PageRenderTime 59ms CodeModel.GetById 13ms RepoModel.GetById 0ms app.codeStats 0ms

/source4/torture/libnet/libnet_domain.c

https://github.com/endisd/samba
C | 444 lines | 315 code | 90 blank | 39 comment | 30 complexity | 0d728b3d35be1bb154ef118cc11f094b MD5 | raw file
Possible License(s): GPL-3.0 
    

  1. /* 
    2. 

  2.    Unix SMB/CIFS implementation.
    3. 

  3.    Test suite for libnet calls.
    4. 

    5. 

  5.    Copyright (C) Rafal Szczesniak 2006
    6. 

  6.    
    7. 

  7.    This program is free software; you can redistribute it and/or modify
    8. 

  8.    it under the terms of the GNU General Public License as published by
    9. 

  9.    the Free Software Foundation; either version 3 of the License, or
    10. 

  10.    (at your option) any later version.
    11. 

  11.    
    12. 

  12.    This program is distributed in the hope that it will be useful,
    13. 

  13.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.    GNU General Public License for more details.
    16. 

  16.    
    17. 

  17.    You should have received a copy of the GNU General Public License
    18. 

  18.    along with this program.  If not, see <http://www.gnu.org/licenses/>.
    19. 

  19. */
    20. 

  20. 

  21. 

  22. #include "includes.h"
    23. 

  23. #include "lib/cmdline/popt_common.h"
    24. 

  24. #include "libnet/libnet.h"
    25. 

  25. #include "librpc/gen_ndr/ndr_samr_c.h"
    26. 

  26. #include "librpc/gen_ndr/ndr_lsa_c.h"
    27. 

  27. #include "torture/rpc/rpc.h"
    28. 

  28. #include "param/param.h"
    29. 

  29. 

  30. 

  31. static bool test_opendomain_samr(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
    32. 

  32. 				 struct policy_handle *handle, struct lsa_String *domname,
    33. 

  33. 				 uint32_t *access_mask, struct dom_sid **sid_p)
    34. 

  34. {
    35. 

  35. 	NTSTATUS status;
    36. 

  36. 	struct policy_handle h, domain_handle;
    37. 

  37. 	struct samr_Connect r1;
    38. 

  38. 	struct samr_LookupDomain r2;
    39. 

  39. 	struct dom_sid2 *sid = NULL;
    40. 

  40. 	struct samr_OpenDomain r3;
    41. 

  41. 	
    42. 

  42. 	printf("connecting\n");
    43. 

  43. 

  44. 	*access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
    45. 

  45. 	
    46. 

  46. 	r1.in.system_name = 0;
    47. 

  47. 	r1.in.access_mask = *access_mask;
    48. 

  48. 	r1.out.connect_handle = &h;
    49. 

  49. 	
    50. 

  50. 	status = dcerpc_samr_Connect(p, mem_ctx, &r1);
    51. 

  51. 	if (!NT_STATUS_IS_OK(status)) {
    52. 

  52. 		printf("Connect failed - %s\n", nt_errstr(status));
    53. 

  53. 		return false;
    54. 

  54. 	}
    55. 

  55. 	
    56. 

  56. 	r2.in.connect_handle = &h;
    57. 

  57. 	r2.in.domain_name = domname;
    58. 

  58. 	r2.out.sid = &sid;
    59. 

  59. 

  60. 	printf("domain lookup on %s\n", domname->string);
    61. 

  61. 

  62. 	status = dcerpc_samr_LookupDomain(p, mem_ctx, &r2);
    63. 

  63. 	if (!NT_STATUS_IS_OK(status)) {
    64. 

  64. 		printf("LookupDomain failed - %s\n", nt_errstr(status));
    65. 

  65. 		return false;
    66. 

  66. 	}
    67. 

  67. 

  68. 	r3.in.connect_handle = &h;
    69. 

  69. 	r3.in.access_mask = *access_mask;
    70. 

  70. 	r3.in.sid = *sid_p = *r2.out.sid;
    71. 

  71. 	r3.out.domain_handle = &domain_handle;
    72. 

  72. 

  73. 	printf("opening domain\n");
    74. 

  74. 

  75. 	status = dcerpc_samr_OpenDomain(p, mem_ctx, &r3);
    76. 

  76. 	if (!NT_STATUS_IS_OK(status)) {
    77. 

  77. 		printf("OpenDomain failed - %s\n", nt_errstr(status));
    78. 

  78. 		return false;
    79. 

  79. 	} else {
    80. 

  80. 		*handle = domain_handle;
    81. 

  81. 	}
    82. 

  82. 

  83. 	return true;
    84. 

  84. }
    85. 

  85. 

  86. 

  87. static bool test_opendomain_lsa(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
    88. 

  88. 				struct policy_handle *handle, struct lsa_String *domname,
    89. 

  89. 				uint32_t *access_mask)
    90. 

  90. {
    91. 

  91. 	NTSTATUS status;
    92. 

  92. 	struct lsa_OpenPolicy2 open;
    93. 

  93. 	struct lsa_ObjectAttribute attr;
    94. 

  94. 	struct lsa_QosInfo qos;
    95. 

  95. 

  96. 	*access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
    97. 

  97. 

  98. 	ZERO_STRUCT(attr);
    99. 

  99. 	ZERO_STRUCT(qos);
    100. 

  100. 

