/**
\details Create an asynchronous wait call
This basically "parks" a call on the AsyncEMSMDB interface to allow
asynchronous notification to the client of changes on the server.
This call (probably) won't return immediately, but will return when
the server makes a change, or 300 seconds (5 minutes) elapses. This
call will then need to be re-queued if further change notifications
are wanted.
\param emsmdb_ctx pointer to the EMSMDB context
\param flagsIn input flags (currently must be 0x00000000)
\param flagsOut output flags (zero for a call completion with no changes, non-zero if there are changes)
\return MAPI_E_SUCCESS on success, otherwise MAPI error
*/
enum MAPISTATUS emsmdb_async_waitex(struct emsmdb_context *emsmdb_ctx, uint32_t flagsIn, uint32_t *flagsOut)
{
NTSTATUS status;
enum MAPISTATUS retval;
struct EcDoAsyncWaitEx r;
/* Sanity Checks */
OPENCHANGE_RETVAL_IF(!emsmdb_ctx, MAPI_E_NOT_INITIALIZED, NULL);
OPENCHANGE_RETVAL_IF(!(emsmdb_ctx->mem_ctx), MAPI_E_NOT_INITIALIZED, NULL);
OPENCHANGE_RETVAL_IF(!(emsmdb_ctx->async_rpc_connection), MAPI_E_NOT_INITIALIZED, NULL);
r.in.async_handle = &(emsmdb_ctx->async_handle);
r.in.ulFlagsIn = flagsIn;
r.out.pulFlagsOut = flagsOut;
dcerpc_binding_handle_set_timeout(emsmdb_ctx->async_rpc_connection->binding_handle, 400);
status = dcerpc_EcDoAsyncWaitEx_r(emsmdb_ctx->async_rpc_connection->binding_handle, emsmdb_ctx->mem_ctx, &r);
retval = r.out.result;
OPENCHANGE_RETVAL_IF(!NT_STATUS_IS_OK(status), retval, NULL);
OPENCHANGE_RETVAL_IF(retval, retval, NULL);
return MAPI_E_SUCCESS;
}
static WERROR cmd_witness_AsyncNotify(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS status;
WERROR result = WERR_OK;
TALLOC_CTX *frame = talloc_stackframe();
struct policy_handle hnd;
struct witness_notifyResponse *response = NULL;
uint32_t timeout;
int i;
use_only_one_rpc_pipe_hack(cli);
if (argc != 2) {
d_printf("%s <context_handle>\n", argv[0]);
goto done;
}
if (!read_context_handle(argv[1], &hnd)) {
result = WERR_INVALID_PARAMETER;
goto done;
}
timeout = dcerpc_binding_handle_set_timeout(cli->binding_handle, UINT32_MAX);
status = dcerpc_witness_AsyncNotify(cli->binding_handle, frame, hnd,
&response, &result);
dcerpc_binding_handle_set_timeout(cli->binding_handle, timeout);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("dcerpc_witness_AsyncNotify failed, status: %s\n", nt_errstr(status)));
result = ntstatus_to_werror(status);
goto done;
}
if (!W_ERROR_IS_OK(result)) {
DEBUG(0, ("dcerpc_witness_AsyncNotify failed, error: %s\n", win_errstr(result)));
goto done;
}
if (response == NULL) {
d_printf("Got an empty response\n");
goto done;
}
switch(response->type) {
case WITNESS_NOTIFY_RESOURCE_CHANGE:
d_printf("Resource change");
break;
case WITNESS_NOTIFY_CLIENT_MOVE:
d_printf("Client move");
break;
case WITNESS_NOTIFY_SHARE_MOVE:
d_printf("Share move");
break;
case WITNESS_NOTIFY_IP_CHANGE:
d_printf("IP change");
break;
default:
d_printf("Unknown (0x%x)", (int)response->type);
}
d_printf(" with %d messages\n", response->num);
for (i=0; i < response->num; i++) {
print_notify_response(&response->messages[i], response->type);
}
done:
talloc_free(frame);
