BOOL torture_domain_open_samr(struct torture_context *torture) { NTSTATUS status; const char *binding; struct libnet_context *ctx; struct event_context *evt_ctx=NULL; TALLOC_CTX *mem_ctx; struct policy_handle domain_handle, handle; struct libnet_DomainOpen io; struct samr_Close r; const char *domain_name; BOOL ret = True; mem_ctx = talloc_init("test_domainopen_lsa"); binding = torture_setting_string(torture, "binding", NULL); ctx = libnet_context_init(evt_ctx); ctx->cred = cmdline_credentials; /* we're accessing domain controller so the domain name should be passed (it's going to be resolved to dc name and address) instead of specific server name. */ domain_name = lp_workgroup(); /* * Testing synchronous version */ printf("opening domain\n"); io.in.type = DOMAIN_SAMR; io.in.domain_name = domain_name; io.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; status = libnet_DomainOpen(ctx, mem_ctx, &io); if (!NT_STATUS_IS_OK(status)) { printf("Composite domain open failed - %s\n", nt_errstr(status)); ret = False; goto done; } domain_handle = ctx->samr.handle; r.in.handle = &domain_handle; r.out.handle = &handle; printf("closing domain handle\n"); status = dcerpc_samr_Close(ctx->samr.pipe, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("Close failed - %s\n", nt_errstr(status)); ret = False; goto done; } done: talloc_free(mem_ctx); talloc_free(ctx); return ret; }
int net_samsync_ldb(struct net_context *ctx, int argc, const char **argv) { NTSTATUS status; struct libnet_context *libnetctx; struct libnet_samsync_ldb r; libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); if (!libnetctx) { return -1; } libnetctx->cred = ctx->credentials; r.out.error_string = NULL; r.in.machine_account = NULL; r.in.binding_string = NULL; /* Needed to override the ACLs on ldb */ r.in.session_info = system_session(libnetctx, ctx->lp_ctx); status = libnet_samsync_ldb(libnetctx, libnetctx, &r); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("libnet_samsync_ldb returned %s: %s\n", nt_errstr(status), r.out.error_string)); return -1; } talloc_free(libnetctx); return 0; }
static bool test_NetShareDel(TALLOC_CTX *mem_ctx, struct torture_context *tctx, const char *host, const char *sharename) { NTSTATUS status; struct libnet_context* libnetctx; struct libnet_DelShare r; printf("Deleting share %s\n", sharename); if (!(libnetctx = libnet_context_init(tctx->ev, tctx->lp_ctx))) { return false; } libnetctx->cred = cmdline_credentials; r.in.share_name = sharename; r.in.server_name = host; status = libnet_DelShare(libnetctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { d_printf("Failed to delete share: %s (%s)\n", nt_errstr(status), r.out.error_string); return false; } return true; }
bool torture_delshare(struct torture_context *torture) { struct dcerpc_pipe *p; struct dcerpc_binding *binding; struct libnet_context* libnetctx; const char *host; NTSTATUS status; bool ret = true; struct libnet_DelShare share; host = torture_setting_string(torture, "host", NULL); status = torture_rpc_binding(torture, &binding); torture_assert_ntstatus_ok(torture, status, "Failed to get binding"); libnetctx = libnet_context_init(torture->ev, torture->lp_ctx); libnetctx->cred = popt_get_cmdline_credentials(); status = torture_rpc_connection(torture, &p, &ndr_table_srvsvc); torture_assert_ntstatus_ok(torture, status, "Failed to get rpc connection"); if (!test_addshare(torture, p->binding_handle, torture, host, TEST_SHARENAME)) { return false; } share.in.server_name = dcerpc_binding_get_string_option(binding, "host"); share.in.share_name = TEST_SHARENAME; status = libnet_DelShare(libnetctx, torture, &share); torture_assert_ntstatus_ok(torture, status, "Failed to delete share"); return ret; }
static int net_export_keytab(struct net_context *ctx, int argc, const char **argv) { NTSTATUS status; struct libnet_context *libnetctx; struct libnet_export_keytab r; switch (argc) { case 0: return net_export_keytab_usage(ctx, argc, argv); break; case 1: r.in.keytab_name = argv[0]; break; } libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); if (!libnetctx) { return -1; } libnetctx->cred = ctx->credentials; r.out.error_string = NULL; status = libnet_export_keytab(libnetctx, ctx, &r); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("libnet_export_keytab returned %s: %s\n", nt_errstr(status), r.out.error_string)); return -1; } talloc_free(libnetctx); return 0; }
bool torture_domain_open_samr(struct torture_context *torture) { NTSTATUS status; struct libnet_context *ctx; TALLOC_CTX *mem_ctx; struct policy_handle domain_handle, handle; struct libnet_DomainOpen io; struct samr_Close r; const char *domain_name; bool ret = true; mem_ctx = talloc_init("test_domainopen_lsa"); ctx = libnet_context_init(torture->ev, torture->lp_ctx); ctx->cred = cmdline_credentials; /* we're accessing domain controller so the domain name should be passed (it's going to be resolved to dc name and address) instead of specific server name. */ domain_name = lpcfg_workgroup(torture->lp_ctx); /* * Testing synchronous version */ torture_comment(torture, "opening domain\n"); io.in.type = DOMAIN_SAMR; io.in.domain_name = domain_name; io.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; status = libnet_DomainOpen(ctx, mem_ctx, &io); if (!NT_STATUS_IS_OK(status)) { torture_comment(torture, "Composite domain open failed for domain '%s' - %s\n", domain_name, nt_errstr(status)); ret = false; goto done; } domain_handle = ctx->samr.handle; r.in.handle = &domain_handle; r.out.handle = &handle; torture_comment(torture, "closing domain handle\n"); torture_assert_ntstatus_ok(torture, dcerpc_samr_Close_r(ctx->samr.pipe->binding_handle, mem_ctx, &r), "Close failed"); torture_assert_ntstatus_ok(torture, r.out.result, "Close failed"); done: talloc_free(mem_ctx); talloc_free(ctx); return ret; }
