torture_rpc_connection_transport(struct torture_context *tctx,
struct dcerpc_pipe **p,
const struct ndr_interface_table *table,
enum dcerpc_transport_t transport,
uint32_t assoc_group_id)
{
NTSTATUS status;
struct dcerpc_binding *binding;
status = torture_rpc_binding(tctx, &binding);
if (NT_STATUS_IS_ERR(status))
return status;
binding->transport = transport;
binding->assoc_group_id = assoc_group_id;
status = dcerpc_pipe_connect_b(tctx, p, binding, table,
cmdline_credentials, tctx->ev, tctx->lp_ctx);
if (NT_STATUS_IS_ERR(status)) {
*p = NULL;
}
return status;
}
static bool torture_rpc_setup_anonymous(struct torture_context *tctx,
void **data)
{
NTSTATUS status;
struct dcerpc_binding *binding;
struct torture_rpc_tcase_data *tcase_data;
struct torture_rpc_tcase *tcase = talloc_get_type(tctx->active_tcase,
struct torture_rpc_tcase);
status = torture_rpc_binding(tctx, &binding);
if (NT_STATUS_IS_ERR(status))
return false;
*data = tcase_data = talloc_zero(tctx, struct torture_rpc_tcase_data);
tcase_data->credentials = cli_credentials_init_anon(tctx);
status = dcerpc_pipe_connect_b(tctx,
&(tcase_data->pipe),
binding,
tcase->table,
tcase_data->credentials, tctx->ev, tctx->lp_ctx);
torture_assert_ntstatus_ok(tctx, status, "Error connecting to server");
return NT_STATUS_IS_OK(status);
}
static bool torture_rpc_setup_machine_bdc(struct torture_context *tctx,
void **data)
{
NTSTATUS status;
struct dcerpc_binding *binding;
struct torture_rpc_tcase *tcase = talloc_get_type(tctx->active_tcase,
struct torture_rpc_tcase);
struct torture_rpc_tcase_data *tcase_data;
status = torture_rpc_binding(tctx, &binding);
if (NT_STATUS_IS_ERR(status))
return false;
*data = tcase_data = talloc_zero(tctx, struct torture_rpc_tcase_data);
tcase_data->credentials = cmdline_credentials;
tcase_data->join_ctx = torture_join_domain(tctx, tcase->machine_name,
ACB_SVRTRUST,
&tcase_data->credentials);
if (tcase_data->join_ctx == NULL)
torture_fail(tctx, "Failed to join as BDC");
status = dcerpc_pipe_connect_b(tctx,
&(tcase_data->pipe),
binding,
tcase->table,
tcase_data->credentials, tctx->ev, tctx->lp_ctx);
torture_assert_ntstatus_ok(tctx, status, "Error connecting to server");
return NT_STATUS_IS_OK(status);
}
/**
* open a rpc connection to the chosen binding string
*/
_PUBLIC_ NTSTATUS torture_rpc_connection(struct torture_context *tctx,
struct dcerpc_pipe **p,
const struct ndr_interface_table *table)
{
NTSTATUS status;
struct dcerpc_binding *binding;
status = torture_rpc_binding(tctx, &binding);
if (NT_STATUS_IS_ERR(status))
return status;
return torture_rpc_connection_with_binding(tctx, binding, p, table);
}
bool torture_listshares(struct torture_context *torture)
{
struct libnet_ListShares share;
NTSTATUS status;
uint32_t levels[] = { 0, 1, 2, 501, 502 };
int i;
bool ret = true;
struct libnet_context* libnetctx;
struct dcerpc_binding *binding;
TALLOC_CTX *mem_ctx;
mem_ctx = talloc_init("test_listshares");
status = torture_rpc_binding(torture, &binding);
if (!NT_STATUS_IS_OK(status)) {
ret = false;
goto done;
}
libnetctx = libnet_context_init(torture->ev, torture->lp_ctx);
if (!libnetctx) {
torture_comment(torture, "Couldn't allocate libnet context\n");
ret = false;
goto done;
}
libnetctx->cred = popt_get_cmdline_credentials();
torture_comment(torture, "Testing libnet_ListShare\n");
share.in.server_name = dcerpc_binding_get_string_option(binding, "host");
for (i = 0; i < ARRAY_SIZE(levels); i++) {
share.in.level = levels[i];
torture_comment(torture, "Testing libnet_ListShare level %u\n", share.in.level);
status = libnet_ListShares(libnetctx, mem_ctx, &share);
if (!NT_STATUS_IS_OK(status)) {