return result;
}
static bool test_fsrvp_sc_create(struct torture_context *tctx,
struct dcerpc_pipe *p,
const char *share,
enum test_fsrvp_inject inject,
struct fssagent_share_mapping_1 **sc_map)
{
struct fss_IsPathSupported r_pathsupport_get;
struct fss_GetSupportedVersion r_version_get;
struct fss_SetContext r_context_set;
struct fss_StartShadowCopySet r_scset_start;
struct fss_AddToShadowCopySet r_scset_add1;
struct fss_AddToShadowCopySet r_scset_add2;
struct fss_PrepareShadowCopySet r_scset_prep;
struct fss_CommitShadowCopySet r_scset_commit;
struct fss_ExposeShadowCopySet r_scset_expose;
struct fss_GetShareMapping r_sharemap_get;
struct dcerpc_binding_handle *b = p->binding_handle;
NTSTATUS status;
time_t start_time;
TALLOC_CTX *tmp_ctx = talloc_new(tctx);
struct fssagent_share_mapping_1 *map = NULL;
int sleep_time;
/*
* PrepareShadowCopySet & CommitShadowCopySet often exceed the default
* 60 second dcerpc request timeout against Windows Server "8" Beta.
*/
dcerpc_binding_handle_set_timeout(b, 240);
ZERO_STRUCT(r_pathsupport_get);
r_pathsupport_get.in.ShareName = share;
status = dcerpc_fss_IsPathSupported_r(b, tmp_ctx, &r_pathsupport_get);
torture_assert_ntstatus_ok(tctx, status,
"IsPathSupported failed");
torture_assert_int_equal(tctx, r_pathsupport_get.out.result, 0,
"failed IsPathSupported response");
torture_assert(tctx, r_pathsupport_get.out.SupportedByThisProvider,
"path not supported");
ZERO_STRUCT(r_version_get);
status = dcerpc_fss_GetSupportedVersion_r(b, tmp_ctx, &r_version_get);
torture_assert_ntstatus_ok(tctx, status,
"GetSupportedVersion failed");
torture_assert_int_equal(tctx, r_version_get.out.result, 0,
"failed GetSupportedVersion response");
ZERO_STRUCT(r_context_set);
r_context_set.in.Context = FSRVP_CTX_BACKUP;
status = dcerpc_fss_SetContext_r(b, tmp_ctx, &r_context_set);
torture_assert_ntstatus_ok(tctx, status, "SetContext failed");
torture_assert_int_equal(tctx, r_context_set.out.result, 0,
"failed SetContext response");
if (inject == TEST_FSRVP_TOUT_SET_CTX) {
sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
"sequence timeout", 180);
torture_comment(tctx, "sleeping for %d\n", sleep_time);
smb_msleep((sleep_time * 1000) + 500);
}
ZERO_STRUCT(r_scset_start);
r_scset_start.in.ClientShadowCopySetId = GUID_random();
status = dcerpc_fss_StartShadowCopySet_r(b, tmp_ctx, &r_scset_start);
torture_assert_ntstatus_ok(tctx, status,
"StartShadowCopySet failed");
if (inject == TEST_FSRVP_TOUT_SET_CTX) {
/* expect error due to message sequence timeout after set_ctx */
torture_assert_int_equal(tctx, r_scset_start.out.result,
FSRVP_E_BAD_STATE,
"StartShadowCopySet timeout response");
goto done;
}
torture_assert_int_equal(tctx, r_scset_start.out.result, 0,
"failed StartShadowCopySet response");
torture_comment(tctx, "%s: shadow-copy set created\n",
GUID_string(tmp_ctx, r_scset_start.out.pShadowCopySetId));
if (inject == TEST_FSRVP_TOUT_START_SET) {
sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
"sequence timeout", 180);
torture_comment(tctx, "sleeping for %d\n", sleep_time);
smb_msleep((sleep_time * 1000) + 500);
}
ZERO_STRUCT(r_scset_add1);
r_scset_add1.in.ClientShadowCopyId = GUID_random();