int net_vampire(struct net_context *ctx, int argc, const char **argv) { NTSTATUS status; struct libnet_context *libnetctx; struct libnet_Vampire *r; char *tmp, *targetdir = NULL; const char *domain_name; switch (argc) { case 0: /* no args -> fail */ return net_vampire_usage(ctx, argc, argv); case 1: /* only DOMAIN */ tmp = talloc_strdup(ctx, argv[0]); break; case 2: /* domain and target dir */ tmp = talloc_strdup(ctx, argv[0]); targetdir = talloc_strdup(ctx, argv[1]); break; default: /* too many args -> fail */ return net_vampire_usage(ctx, argc, argv); } domain_name = tmp; libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); if (!libnetctx) { return -1; } libnetctx->cred = ctx->credentials; r = talloc(ctx, struct libnet_Vampire); if (!r) { return -1; } /* prepare parameters for the vampire */ r->in.netbios_name = lp_netbios_name(ctx->lp_ctx); r->in.domain_name = domain_name; r->in.targetdir = targetdir; r->out.error_string = NULL; /* do the domain vampire */ status = libnet_Vampire(libnetctx, r, r); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, "Vampire of domain failed: %s\n", r->out.error_string ? r->out.error_string : nt_errstr(status)); talloc_free(r); talloc_free(libnetctx); return -1; } d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx, r->out.domain_sid)); talloc_free(libnetctx); return 0; }
static int ejs_net_context(MprVarHandle eid, int argc, struct MprVar **argv) { TALLOC_CTX *event_mem_ctx = talloc_new(mprMemCtx()); struct cli_credentials *creds; struct libnet_context *ctx; struct MprVar obj; struct event_context *ev; if (!event_mem_ctx) { ejsSetErrorMsg(eid, "talloc_new() failed"); return -1; } ev = event_context_find(event_mem_ctx); ctx = libnet_context_init(ev); /* IF we generated a new event context, it will be under here, * and we need it to last as long as the libnet context, so * make it a child */ talloc_steal(ctx, event_mem_ctx); if (argc == 0 || (argc == 1 && argv[0]->type == MPR_TYPE_NULL)) { creds = cli_credentials_init(ctx); if (creds == NULL) { ejsSetErrorMsg(eid, "cli_credential_init() failed"); talloc_free(ctx); return -1; } cli_credentials_set_conf(creds); cli_credentials_set_anonymous(creds); } else if (argc == 1 && argv[0]->type == MPR_TYPE_OBJECT) { /* get credential values from credentials object */ creds = mprGetPtr(argv[0], "creds"); if (creds == NULL) { ejsSetErrorMsg(eid, "userAuth requires a 'creds' first parameter"); talloc_free(ctx); return -1; } } else { ejsSetErrorMsg(eid, "NetContext invalid arguments, this function requires an object."); talloc_free(ctx); return -1; } ctx->cred = creds; obj = mprObject("NetCtx"); mprSetPtrChild(&obj, "ctx", ctx); mprSetCFunction(&obj, "UserMgr", ejs_net_userman); mprSetCFunction(&obj, "JoinDomain", ejs_net_join_domain); mprSetCFunction(&obj, "SamSyncLdb", ejs_net_samsync_ldb); mpr_Return(eid, obj); return 0; }
BOOL torture_listshares(struct torture_context *torture) { struct libnet_ListShares share; NTSTATUS status; uint32_t levels[] = { 0, 1, 2, 501, 502 }; int i; BOOL ret = True; struct libnet_context* libnetctx; const char *binding; struct dcerpc_binding *bind; TALLOC_CTX *mem_ctx; mem_ctx = talloc_init("test_listshares"); binding = torture_setting_string(torture, "binding", NULL); status = dcerpc_parse_binding(mem_ctx, binding, &bind); if (!NT_STATUS_IS_OK(status)) { printf("Error while parsing the binding string\n"); ret = False; goto done; } libnetctx = libnet_context_init(NULL); if (!libnetctx) { printf("Couldn't allocate libnet context\n"); ret = False; goto done; } libnetctx->cred = cmdline_credentials; printf("Testing libnet_ListShare\n"); share.in.server_name = talloc_asprintf(mem_ctx, "%s", bind->host); for (i = 0; i < ARRAY_SIZE(levels); i++) { share.in.level = levels[i]; printf("testing libnet_ListShare level %u\n", share.in.level); status = libnet_ListShares(libnetctx, mem_ctx, &share); if (!NT_STATUS_IS_OK(status)) { printf("libnet_ListShare level %u failed - %s\n", share.in.level, share.out.error_string); ret = False; goto done; } printf("listing shares:\n"); test_displayshares(share); } done: talloc_free(mem_ctx); return ret; }