torture_comment(torture, "libnet_ListShare level %u failed - %s\n", share.in.level, share.out.error_string);
ret = false;
goto done;
}
torture_comment(torture, "listing shares:\n");
test_displayshares(torture, share);
}
done:
talloc_free(mem_ctx);
return ret;
}
bool torture_rpc_connect_srv(struct torture_context *torture)
{
const enum libnet_RpcConnect_level level = LIBNET_RPC_CONNECT_SERVER;
NTSTATUS status;
struct dcerpc_binding *binding;
const char *host;
status = torture_rpc_binding(torture, &binding);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
host = dcerpc_binding_get_string_option(binding, "host");
return torture_rpc_connect(torture, level, NULL, host);
}
bool torture_rpc_connect_binding(struct torture_context *torture)
{
const enum libnet_RpcConnect_level level = LIBNET_RPC_CONNECT_BINDING;
NTSTATUS status;
struct dcerpc_binding *binding;
const char *bindstr;
status = torture_rpc_binding(torture, &binding);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
bindstr = dcerpc_binding_string(torture, binding);
return torture_rpc_connect(torture, level, bindstr, NULL);
}
static bool test_secrets(struct torture_context *torture, const void *_data)
{
struct dcerpc_pipe *p;
struct policy_handle *handle;
struct dcerpc_binding *binding;
const struct secret_settings *settings =
(const struct secret_settings *)_data;
NTSTATUS status;
struct dcerpc_binding_handle *b;
lpcfg_set_cmdline(torture->lp_ctx, "ntlmssp client:keyexchange", settings->keyexchange?"True":"False");
lpcfg_set_cmdline(torture->lp_ctx, "ntlmssp_client:ntlm2", settings->ntlm2?"True":"False");
lpcfg_set_cmdline(torture->lp_ctx, "ntlmssp_client:lm_key", settings->lm_key?"True":"False");
torture_assert_ntstatus_ok(torture, torture_rpc_binding(torture, &binding),
"Getting bindoptions");
status = dcerpc_binding_set_flags(binding, settings->bindoptions, 0);
torture_assert_ntstatus_ok(torture, status, "dcerpc_binding_set_flags");
status = dcerpc_pipe_connect_b(torture, &p, binding,
&ndr_table_lsarpc,
cmdline_credentials,
torture->ev,
torture->lp_ctx);
torture_assert_ntstatus_ok(torture, status, "connect");
b = p->binding_handle;
if (!test_lsa_OpenPolicy2(b, torture, &handle)) {
talloc_free(p);
return false;
}
torture_assert(torture, handle, "OpenPolicy2 failed. This test cannot run against this server");
if (!test_CreateSecret_basic(p, torture, handle)) {
talloc_free(p);
return false;
}
talloc_free(p);
return true;
}
bool torture_rpc_connect_dc_info(struct torture_context *torture)
{
const enum libnet_RpcConnect_level level = LIBNET_RPC_CONNECT_DC_INFO;
NTSTATUS status;
struct dcerpc_binding *binding;
const char *domain_name;
status = torture_rpc_binding(torture, &binding);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
/* we're accessing domain controller so the domain name should be
passed (it's going to be resolved to dc name and address) instead
of specific server name. */
domain_name = lpcfg_workgroup(torture->lp_ctx);
return torture_rpc_connect(torture, level, NULL, domain_name);
}
/**
* open a rpc connection to a specific transport
*/
NTSTATUS torture_rpc_connection_transport(struct torture_context *tctx,
struct dcerpc_pipe **p,
const struct ndr_interface_table *table,
enum dcerpc_transport_t transport,
uint32_t assoc_group_id,
uint32_t extra_flags)
{
NTSTATUS status;
struct dcerpc_binding *binding;
*p = NULL;
status = torture_rpc_binding(tctx, &binding);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
status = dcerpc_binding_set_transport(binding, transport);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
status = dcerpc_binding_set_assoc_group_id(binding, assoc_group_id);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