r_scset_add1.in.ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
r_scset_add1.in.ShareName = share;
status = dcerpc_fss_AddToShadowCopySet_r(b, tmp_ctx, &r_scset_add1);
torture_assert_ntstatus_ok(tctx, status,
"AddToShadowCopySet failed");
if (inject == TEST_FSRVP_TOUT_START_SET) {
torture_assert_int_equal(tctx, r_scset_add1.out.result,
HRES_ERROR_V(HRES_E_INVALIDARG),
"AddToShadowCopySet timeout response");
goto done;
}
torture_assert_int_equal(tctx, r_scset_add1.out.result, 0,
"failed AddToShadowCopySet response");
torture_comment(tctx, "%s(%s): %s added to shadow-copy set\n",
GUID_string(tmp_ctx, r_scset_start.out.pShadowCopySetId),
GUID_string(tmp_ctx, r_scset_add1.out.pShadowCopyId),
r_scset_add1.in.ShareName);
/* attempts to add the same share twice should fail */
ZERO_STRUCT(r_scset_add2);
r_scset_add2.in.ClientShadowCopyId = GUID_random();
r_scset_add2.in.ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
r_scset_add2.in.ShareName = share;
status = dcerpc_fss_AddToShadowCopySet_r(b, tmp_ctx, &r_scset_add2);
torture_assert_ntstatus_ok(tctx, status,
"AddToShadowCopySet failed");
torture_assert_int_equal(tctx, r_scset_add2.out.result,
FSRVP_E_OBJECT_ALREADY_EXISTS,
"failed AddToShadowCopySet response");
if (inject == TEST_FSRVP_TOUT_ADD_TO_SET) {
sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
"sequence timeout", 1800);
torture_comment(tctx, "sleeping for %d\n", sleep_time);
smb_msleep((sleep_time * 1000) + 500);
}
start_time = time_mono(NULL);
ZERO_STRUCT(r_scset_prep);
r_scset_prep.in.ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
// r_scset_prep.in.TimeOutInMilliseconds = (1800 * 1000); /* win8 */
r_scset_prep.in.TimeOutInMilliseconds = (240 * 1000);
status = dcerpc_fss_PrepareShadowCopySet_r(b, tmp_ctx, &r_scset_prep);
torture_assert_ntstatus_ok(tctx, status,
"PrepareShadowCopySet failed");
if (inject == TEST_FSRVP_TOUT_ADD_TO_SET) {
torture_assert_int_equal(tctx, r_scset_prep.out.result,
HRES_ERROR_V(HRES_E_INVALIDARG),
"PrepareShadowCopySet tout response");
goto done;
}
torture_assert_int_equal(tctx, r_scset_prep.out.result, 0,
"failed PrepareShadowCopySet response");
torture_comment(tctx, "%s: prepare completed in %llu secs\n",
GUID_string(tmp_ctx, r_scset_start.out.pShadowCopySetId),
(unsigned long long)(time_mono(NULL) - start_time));
if (inject == TEST_FSRVP_TOUT_PREPARE) {
sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
"sequence timeout", 1800);
torture_comment(tctx, "sleeping for %d\n", sleep_time);
smb_msleep((sleep_time * 1000) + 500);
}
start_time = time_mono(NULL);
ZERO_STRUCT(r_scset_commit);
r_scset_commit.in.ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
r_scset_commit.in.TimeOutInMilliseconds = (180 * 1000); /* win8 */
status = dcerpc_fss_CommitShadowCopySet_r(b, tmp_ctx, &r_scset_commit);
torture_assert_ntstatus_ok(tctx, status,
"CommitShadowCopySet failed");
if (inject == TEST_FSRVP_TOUT_PREPARE) {
torture_assert_int_equal(tctx, r_scset_commit.out.result,
HRES_ERROR_V(HRES_E_INVALIDARG),
"CommitShadowCopySet tout response");
goto done;
}
torture_assert_int_equal(tctx, r_scset_commit.out.result, 0,