BOOL torture_domain_open_lsa(struct torture_context *torture) { NTSTATUS status; BOOL ret = True; struct libnet_context *ctx; struct libnet_DomainOpen r; struct lsa_Close close; struct dcerpc_binding *binding; struct policy_handle h; const char *bindstr; bindstr = torture_setting_string(torture, "binding", NULL); status = dcerpc_parse_binding(torture, bindstr, &binding); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to parse binding string\n"); return False; } ctx = libnet_context_init(NULL); if (ctx == NULL) { d_printf("failed to create libnet context\n"); return False; } ctx->cred = cmdline_credentials; ZERO_STRUCT(r); r.in.type = DOMAIN_LSA; r.in.domain_name = binding->host; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; status = libnet_DomainOpen(ctx, torture, &r); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to open domain on lsa service: %s\n", nt_errstr(status)); ret = False; goto done; } ZERO_STRUCT(close); close.in.handle = &ctx->lsa.handle; close.out.handle = &h; status = dcerpc_lsa_Close(ctx->lsa.pipe, ctx, &close); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to close domain on lsa service: %s\n", nt_errstr(status)); ret = False; } done: talloc_free(ctx); return ret; }
bool torture_listshares(struct torture_context *torture) { struct libnet_ListShares share; NTSTATUS status; uint32_t levels[] = { 0, 1, 2, 501, 502 }; int i; bool ret = true; struct libnet_context* libnetctx; struct dcerpc_binding *binding; TALLOC_CTX *mem_ctx; mem_ctx = talloc_init("test_listshares"); status = torture_rpc_binding(torture, &binding); if (!NT_STATUS_IS_OK(status)) { ret = false; goto done; } libnetctx = libnet_context_init(torture->ev, torture->lp_ctx); if (!libnetctx) { torture_comment(torture, "Couldn't allocate libnet context\n"); ret = false; goto done; } libnetctx->cred = popt_get_cmdline_credentials(); torture_comment(torture, "Testing libnet_ListShare\n"); share.in.server_name = dcerpc_binding_get_string_option(binding, "host"); for (i = 0; i < ARRAY_SIZE(levels); i++) { share.in.level = levels[i]; torture_comment(torture, "Testing libnet_ListShare level %u\n", share.in.level); status = libnet_ListShares(libnetctx, mem_ctx, &share); if (!NT_STATUS_IS_OK(status)) { torture_comment(torture, "libnet_ListShare level %u failed - %s\n", share.in.level, share.out.error_string); ret = false; goto done; } torture_comment(torture, "listing shares:\n"); test_displayshares(torture, share); } done: talloc_free(mem_ctx); return ret; }
static bool torture_rpc_connect(struct torture_context *torture, const enum libnet_RpcConnect_level level, const char *bindstr, const char *hostname) { struct libnet_context *ctx; ctx = libnet_context_init(torture->ev, torture->lp_ctx); ctx->cred = cmdline_credentials; torture_comment(torture, "Testing connection to LSA interface\n"); if (!test_connect_service(torture, ctx, &ndr_table_lsarpc, bindstr, hostname, level, false, NT_STATUS_OK)) { torture_comment(torture, "failed to connect LSA interface\n"); return false; } torture_comment(torture, "Testing connection to SAMR interface\n"); if (!test_connect_service(torture, ctx, &ndr_table_samr, bindstr, hostname, level, false, NT_STATUS_OK)) { torture_comment(torture, "failed to connect SAMR interface\n"); return false; } torture_comment(torture, "Testing connection to SRVSVC interface\n"); if (!test_connect_service(torture, ctx, &ndr_table_srvsvc, bindstr, hostname, level, false, NT_STATUS_OK)) { torture_comment(torture, "failed to connect SRVSVC interface\n"); return false; } torture_comment(torture, "Testing connection to LSA interface with wrong credentials\n"); if (!test_connect_service(torture, ctx, &ndr_table_lsarpc, bindstr, hostname, level, true, NT_STATUS_LOGON_FAILURE)) { torture_comment(torture, "failed to test wrong credentials on LSA interface\n"); return false; } torture_comment(torture, "Testing connection to SAMR interface with wrong credentials\n"); if (!test_connect_service(torture, ctx, &ndr_table_samr, bindstr, hostname, level, true, NT_STATUS_LOGON_FAILURE)) { torture_comment(torture, "failed to test wrong credentials on SAMR interface\n"); return false; } talloc_free(ctx); return true; }
BOOL torture_domain_open_lsa(struct torture_context *torture) { NTSTATUS status; BOOL ret = True; struct libnet_context *ctx; struct libnet_DomainOpen r; struct lsa_Close lsa_close; struct policy_handle h; const char *domain_name; /* we're accessing domain controller so the domain name should be passed (it's going to be resolved to dc name and address) instead of specific server name. */ domain_name = lp_workgroup(); ctx = libnet_context_init(NULL); if (ctx == NULL) { d_printf("failed to create libnet context\n"); return False; } ctx->cred = cmdline_credentials; ZERO_STRUCT(r); r.in.type = DOMAIN_LSA; r.in.domain_name = domain_name; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; status = libnet_DomainOpen(ctx, torture, &r); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to open domain on lsa service: %s\n", nt_errstr(status)); ret = False; goto done; } ZERO_STRUCT(lsa_close); lsa_close.in.handle = &ctx->lsa.handle; lsa_close.out.handle = &h; status = dcerpc_lsa_Close(ctx->lsa.pipe, ctx, &lsa_close); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to close domain on lsa service: %s\n", nt_errstr(status)); ret = False; } done: talloc_free(ctx); return ret; }
