LCOV - code coverage report
Current view: top level - source4/torture/rpc - drsuapi_w2k8.c (source / functions) Hit Total Coverage
Test: coverage report for master 98b443d9 Lines: 115 147 78.2 %
Date: 2024-05-31 13:13:24 Functions: 7 8 87.5 %

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    DRSUapi tests
       5             : 
       6             :    Copyright (C) Andrew Tridgell 2003
       7             :    Copyright (C) Stefan (metze) Metzmacher 2004
       8             :    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2006
       9             : 
      10             :    This program is free software; you can redistribute it and/or modify
      11             :    it under the terms of the GNU General Public License as published by
      12             :    the Free Software Foundation; either version 3 of the License, or
      13             :    (at your option) any later version.
      14             : 
      15             :    This program is distributed in the hope that it will be useful,
      16             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      17             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      18             :    GNU General Public License for more details.
      19             : 
      20             :    You should have received a copy of the GNU General Public License
      21             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      22             : */
      23             : 
      24             : #include "includes.h"
      25             : #include "librpc/gen_ndr/ndr_drsuapi_c.h"
      26             : #include "torture/rpc/torture_rpc.h"
      27             : #include "param/param.h"
      28             : 
      29             : #define TEST_MACHINE_NAME "torturetest"
      30             : 
      31             : /*
      32             :  * DsBind as sent from W2K8 Client.
      33             :  * This should work regardless of functional level, and accept
      34             :  * any info <=48
      35             :  */
      36           5 : bool test_DsBind_w2k8(struct torture_context *tctx,
      37             :                       struct DsPrivate_w2k8 *priv)
      38             : {
      39           0 :         NTSTATUS status;
      40           5 :         struct dcerpc_pipe *p = priv->drs_pipe;
      41           0 :         struct drsuapi_DsBind r;
      42           0 :         struct drsuapi_DsBindInfo48 *bind_info48;
      43           0 :         struct drsuapi_DsBindInfoCtr bind_info_ctr;
      44             : 
      45             :         /* We send info48 */
      46           5 :         ZERO_STRUCT(bind_info_ctr);
      47           5 :         bind_info_ctr.length = 48;
      48             : 
      49           5 :         bind_info48 = &bind_info_ctr.info.info48;
      50           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_BASE;
      51           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
      52           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
      53           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
      54           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
      55           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
      56           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
      57           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
      58           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
      59           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
      60           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
      61           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
      62           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
      63           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
      64           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
      65           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
      66           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
      67           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
      68           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
      69           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
      70           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
      71           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
      72           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
      73           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
      74           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
      75           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
      76           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
      77           5 :         bind_info48->supported_extensions    |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
      78             : 
      79             :         /*
      80             :          * We wish for DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2,
      81             :          * needed for DsGetDomainControllerInfo level 3
      82             :          */
      83           5 :         bind_info48->supported_extensions_ext  |= DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2;
      84             : 
      85           5 :         GUID_from_string(DRSUAPI_DS_BIND_GUID, &priv->bind_guid);
      86             : 
      87           5 :         r.in.bind_guid = &priv->bind_guid;
      88           5 :         r.in.bind_info = &bind_info_ctr;
      89           5 :         r.out.bind_handle = &priv->bind_handle;
      90             : 
      91           5 :         torture_comment(tctx, "Testing DsBind W2K8\n");
      92             : 
      93           5 :         status = dcerpc_drsuapi_DsBind_r(p->binding_handle, tctx, &r);
      94           5 :         torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsBind");
      95             : 
      96           3 :         torture_assert_not_null(tctx, r.out.bind_info,
      97             :                                 "DsBind with info48 results in NULL");
      98             : 
      99             :         /* cache server supported extensions, i.e. bind_info */
     100           3 :         priv->srv_bind_info = *r.out.bind_info;
     101             : 
     102             :         /*
     103             :          * We do not check for length here, because it should be valid to return
     104             :          * any valid info
     105             :          */
     106             : 
     107           3 :         return true;