status = dcerpc_binding_set_flags(binding, extra_flags, 0);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
status = dcerpc_pipe_connect_b(tctx, p, binding, table,
popt_get_cmdline_credentials(),
tctx->ev, tctx->lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
*p = NULL;
return status;
}
return NT_STATUS_OK;
}
/**
* open a rpc connection to the chosen binding string
*/
_PUBLIC_ NTSTATUS torture_rpc_connection(struct torture_context *tctx,
struct dcerpc_pipe **p,
const struct ndr_interface_table *table)
{
NTSTATUS status;
struct dcerpc_binding *binding;
dcerpc_init();
status = torture_rpc_binding(tctx, &binding);
if (NT_STATUS_IS_ERR(status))
return status;
status = dcerpc_pipe_connect_b(tctx,
p, binding, table,
cmdline_credentials, tctx->ev, tctx->lp_ctx);
if (NT_STATUS_IS_ERR(status)) {
printf("Failed to connect to remote server: %s %s\n",
dcerpc_binding_string(tctx, binding), nt_errstr(status));
}
return status;
}
bool torture_rpc_mgmt(struct torture_context *torture)
{
NTSTATUS status;
struct dcerpc_pipe *p;
TALLOC_CTX *mem_ctx, *loop_ctx;
bool ret = true;
const struct ndr_interface_list *l;
struct dcerpc_binding *b;
mem_ctx = talloc_init("torture_rpc_mgmt");
status = torture_rpc_binding(torture, &b);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(mem_ctx);
return false;
}
for (l=ndr_table_list();l;l=l->next) {
loop_ctx = talloc_named(mem_ctx, 0, "torture_rpc_mgmt loop context");
/* some interfaces are not mappable */
if (l->table->num_calls == 0 ||
strcmp(l->table->name, "mgmt") == 0) {
talloc_free(loop_ctx);
continue;
}
printf("\nTesting pipe '%s'\n", l->table->name);
status = dcerpc_epm_map_binding(loop_ctx, b, l->table, NULL, torture->lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to map port for uuid %s\n",
GUID_string(loop_ctx, &l->table->syntax_id.uuid));
talloc_free(loop_ctx);
continue;
}
lp_set_cmdline(torture->lp_ctx, "torture:binding", dcerpc_binding_string(loop_ctx, b));
status = torture_rpc_connection(torture, &p, &ndr_table_mgmt);
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
printf("Interface not available - skipping\n");
talloc_free(loop_ctx);
continue;
}
if (!NT_STATUS_IS_OK(status)) {
talloc_free(loop_ctx);
ret = false;
continue;
}
if (!test_is_server_listening(p, loop_ctx)) {
ret = false;
}
if (!test_stop_server_listening(p, loop_ctx)) {
ret = false;
}
if (!test_inq_stats(p, loop_ctx)) {
ret = false;
}
if (!test_inq_princ_name(p, loop_ctx)) {
ret = false;
}
if (!test_inq_if_ids(torture, p, loop_ctx, NULL, NULL)) {
ret = false;
}
}
return ret;
}
bool torture_domain_close_lsa(struct torture_context *torture)
{
bool ret = true;
NTSTATUS status;
TALLOC_CTX *mem_ctx=NULL;
struct libnet_context *ctx;
struct lsa_String domain_name;
struct dcerpc_binding *binding;
uint32_t access_mask;
struct policy_handle h;
struct dcerpc_pipe *p;
struct libnet_DomainClose r;
status = torture_rpc_binding(torture, &binding);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
ctx = libnet_context_init(torture->ev, torture->lp_ctx);
if (ctx == NULL) {
d_printf("failed to create libnet context\n");
ret = false;
goto done;
}
ctx->cred = cmdline_credentials;
mem_ctx = talloc_init("torture_domain_close_lsa");
status = dcerpc_pipe_connect_b(mem_ctx, &p, binding, &ndr_table_lsarpc,
cmdline_credentials, torture->ev, torture->lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
d_printf("failed to connect to server: %s\n", nt_errstr(status));
ret = false;
goto done;
}
domain_name.string = lp_workgroup(torture->lp_ctx);
if (!test_opendomain_lsa(p, torture, &h, &domain_name, &access_mask)) {
d_printf("failed to open domain on lsa service\n");
ret = false;
goto done;
}
ctx->lsa.pipe = p;
ctx->lsa.name = domain_name.string;