static BOOL torture_rpc_connect(struct torture_context *torture, const enum libnet_RpcConnect_level level, const char *bindstr, const char *hostname) { struct libnet_context *ctx; ctx = libnet_context_init(NULL); ctx->cred = cmdline_credentials; d_printf("Testing connection to LSA interface\n"); if (!test_connect_service(ctx, &dcerpc_table_lsarpc, bindstr, hostname, level, False, NT_STATUS_OK)) { d_printf("failed to connect LSA interface\n"); return False; } d_printf("Testing connection to SAMR interface\n"); if (!test_connect_service(ctx, &dcerpc_table_samr, bindstr, hostname, level, False, NT_STATUS_OK)) { d_printf("failed to connect SAMR interface\n"); return False; } d_printf("Testing connection to SRVSVC interface\n"); if (!test_connect_service(ctx, &dcerpc_table_srvsvc, bindstr, hostname, level, False, NT_STATUS_OK)) { d_printf("failed to connect SRVSVC interface\n"); return False; } d_printf("Testing connection to LSA interface with wrong credentials\n"); if (!test_connect_service(ctx, &dcerpc_table_lsarpc, bindstr, hostname, level, True, NT_STATUS_LOGON_FAILURE)) { d_printf("failed to test wrong credentials on LSA interface\n"); return False; } d_printf("Testing connection to SAMR interface with wrong credentials\n"); if (!test_connect_service(ctx, &dcerpc_table_samr, bindstr, hostname, level, True, NT_STATUS_LOGON_FAILURE)) { d_printf("failed to test wrong credentials on SAMR interface\n"); return False; } talloc_free(ctx); return True; }
BOOL torture_delshare(struct torture_context *torture) { struct dcerpc_pipe *p; struct dcerpc_binding *bind; struct libnet_context* libnetctx; const char *host, *binding; TALLOC_CTX *mem_ctx; NTSTATUS status; BOOL ret = True; struct libnet_DelShare share; mem_ctx = talloc_init("test_listshares"); host = torture_setting_string(torture, "host", NULL); binding = torture_setting_string(torture, "binding", NULL); status = dcerpc_parse_binding(mem_ctx, binding, &bind); if (!NT_STATUS_IS_OK(status)) { printf("Error while parsing the binding string\n"); ret = False; goto done; } libnetctx = libnet_context_init(NULL); libnetctx->cred = cmdline_credentials; status = torture_rpc_connection(mem_ctx, &p, &dcerpc_table_srvsvc); if (!test_addshare(p, mem_ctx, host, TEST_SHARENAME)) { ret = False; goto done; } share.in.server_name = bind->host; share.in.share_name = TEST_SHARENAME; status = libnet_DelShare(libnetctx, mem_ctx, &share); if (!NT_STATUS_IS_OK(status)) { ret = False; goto done; } done: talloc_free(mem_ctx); return ret; }
/** * Create and initialize libnet_context Context. * Use this function in cases where we need to have SAMR and LSA pipes * of libnet_context to be connected before executing any other * libnet call * * @param rpc_connect [in] Connects SAMR and LSA pipes */ bool test_libnet_context_init(struct torture_context *tctx, bool rpc_connect, struct libnet_context **_net_ctx) { NTSTATUS status; bool bret = true; struct libnet_context *net_ctx; net_ctx = libnet_context_init(tctx->ev, tctx->lp_ctx); torture_assert(tctx, net_ctx != NULL, "Failed to create libnet_context"); /* Use command line credentials for testing */ net_ctx->cred = cmdline_credentials; if (rpc_connect) { /* connect SAMR pipe */ status = torture_rpc_connection(tctx, &net_ctx->samr.pipe, &ndr_table_samr); torture_assert_ntstatus_ok_goto(tctx, status, bret, done, "Failed to connect SAMR pipe"); net_ctx->samr.samr_handle = net_ctx->samr.pipe->binding_handle; /* connect LSARPC pipe */ status = torture_rpc_connection(tctx, &net_ctx->lsa.pipe, &ndr_table_lsarpc); torture_assert_ntstatus_ok_goto(tctx, status, bret, done, "Failed to connect LSA pipe"); net_ctx->lsa.lsa_handle = net_ctx->lsa.pipe->binding_handle; } *_net_ctx = net_ctx; done: if (!bret) { /* a previous call has failed, * clean up memory before exit */ talloc_free(net_ctx); } return bret; }
bool torture_creategroup(struct torture_context *torture) { bool ret = true; NTSTATUS status; TALLOC_CTX *mem_ctx = NULL; struct libnet_context *ctx; struct libnet_CreateGroup req; mem_ctx = talloc_init("test_creategroup"); ctx = libnet_context_init(torture->ev, torture->lp_ctx); ctx->cred = popt_get_cmdline_credentials(); req.in.group_name = TEST_GROUPNAME; req.in.domain_name = lpcfg_workgroup(torture->lp_ctx); req.out.error_string = NULL; status = libnet_CreateGroup(ctx, mem_ctx, &req); if (!NT_STATUS_IS_OK(status)) { torture_comment(torture, "libnet_CreateGroup call failed: %s\n", nt_errstr(status)); ret = false; goto done; } if (!test_group_cleanup(torture, ctx->samr.pipe->binding_handle, mem_ctx, &ctx->samr.handle, TEST_GROUPNAME)) { torture_comment(torture, "cleanup failed\n"); ret = false; goto done; } if (!test_samr_close_handle(torture, ctx->samr.pipe->binding_handle, mem_ctx, &ctx->samr.handle)) { torture_comment(torture, "domain close failed\n"); ret = false; } done: talloc_free(ctx); talloc_free(mem_ctx); return ret; }