     108             : }
     109             : 
     110           1 : static bool test_DsGetDomainControllerInfo_w2k8(struct torture_context *tctx,
     111             :                                                 struct DsPrivate_w2k8 *priv)
     112             : {
     113           0 :         NTSTATUS status;
     114           1 :         struct dcerpc_pipe *p = priv->drs_pipe;
     115           0 :         struct drsuapi_DsGetDomainControllerInfo r;
     116           0 :         union drsuapi_DsGetDCInfoCtr ctr;
     117           1 :         int32_t level_out = 0;
     118           1 :         uint32_t supported_extensions_ext = 0;
     119           1 :         bool found = false;
     120           0 :         int j, k;
     121             : 
     122           0 :         struct {
     123             :                 const char *name;
     124             :                 WERROR expected;
     125           2 :         } names[] = {
     126             :                 {
     127           1 :                         .name = torture_join_dom_netbios_name(priv->join),
     128             :                         .expected = WERR_OK
     129             :                 },
     130             :                 {
     131           1 :                         .name = torture_join_dom_dns_name(priv->join),
     132             :                         .expected = WERR_OK
     133             :                 },
     134             :                 {
     135             :                         .name = "__UNKNOWN_DOMAIN__",
     136             :                         .expected = WERR_DS_OBJ_NOT_FOUND
     137             :                 },
     138             :                 {
     139             :                         .name = "unknown.domain.samba.example.com",
     140             :                         .expected = WERR_DS_OBJ_NOT_FOUND
     141             :                 },
     142             :         };
     143             : 
     144             :         /* Levels 1 and 2 are tested in standard drsuapi tests */
     145           1 :         int level = 3;
     146             : 
     147             :         /* Do Bind first. */
     148           1 :         if (!test_DsBind_w2k8(tctx, priv)) {
     149           0 :                 return false;
     150             :         }
     151             : 
     152             :         /*
     153             :          * We used DsBind_w2k8, so DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2
     154             :          * should mean support for level 3
     155             :          */
     156             : 
     157             :         /*
     158             :          * We are looking for an extension found in info32 and later
     159             :          */
     160           1 :         switch (priv->srv_bind_info.length) {
     161           0 :         case 32:
     162           0 :                 supported_extensions_ext = priv->srv_bind_info.info.info32.supported_extensions_ext;
     163           0 :                 break;
     164           1 :         case 48:
     165           1 :                 supported_extensions_ext = priv->srv_bind_info.info.info48.supported_extensions_ext;
     166           1 :                 break;
     167           0 :         default:
     168           0 :                 supported_extensions_ext = 0;
     169           0 :                 break;
     170             :         }
     171             : 
     172           1 :         supported_extensions_ext &= DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2;
     173           1 :         torture_assert(tctx, (supported_extensions_ext > 0),
     174             :                        "Server does not support DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2");
     175             : 
     176           1 :         for (j=0; j < ARRAY_SIZE(names); j++) {
     177           0 :                 union drsuapi_DsGetDCInfoRequest req;
     178           1 :                 r.in.bind_handle = &priv->bind_handle;
     179           1 :                 r.in.level = 1;
     180           1 :                 r.in.req = &req;
     181             : 
     182           1 :                 r.in.req->req1.domain_name = names[j].name;
     183           1 :                 r.in.req->req1.level = level;
     184             : 
     185           1 :                 r.out.ctr = &ctr;
     186           1 :                 r.out.level_out = &level_out;
     187             : 
     188           1 :                 torture_comment(tctx,
     189             :                            "Testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
     190           1 :                        r.in.req->req1.level, r.in.req->req1.domain_name);
     191             : 
     192           1 :                 status = dcerpc_drsuapi_DsGetDomainControllerInfo_r(p->binding_handle, tctx, &r);
     193           1 :                 torture_assert_ntstatus_ok(tctx, status,
     194             :                            "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
     195           1 :                 torture_assert_werr_equal(tctx, r.out.result, names[j].expected,
     196             :                                    "DsGetDomainControllerInfo level with dns domain failed");
     197             : 
     198           1 :                 if (!W_ERROR_IS_OK(r.out.result)) {
     199             :                         /* If this was an error, we can't read the result structure */
     200           0 :                         continue;
     201             :                 }
     202             : 
     203           1 :                 torture_assert_int_equal(tctx, r.in.req->req1.level, *r.out.level_out,
     204             :                                          "dcerpc_drsuapi_DsGetDomainControllerInfo in/out level differs");
     205             : 
     206           1 :                 for (k=0; k < r.out.ctr->ctr3.count; k++) {
     207           1 :                         if (strcasecmp_m(r.out.ctr->ctr3.array[k].netbios_name,
     208             :                                          torture_join_netbios_name(priv->join)) == 0) {
     209           1 :                                 found = true;
     210           1 :                                 priv->dcinfo = r.out.ctr->ctr3.array[k];
     211           1 :                                 break;
     212             :                         }
     213             :                 }
     214           1 :                 break;
     215             : 