"failed CommitShadowCopySet response");
torture_comment(tctx, "%s: commit completed in %llu secs\n",
GUID_string(tmp_ctx, r_scset_start.out.pShadowCopySetId),
(unsigned long long)(time_mono(NULL) - start_time));
if (inject == TEST_FSRVP_TOUT_COMMIT) {
sleep_time = lpcfg_parm_int(tctx->lp_ctx, NULL, "fss",
"sequence timeout", 180);
torture_comment(tctx, "sleeping for %d\n", sleep_time);
smb_msleep((sleep_time * 1000) + 500);
} else if (inject == TEST_FSRVP_STOP_B4_EXPOSE) {
/* return partial snapshot information */
map = talloc_zero(tctx, struct fssagent_share_mapping_1);
map->ShadowCopySetId = *r_scset_start.out.pShadowCopySetId;
map->ShadowCopyId = *r_scset_add1.out.pShadowCopyId;
goto done;
}
NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *account_name,
const unsigned char orig_trust_passwd_hash[16],
const char *new_trust_pwd_cleartext,
const unsigned char new_trust_passwd_hash[16],
enum netr_SchannelType sec_channel_type)
{
NTSTATUS result, status;
struct netr_Authenticator clnt_creds, srv_cred;
struct dcerpc_binding_handle *b = cli->binding_handle;
if (!cli->dc) {
uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
result = rpccli_netlogon_setup_creds(cli,
cli->desthost, /* server name */
lp_workgroup(), /* domain */
lp_netbios_name(), /* client name */
account_name, /* machine account name */
orig_trust_passwd_hash,
sec_channel_type,
&neg_flags);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(3,("rpccli_netlogon_set_trust_password: unable to setup creds (%s)!\n",
nt_errstr(result)));
return result;
}
}
netlogon_creds_client_authenticator(cli->dc, &clnt_creds);
if (cli->dc->negotiate_flags & NETLOGON_NEG_PASSWORD_SET2) {
struct netr_CryptPassword new_password;
uint32_t old_timeout;
init_netr_CryptPassword(new_trust_pwd_cleartext,
cli->dc,
&new_password);
old_timeout = dcerpc_binding_handle_set_timeout(b, 600000);
status = dcerpc_netr_ServerPasswordSet2(b, mem_ctx,
cli->srv_name_slash,
cli->dc->account_name,
sec_channel_type,
cli->dc->computer_name,
&clnt_creds,
&srv_cred,
&new_password,
&result);
dcerpc_binding_handle_set_timeout(b, old_timeout);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("dcerpc_netr_ServerPasswordSet2 failed: %s\n",
nt_errstr(status)));
return status;
}
} else {
struct samr_Password new_password;
uint32_t old_timeout;
memcpy(new_password.hash, new_trust_passwd_hash, sizeof(new_password.hash));
netlogon_creds_des_encrypt(cli->dc, &new_password);
old_timeout = dcerpc_binding_handle_set_timeout(b, 600000);
status = dcerpc_netr_ServerPasswordSet(b, mem_ctx,
cli->srv_name_slash,
cli->dc->account_name,
sec_channel_type,
cli->dc->computer_name,
&clnt_creds,
&srv_cred,
&new_password,
&result);
dcerpc_binding_handle_set_timeout(b, old_timeout);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("dcerpc_netr_ServerPasswordSet failed: %s\n",
nt_errstr(status)));
return status;
}
}
/* Always check returned credentials. */
if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
DEBUG(0,("credentials chain check failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0,("dcerpc_netr_ServerPasswordSet{2} failed: %s\n",
nt_errstr(result)));
return result;
}
return result;
}