static int net_password_change(struct net_context *ctx, int argc, const char **argv) { NTSTATUS status; struct libnet_context *libnetctx; union libnet_ChangePassword r; char *password_prompt = NULL; const char *new_password; if (argc > 0 && argv[0]) { new_password = argv[0]; } else { password_prompt = talloc_asprintf(ctx, "Enter new password for account [%s\\%s]:", cli_credentials_get_domain(ctx->credentials), cli_credentials_get_username(ctx->credentials)); new_password = getpass(password_prompt); } libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); if (!libnetctx) { return -1; } libnetctx->cred = ctx->credentials; /* prepare password change */ r.generic.level = LIBNET_CHANGE_PASSWORD_GENERIC; r.generic.in.account_name = cli_credentials_get_username(ctx->credentials); r.generic.in.domain_name = cli_credentials_get_domain(ctx->credentials); r.generic.in.oldpassword = cli_credentials_get_password(ctx->credentials); r.generic.in.newpassword = new_password; /* do password change */ status = libnet_ChangePassword(libnetctx, ctx, &r); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("net_password_change: %s\n",r.generic.out.error_string)); return -1; } talloc_free(libnetctx); return 0; }
bool torture_domainopen(struct torture_context *torture) { NTSTATUS status; struct libnet_context *net_ctx; TALLOC_CTX *mem_ctx; bool ret = true; struct policy_handle h; struct lsa_String name; mem_ctx = talloc_init("test_domain_open"); net_ctx = libnet_context_init(torture->ev, torture->lp_ctx); status = torture_rpc_connection(torture, &net_ctx->samr.pipe, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } name.string = lp_workgroup(torture->lp_ctx); /* * Testing synchronous version */ if (!test_domainopen(net_ctx, mem_ctx, &name, &h)) { ret = false; goto done; } if (!test_cleanup(net_ctx->samr.pipe, mem_ctx, &h)) { ret = false; goto done; } done: talloc_free(mem_ctx); return ret; }
static bool test_NetShareAdd(TALLOC_CTX *mem_ctx, struct torture_context *tctx, const char *host, const char *sharename, const char *dir) { NTSTATUS status; struct srvsvc_NetShareInfo2 i; struct libnet_context* libnetctx; struct libnet_AddShare r; printf("Creating share %s\n", sharename); if (!(libnetctx = libnet_context_init(tctx->ev, tctx->lp_ctx))) { return false; } libnetctx->cred = cmdline_credentials; i.name = sharename; i.type = STYPE_DISKTREE; i.path = dir; i.max_users = (uint32_t) -1; i.comment = "created by smbtorture"; i.password = NULL; i.permissions = 0x0; i.current_users = 0x0; r.level = 2; r.in.server_name = host; r.in.share = i; status = libnet_AddShare(libnetctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { d_printf("Failed to add new share: %s (%s)\n", nt_errstr(status), r.out.error_string); return false; } return true; }
int net_samdump(struct net_context *ctx, int argc, const char **argv) { NTSTATUS status; struct libnet_context *libnetctx; struct libnet_SamDump r; int rc; switch (argc) { case 0: break; case 1: default: rc = net_run_function(ctx, argc, argv, net_samdump_functable, net_samdump_usage); return rc; } libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); if (!libnetctx) { return -1; } libnetctx->cred = ctx->credentials; r.out.error_string = NULL; r.in.machine_account = NULL; r.in.binding_string = NULL; status = libnet_SamDump(libnetctx, ctx, &r); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("libnet_SamDump returned %s: %s\n", nt_errstr(status), r.out.error_string)); return -1; } talloc_free(libnetctx); return 0; }
static int net_user_delete(struct net_context *ctx, int argc, const char **argv) { NTSTATUS status; struct libnet_context *lnet_ctx; struct libnet_DeleteUser r; char *user_name; /* command line argument preparation */ switch (argc) { case 0: return net_user_usage(ctx, argc, argv); break; case 1: user_name = talloc_strdup(ctx, argv[0]); break; default: return net_user_usage(ctx, argc, argv); } /* libnet context init and its params */ lnet_ctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); if (!lnet_ctx) return -1; lnet_ctx->cred = ctx->credentials; /* calling DeleteUser function */ r.in.user_name = user_name; r.in.domain_name = cli_credentials_get_domain(lnet_ctx->cred); status = libnet_DeleteUser(lnet_ctx, ctx, &r); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("Failed to delete user account: %s\n", r.out.error_string)); return -1; } talloc_free(lnet_ctx); return 0; }
bool torture_domain_close_lsa(struct torture_context *torture) { bool ret = true; NTSTATUS status; TALLOC_CTX *mem_ctx=NULL; struct libnet_context *ctx; struct lsa_String domain_name; struct dcerpc_binding *binding; uint32_t access_mask; struct policy_handle h; struct dcerpc_pipe *p; struct libnet_DomainClose r; status = torture_rpc_binding(torture, &binding); if (!NT_STATUS_IS_OK(status)) { return false; } ctx = libnet_context_init(torture->ev, torture->lp_ctx); if (ctx == NULL) { d_printf("failed to create libnet context\n"); ret = false; goto done; } ctx->cred = cmdline_credentials; mem_ctx = talloc_init("torture_domain_close_lsa"); status = dcerpc_pipe_connect_b(mem_ctx, &p, binding, &ndr_table_lsarpc, cmdline_credentials, torture->ev, torture->lp_ctx); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to connect to server: %s\n", nt_errstr(status)); ret = false; goto done; } domain_name.string = lp_workgroup(torture->lp_ctx); if (!test_opendomain_lsa(p, torture, &h, &domain_name, &access_mask)) { d_printf("failed to open domain on lsa service\n"); ret = false; goto done; } ctx->lsa.pipe = p; ctx->lsa.name = domain_name.string; ctx->lsa.access_mask = access_mask; ctx->lsa.handle = h; /* we have to use pipe's event context, otherwise the call will hang indefinitely */ ctx->event_ctx = p->conn->event_ctx; ZERO_STRUCT(r); r.in.type = DOMAIN_LSA; r.in.domain_name = domain_name.string; status = libnet_DomainClose(ctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { ret = false; goto done; } done: talloc_free(mem_ctx); talloc_free(ctx); return ret; }