     216             :                 torture_assert(tctx, found,
     217             :                          "dcerpc_drsuapi_DsGetDomainControllerInfo: Failed to find the domain controller we just created during the join");
     218             :         }
     219             : 
     220           1 :         return true;
     221             : }
     222             : 
     223             : 
     224           0 : bool test_DsUnbind_w2k8(struct torture_context *tctx,
     225             :                         struct DsPrivate_w2k8 *priv)
     226             : {
     227           0 :         NTSTATUS status;
     228           0 :         struct dcerpc_pipe *p = priv->drs_pipe;
     229           0 :         struct drsuapi_DsUnbind r;
     230             : 
     231           0 :         r.in.bind_handle = &priv->bind_handle;
     232           0 :         r.out.bind_handle = &priv->bind_handle;
     233             : 
     234           0 :         torture_comment(tctx, "Testing DsUnbind W2K8\n");
     235             : 
     236           0 :         status = dcerpc_drsuapi_DsUnbind_r(p->binding_handle, tctx, &r);
     237           0 :         torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsUnbind");
     238             : 
     239           0 :         return true;
     240             : }
     241             : 
     242             : /**
     243             :  * Common test case setup function to be used
     244             :  * in DRS suit of test when appropriate
     245             :  */
     246           3 : bool torture_drsuapi_w2k8_tcase_setup_common(struct torture_context *tctx,
     247             :                                              struct DsPrivate_w2k8 *priv)
     248             : {
     249           0 :         NTSTATUS status;
     250           3 :         int rnd = rand() % 1000;
     251           3 :         char *name = talloc_asprintf(tctx, "%s%d", TEST_MACHINE_NAME, rnd);
     252           0 :         struct cli_credentials *machine_credentials;
     253             : 
     254           3 :         torture_assert(tctx, priv, "Invalid argument");
     255             : 
     256           3 :         torture_comment(tctx, "Create DRSUAPI pipe\n");
     257           3 :         status = torture_rpc_connection(tctx,
     258             :                                         &priv->drs_pipe,
     259             :                                         &ndr_table_drsuapi);
     260           3 :         torture_assert(tctx, NT_STATUS_IS_OK(status), "Unable to connect to DRSUAPI pipe");
     261             : 
     262           3 :         torture_comment(tctx, "About to join domain with name %s\n", name);
     263           3 :         priv->join = torture_join_domain(tctx, name, ACB_SVRTRUST,
     264             :                                          &machine_credentials);
     265           3 :         torture_assert(tctx, priv->join, "Failed to join as BDC");
     266             : 
     267             :         /*
     268             :          * After that every test should use DsBind and DsGetDomainControllerInfo
     269             :          */
     270           3 :         if (!test_DsBind_w2k8(tctx, priv)) {
     271             :                 /* clean up */
     272           2 :                 torture_drsuapi_w2k8_tcase_teardown_common(tctx, priv);
     273           2 :                 torture_fail(tctx, "Failed execute test_DsBind_w2k8()");
     274             :         }
     275             : 
     276             : 
     277           1 :         return true;
     278             : }
     279             : 
     280             : /**
     281             :  * Common test case teardown function to be used
     282             :  * in DRS suit of test when appropriate
     283             :  */
     284           3 : bool torture_drsuapi_w2k8_tcase_teardown_common(struct torture_context *tctx,
     285             :                                                 struct DsPrivate_w2k8 *priv)
     286             : {
     287           3 :         if (priv->join) {
     288           3 :                 torture_leave_domain(tctx, priv->join);
     289             :         }
     290             : 
     291           3 :         return true;
     292             : }
     293             : 
     294             : /**
     295             :  * Test case setup for DRSUAPI test case
     296             :  */
     297           3 : static bool torture_drsuapi_w2k8_tcase_setup(struct torture_context *tctx, void **data)
     298             : {
     299           0 :         struct DsPrivate_w2k8 *priv;
     300             : 
     301           3 :         *data = priv = talloc_zero(tctx, struct DsPrivate_w2k8);
     302             : 
     303           3 :         return torture_drsuapi_w2k8_tcase_setup_common(tctx, priv);
     304             : }
     305             : 
     306             : /**
     307             :  * Test case tear-down for DRSUAPI test case
     308             :  */
     309           1 : static bool torture_drsuapi_w2k8_tcase_teardown(struct torture_context *tctx, void *data)
     310             : {
     311           0 :         bool ret;
     312           1 :         struct DsPrivate_w2k8 *priv = talloc_get_type(data, struct DsPrivate_w2k8);
     313             : 
     314           1 :         ret = torture_drsuapi_w2k8_tcase_teardown_common(tctx, priv);
     315             : 
     316           1 :         talloc_free(priv);
     317           1 :         return ret;
     318             : }
     319             : 
     320             : /**
     321             :  * DRSUAPI test case implementation
     322             :  */
     323        2338 : void torture_rpc_drsuapi_w2k8_tcase(struct torture_suite *suite)
     324             : {
     325         125 :         typedef bool (*run_func) (struct torture_context *test, void *tcase_data);
     326             : 
     327        2338 :         struct torture_tcase *tcase = torture_suite_add_tcase(suite, "drsuapi_w2k8");
     328             : 
     329        2338 :         torture_tcase_set_fixture(tcase, torture_drsuapi_w2k8_tcase_setup,
     330             :                                   torture_drsuapi_w2k8_tcase_teardown);
     331             : 
     332        2338 :         torture_tcase_add_simple_test(tcase, "DsBind_W2K8", (run_func)test_DsBind_w2k8);
     333        2338 :         torture_tcase_add_simple_test(tcase, "DsGetDomainControllerInfo_W2K8", (run_func)test_DsGetDomainControllerInfo_w2k8);
     334        2338 : }

Generated by: LCOV version 1.14