ctx->lsa.access_mask = access_mask;
ctx->lsa.handle = h;
/* we have to use pipe's event context, otherwise the call will
hang indefinitely */
ctx->event_ctx = p->conn->event_ctx;
ZERO_STRUCT(r);
r.in.type = DOMAIN_LSA;
r.in.domain_name = domain_name.string;
status = libnet_DomainClose(ctx, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
ret = false;
goto done;
}
done:
talloc_free(mem_ctx);
talloc_free(ctx);
return ret;
}
bool torture_domain_list(struct torture_context *torture)
{
bool ret = true;
NTSTATUS status;
TALLOC_CTX *mem_ctx = NULL;
struct dcerpc_binding *binding;
struct libnet_context *ctx;
struct libnet_DomainList r;
int i;
status = torture_rpc_binding(torture, &binding);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
ctx = libnet_context_init(torture->ev, torture->lp_ctx);
if (ctx == NULL) {
d_printf("failed to create libnet context\n");
ret = false;
goto done;
}
ctx->cred = cmdline_credentials;
mem_ctx = talloc_init("torture_domain_close_samr");
/*
* querying the domain list using default buffer size
*/
ZERO_STRUCT(r);
r.in.hostname = binding->host;
status = libnet_DomainList(ctx, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
ret = false;
goto done;
}
d_printf("Received list or domains (everything in one piece):\n");
for (i = 0; i < r.out.count; i++) {
d_printf("Name[%d]: %s\n", i, r.out.domains[i].name);
}
/*
* querying the domain list using specified (much smaller) buffer size
*/
ctx->samr.buf_size = 32;
ZERO_STRUCT(r);
r.in.hostname = binding->host;
status = libnet_DomainList(ctx, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
ret = false;
goto done;
}
d_printf("Received list or domains (collected in more than one round):\n");
for (i = 0; i < r.out.count; i++) {
d_printf("Name[%d]: %s\n", i, r.out.domains[i].name);
}
done:
d_printf("\nStatus: %s\n", nt_errstr(status));
talloc_free(mem_ctx);
talloc_free(ctx);
return ret;
}
bool torture_domain_close_samr(struct torture_context *torture)
{
bool ret = true;
NTSTATUS status;
TALLOC_CTX *mem_ctx = NULL;
struct libnet_context *ctx;
struct lsa_String domain_name;
struct dcerpc_binding *binding;
uint32_t access_mask;
struct policy_handle h;
struct dcerpc_pipe *p;
struct libnet_DomainClose r;
struct dom_sid *sid;
status = torture_rpc_binding(torture, &binding);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
ctx = libnet_context_init(torture->ev, torture->lp_ctx);
if (ctx == NULL) {
d_printf("failed to create libnet context\n");
ret = false;
goto done;
}
ctx->cred = cmdline_credentials;
mem_ctx = talloc_init("torture_domain_close_samr");
status = dcerpc_pipe_connect_b(mem_ctx, &p, binding, &ndr_table_samr,
ctx->cred, torture->ev, torture->lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
d_printf("failed to connect to server: %s\n", nt_errstr(status));
ret = false;
goto done;
}
domain_name.string = talloc_strdup(mem_ctx, lp_workgroup(torture->lp_ctx));
if (!test_opendomain_samr(p, torture, &h, &domain_name, &access_mask, &sid)) {
d_printf("failed to open domain on samr service\n");
ret = false;
goto done;
}
ctx->samr.pipe = p;
ctx->samr.name = talloc_steal(ctx, domain_name.string);
ctx->samr.access_mask = access_mask;
ctx->samr.handle = h;
ctx->samr.sid = talloc_steal(ctx, sid);
/* we have to use pipe's event context, otherwise the call will
hang indefinitely - this wouldn't be the case if pipe was opened
by means of libnet call */
ctx->event_ctx = p->conn->event_ctx;
ZERO_STRUCT(r);
r.in.type = DOMAIN_SAMR;
r.in.domain_name = domain_name.string;
status = libnet_DomainClose(ctx, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
ret = false;
goto done;
}
done:
talloc_free(mem_ctx);
talloc_free(ctx);
return ret;
}