static int net_password_set(struct net_context *ctx, int argc, const char **argv) { NTSTATUS status; struct libnet_context *libnetctx; union libnet_SetPassword r; char *password_prompt = NULL; char *p; char *tmp; const char *account_name; const char *domain_name; const char *new_password = NULL; switch (argc) { case 0: /* no args -> fail */ return net_password_set_usage(ctx, argc, argv); case 1: /* only DOM\\user; prompt for password */ tmp = talloc_strdup(ctx, argv[0]); break; case 2: /* DOM\\USER and password */ tmp = talloc_strdup(ctx, argv[0]); new_password = argv[1]; break; default: /* too mayn args -> fail */ DEBUG(0,("net_password_set: too many args [%d]\n",argc)); return net_password_usage(ctx, argc, argv); } if ((p = strchr_m(tmp,'\\'))) { *p = 0; domain_name = tmp; account_name = talloc_strdup(ctx, p+1); } else { account_name = tmp; domain_name = cli_credentials_get_domain(ctx->credentials); } if (!new_password) { password_prompt = talloc_asprintf(ctx, "Enter new password for account [%s\\%s]:", domain_name, account_name); new_password = getpass(password_prompt); } libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); if (!libnetctx) { return -1; } libnetctx->cred = ctx->credentials; /* prepare password change */ r.generic.level = LIBNET_SET_PASSWORD_GENERIC; r.generic.in.account_name = account_name; r.generic.in.domain_name = domain_name; r.generic.in.newpassword = new_password; /* do password change */ status = libnet_SetPassword(libnetctx, ctx, &r); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("net_password_set: %s\n",r.generic.out.error_string)); return -1; } talloc_free(libnetctx); return 0; }
bool torture_domain_list(struct torture_context *torture) { bool ret = true; NTSTATUS status; TALLOC_CTX *mem_ctx = NULL; struct dcerpc_binding *binding; struct libnet_context *ctx; struct libnet_DomainList r; int i; status = torture_rpc_binding(torture, &binding); if (!NT_STATUS_IS_OK(status)) { return false; } ctx = libnet_context_init(torture->ev, torture->lp_ctx); if (ctx == NULL) { torture_comment(torture, "failed to create libnet context\n"); ret = false; goto done; } ctx->cred = cmdline_credentials; mem_ctx = talloc_init("torture_domain_close_samr"); /* * querying the domain list using default buffer size */ ZERO_STRUCT(r); r.in.hostname = dcerpc_binding_get_string_option(binding, "host"); status = libnet_DomainList(ctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { ret = false; goto done; } torture_comment(torture, "Received list or domains (everything in one piece):\n"); for (i = 0; i < r.out.count; i++) { torture_comment(torture, "Name[%d]: %s\n", i, r.out.domains[i].name); } /* * querying the domain list using specified (much smaller) buffer size */ ctx->samr.buf_size = 32; ZERO_STRUCT(r); r.in.hostname = dcerpc_binding_get_string_option(binding, "host"); status = libnet_DomainList(ctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { ret = false; goto done; } torture_comment(torture, "Received list or domains (collected in more than one round):\n"); for (i = 0; i < r.out.count; i++) { torture_comment(torture, "Name[%d]: %s\n", i, r.out.domains[i].name); } done: torture_comment(torture, "\nStatus: %s\n", nt_errstr(status)); talloc_free(mem_ctx); talloc_free(ctx); return ret; }
_PUBLIC_ struct test_join *torture_join_domain(struct torture_context *tctx, const char *machine_name, uint32_t acct_flags, struct cli_credentials **machine_credentials) { NTSTATUS status; struct libnet_context *libnet_ctx; struct libnet_JoinDomain *libnet_r; struct test_join *tj; struct samr_SetUserInfo s; union samr_UserInfo u; tj = talloc(tctx, struct test_join); if (!tj) return NULL; libnet_r = talloc(tj, struct libnet_JoinDomain); if (!libnet_r) { talloc_free(tj); return NULL; } libnet_ctx = libnet_context_init(tctx->ev, tctx->lp_ctx); if (!libnet_ctx) { talloc_free(tj); return NULL; } tj->libnet_r = libnet_r; libnet_ctx->cred = cmdline_credentials; libnet_r->in.binding = torture_setting_string(tctx, "binding", NULL); if (!libnet_r->in.binding) { libnet_r->in.binding = talloc_asprintf(libnet_r, "ncacn_np:%s", torture_setting_string(tctx, "host", NULL)); } libnet_r->in.level = LIBNET_JOINDOMAIN_SPECIFIED; libnet_r->in.netbios_name = machine_name; libnet_r->in.account_name = talloc_asprintf(libnet_r, "%s$", machine_name); if (!libnet_r->in.account_name) { talloc_free(tj); return NULL; } libnet_r->in.acct_type = acct_flags; libnet_r->in.recreate_account = true; status = libnet_JoinDomain(libnet_ctx, libnet_r, libnet_r); if (!NT_STATUS_IS_OK(status)) { if (libnet_r->out.error_string) { DEBUG(0, ("Domain join failed - %s\n", libnet_r->out.error_string)); } else { DEBUG(0, ("Domain join failed - %s\n", nt_errstr(status))); } talloc_free(tj); return NULL; } tj->p = libnet_r->out.samr_pipe; tj->user_handle = *libnet_r->out.user_handle; tj->dom_sid = libnet_r->out.domain_sid; talloc_steal(tj, libnet_r->out.domain_sid); tj->dom_netbios_name = libnet_r->out.domain_name; talloc_steal(tj, libnet_r->out.domain_name); tj->dom_dns_name = libnet_r->out.realm; talloc_steal(tj, libnet_r->out.realm); tj->user_guid = libnet_r->out.account_guid; tj->netbios_name = talloc_strdup(tj, machine_name); if (!tj->netbios_name) { talloc_free(tj); return NULL; } ZERO_STRUCT(u); s.in.user_handle = &tj->user_handle; s.in.info = &u; s.in.level = 21; u.info21.fields_present = SAMR_FIELD_DESCRIPTION | SAMR_FIELD_COMMENT | SAMR_FIELD_FULL_NAME; u.info21.comment.string = talloc_asprintf(tj, "Tortured by Samba4: %s", timestring(tj, time(NULL))); u.info21.full_name.string = talloc_asprintf(tj, "Torture account for Samba4: %s", timestring(tj, time(NULL))); u.info21.description.string = talloc_asprintf(tj, "Samba4 torture account created by host %s: %s", lp_netbios_name(tctx->lp_ctx), timestring(tj, time(NULL))); status = dcerpc_samr_SetUserInfo(tj->p, tj, &s); if (!NT_STATUS_IS_OK(status)) { printf("SetUserInfo (non-critical) failed - %s\n", nt_errstr(status)); } *machine_credentials = cli_credentials_init(tj); cli_credentials_set_conf(*machine_credentials, tctx->lp_ctx); cli_credentials_set_workstation(*machine_credentials, machine_name, CRED_SPECIFIED); cli_credentials_set_domain(*machine_credentials, libnet_r->out.domain_name, CRED_SPECIFIED); if (libnet_r->out.realm) { cli_credentials_set_realm(*machine_credentials, libnet_r->out.realm, CRED_SPECIFIED); } cli_credentials_set_username(*machine_credentials, libnet_r->in.account_name, CRED_SPECIFIED); cli_credentials_set_password(*machine_credentials, libnet_r->out.join_password, CRED_SPECIFIED); cli_credentials_set_kvno(*machine_credentials, libnet_r->out.kvno); if (acct_flags & ACB_SVRTRUST) { cli_credentials_set_secure_channel_type(*machine_credentials, SEC_CHAN_BDC); } else if (acct_flags & ACB_WSTRUST) { cli_credentials_set_secure_channel_type(*machine_credentials, SEC_CHAN_WKSTA); } else { DEBUG(0, ("Invalid account type specificed to torture_join_domain\n")); talloc_free(*machine_credentials); return NULL; } return tj; }
struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx, struct wbsrv_service *service, struct wb_dom_info *dom_info) { struct composite_context *result, *ctx; struct init_domain_state *state; result = composite_create(mem_ctx, service->task->event_ctx); if (result == NULL) goto failed; state = talloc_zero(result, struct init_domain_state); if (state == NULL) goto failed; state->ctx = result; result->private_data = state; state->service = service; state->domain = talloc(state, struct wbsrv_domain); if (state->domain == NULL) goto failed; state->domain->service = service; state->domain->info = talloc_reference(state->domain, dom_info); if (state->domain->info == NULL) goto failed; state->domain->dc_name = dom_info->dc->name; state->domain->dc_address = dom_info->dc->address; state->domain->libnet_ctx = libnet_context_init(service->task->event_ctx, service->task->lp_ctx); if (state->domain->libnet_ctx == NULL) goto failed; talloc_steal(state->domain, state->domain->libnet_ctx); /* Create a credentials structure */ state->domain->libnet_ctx->cred = cli_credentials_init(state->domain); if (state->domain->libnet_ctx->cred == NULL) goto failed; cli_credentials_set_conf(state->domain->libnet_ctx->cred, service->task->lp_ctx); /* Connect the machine account to the credentials */ state->ctx->status = cli_credentials_set_machine_account(state->domain->libnet_ctx->cred, state->domain->libnet_ctx->lp_ctx); if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; state->domain->netlogon_binding = init_domain_binding(state, &ndr_table_netlogon); state->domain->netlogon_pipe = NULL; state->domain->netlogon_queue = tevent_queue_create(state->domain, "netlogon_queue"); if (state->domain->netlogon_queue == NULL) goto failed; /* We start the queue when the connection is usable */ tevent_queue_stop(state->domain->netlogon_queue); if ((!cli_credentials_is_anonymous(state->domain->libnet_ctx->cred)) && ((lpcfg_server_role(service->task->lp_ctx) == ROLE_DOMAIN_MEMBER) || (lpcfg_server_role(service->task->lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC)) && (dom_sid_equal(state->domain->info->sid, state->service->primary_sid))) { uint32_t flags = DCERPC_SCHANNEL | DCERPC_SCHANNEL_AUTO; /* For debugging, it can be a real pain if all the traffic is encrypted */ if (lpcfg_winbind_sealed_pipes(service->task->lp_ctx)) { flags |= DCERPC_SIGN | DCERPC_SEAL; } else { flags |= DCERPC_SIGN; } state->ctx->status = dcerpc_binding_set_flags(state->domain->netlogon_binding, flags, 0); if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; } /* No encryption on anonymous pipes */ ctx = dcerpc_pipe_connect_b_send(state, state->domain->netlogon_binding, &ndr_table_netlogon, state->domain->libnet_ctx->cred, service->task->event_ctx, service->task->lp_ctx); if (composite_nomem(ctx, state->ctx)) { goto failed; } composite_continue(state->ctx, ctx, init_domain_recv_netlogonpipe, state); return result; failed: talloc_free(result); return NULL; }
bool torture_domain_close_samr(struct torture_context *torture) { bool ret = true; NTSTATUS status; TALLOC_CTX *mem_ctx = NULL; struct libnet_context *ctx; struct lsa_String domain_name; struct dcerpc_binding *binding; uint32_t access_mask; struct policy_handle h; struct dcerpc_pipe *p; struct libnet_DomainClose r; struct dom_sid *sid; status = torture_rpc_binding(torture, &binding); if (!NT_STATUS_IS_OK(status)) { return false; } ctx = libnet_context_init(torture->ev, torture->lp_ctx); if (ctx == NULL) { d_printf("failed to create libnet context\n"); ret = false; goto done; } ctx->cred = cmdline_credentials; mem_ctx = talloc_init("torture_domain_close_samr"); status = dcerpc_pipe_connect_b(mem_ctx, &p, binding, &ndr_table_samr, ctx->cred, torture->ev, torture->lp_ctx); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to connect to server: %s\n", nt_errstr(status)); ret = false; goto done; } domain_name.string = talloc_strdup(mem_ctx, lp_workgroup(torture->lp_ctx)); if (!test_opendomain_samr(p, torture, &h, &domain_name, &access_mask, &sid)) { d_printf("failed to open domain on samr service\n"); ret = false; goto done; } ctx->samr.pipe = p; ctx->samr.name = talloc_steal(ctx, domain_name.string); ctx->samr.access_mask = access_mask; ctx->samr.handle = h; ctx->samr.sid = talloc_steal(ctx, sid); /* we have to use pipe's event context, otherwise the call will hang indefinitely - this wouldn't be the case if pipe was opened by means of libnet call */ ctx->event_ctx = p->conn->event_ctx; ZERO_STRUCT(r); r.in.type = DOMAIN_SAMR; r.in.domain_name = domain_name.string; status = libnet_DomainClose(ctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { ret = false; goto done; } done: talloc_free(mem_ctx); talloc_free(ctx); return ret; }
BOOL torture_domain_close_samr(struct torture_context *torture) { BOOL ret = True; NTSTATUS status; TALLOC_CTX *mem_ctx = NULL; struct libnet_context *ctx; struct lsa_String domain_name; struct dcerpc_binding *binding; const char *bindstr; uint32_t access_mask; struct policy_handle h; struct dcerpc_pipe *p; struct libnet_DomainClose r; bindstr = torture_setting_string(torture, "binding", NULL); status = dcerpc_parse_binding(torture, bindstr, &binding); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to parse binding string\n"); return False; } ctx = libnet_context_init(NULL); if (ctx == NULL) { d_printf("failed to create libnet context\n"); ret = False; goto done; } ctx->cred = cmdline_credentials; mem_ctx = talloc_init("torture_domain_close_samr"); status = dcerpc_pipe_connect(mem_ctx, &p, bindstr, &dcerpc_table_samr, ctx->cred, NULL); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to connect to server %s: %s\n", bindstr, nt_errstr(status)); ret = False; goto done; } domain_name.string = lp_workgroup(); if (!test_opendomain_samr(p, torture, &h, &domain_name, &access_mask)) { d_printf("failed to open domain on samr service\n"); ret = False; goto done; } ctx->samr.pipe = p; ctx->samr.name = domain_name.string; ctx->samr.access_mask = access_mask; ctx->samr.handle = h; /* we have to use pipe's event context, otherwise the call will hang indefinitely - this wouldn't be the case if pipe was opened by means of libnet call */ ctx->event_ctx = p->conn->event_ctx; ZERO_STRUCT(r); r.in.type = DOMAIN_SAMR; r.in.domain_name = domain_name.string; status = libnet_DomainClose(ctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { ret = False; goto done; } done: talloc_free(mem_ctx); talloc_free(ctx); return ret; }
BOOL torture_domain_list(struct torture_context *torture) { BOOL ret = True; NTSTATUS status; TALLOC_CTX *mem_ctx = NULL; const char *bindstr; struct dcerpc_binding *binding; struct libnet_context *ctx; struct libnet_DomainList r; int i; bindstr = torture_setting_string(torture, "binding", NULL); status = dcerpc_parse_binding(torture, bindstr, &binding); if (!NT_STATUS_IS_OK(status)) { d_printf("failed to parse binding string\n"); return False; } ctx = libnet_context_init(NULL); if (ctx == NULL) { d_printf("failed to create libnet context\n"); ret = False; goto done; } ctx->cred = cmdline_credentials; mem_ctx = talloc_init("torture_domain_close_samr"); /* * querying the domain list using default buffer size */ ZERO_STRUCT(r); r.in.hostname = binding->host; status = libnet_DomainList(ctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { ret = False; goto done; } d_printf("Received list or domains (everything in one piece):\n"); for (i = 0; i < r.out.count; i++) { d_printf("Name[%d]: %s\n", i, r.out.domains[i].name); } /* * querying the domain list using specified (much smaller) buffer size */ ctx->samr.buf_size = 32; ZERO_STRUCT(r); r.in.hostname = binding->host; status = libnet_DomainList(ctx, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { ret = False; goto done; } d_printf("Received list or domains (collected in more than one round):\n"); for (i = 0; i < r.out.count; i++) { d_printf("Name[%d]: %s\n", i, r.out.domains[i].name); } done: d_printf("\nStatus: %s\n", nt_errstr(status)); talloc_free(mem_ctx); talloc_free(ctx); return ret; }