  101. 	qos.len                 = 0;
    102. 

  102. 	qos.impersonation_level = 2;
    103. 

  103. 	qos.context_mode        = 1;
    104. 

  104. 	qos.effective_only      = 0;
    105. 

  105. 	
    106. 

  106. 	attr.sec_qos = &qos;
    107. 

  107. 

  108. 	open.in.system_name = domname->string;
    109. 

  109. 	open.in.attr        = &attr;
    110. 

  110. 	open.in.access_mask = *access_mask;
    111. 

  111. 	open.out.handle     = handle;
    112. 

  112. 	
    113. 

  113. 	status = dcerpc_lsa_OpenPolicy2(p, mem_ctx, &open);
    114. 

  114. 	if (!NT_STATUS_IS_OK(status)) {
    115. 

  115. 		return false;
    116. 

  116. 	}
    117. 

  117. 

  118. 	return true;
    119. 

  119. }
    120. 

  120. 

  121. bool torture_domain_open_lsa(struct torture_context *torture)
    122. 

  122. {
    123. 

  123. 	NTSTATUS status;
    124. 

  124. 	bool ret = true;
    125. 

  125. 	struct libnet_context *ctx;
    126. 

  126. 	struct libnet_DomainOpen r;
    127. 

  127. 	struct lsa_Close lsa_close;
    128. 

  128. 	struct policy_handle h;
    129. 

  129. 	const char *domain_name;
    130. 

  130. 

  131. 	/* we're accessing domain controller so the domain name should be
    132. 

  132. 	   passed (it's going to be resolved to dc name and address) instead
    133. 

  133. 	   of specific server name. */
    134. 

  134. 	domain_name = lp_workgroup(torture->lp_ctx);
    135. 

  135. 

  136. 	ctx = libnet_context_init(torture->ev, torture->lp_ctx);
    137. 

  137. 	if (ctx == NULL) {
    138. 

  138. 		d_printf("failed to create libnet context\n");
    139. 

  139. 		return false;
    140. 

  140. 	}
    141. 

  141. 

  142. 	ctx->cred = cmdline_credentials;
    143. 

  143. 

  144. 	ZERO_STRUCT(r);
    145. 

  145. 	r.in.type = DOMAIN_LSA;
    146. 

  146. 	r.in.domain_name = domain_name;
    147. 

  147. 	r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
    148. 

  148. 

  149. 	status = libnet_DomainOpen(ctx, torture, &r);
    150. 

  150. 	if (!NT_STATUS_IS_OK(status)) {
    151. 

  151. 		d_printf("failed to open domain on lsa service: %s\n", nt_errstr(status));
    152. 

  152. 		ret = false;
    153. 

  153. 		goto done;
    154. 

  154. 	}
    155. 

  155. 

  156. 	ZERO_STRUCT(lsa_close);
    157. 

  157. 	lsa_close.in.handle  = &ctx->lsa.handle;
    158. 

  158. 	lsa_close.out.handle = &h;
    159. 

  159. 	
    160. 

  160. 	status = dcerpc_lsa_Close(ctx->lsa.pipe, ctx, &lsa_close);
    161. 

  161. 	if (!NT_STATUS_IS_OK(status)) {
    162. 

  162. 		d_printf("failed to close domain on lsa service: %s\n", nt_errstr(status));
    163. 

  163. 		ret = false;
    164. 

  164. 	}
    165. 

  165. 

  166. done:
    167. 

  167. 	talloc_free(ctx);
    168. 

  168. 	return ret;
    169. 

  169. }
    170. 

  170. 

  171. 

  172. bool torture_domain_close_lsa(struct torture_context *torture)
    173. 

  173. {
    174. 

  174. 	bool ret = true;
    175. 

  175. 	NTSTATUS status;
    176. 

  176. 	TALLOC_CTX *mem_ctx=NULL;
    177. 

  177. 	struct libnet_context *ctx;
    178. 

  178. 	struct lsa_String domain_name;
    179. 

  179. 	struct dcerpc_binding *binding;
    180. 

  180. 	uint32_t access_mask;
    181. 

  181. 	struct policy_handle h;
    182. 

  182. 	struct dcerpc_pipe *p;
    183. 

  183. 	struct libnet_DomainClose r;
    184. 

  184. 

  185. 	status = torture_rpc_binding(torture, &binding);
    186. 

  186. 	if (!NT_STATUS_IS_OK(status)) {
    187. 

  187. 		return false;
    188. 

  188. 	}
    189. 

  189. 

  190. 	ctx = libnet_context_init(torture->ev, torture->lp_ctx);
    191. 

  191. 	if (ctx == NULL) {
    192. 

  192. 		d_printf("failed to create libnet context\n");
    193. 

  193. 		ret = false;
    194. 

  194. 		goto done;
    195. 

  195. 	}
    196. 

  196. 

  197. 	ctx->cred = cmdline_credentials;
    198. 

  198. 

  199. 	mem_ctx = talloc_init("torture_domain_close_lsa");
    200. 

  200. 	status = dcerpc_pipe_connect_b(mem_ctx, &p, binding, &ndr_table_lsarpc,
    201. 

  201. 				     cmdline_credentials, torture->ev, torture->lp_ctx);
    202. 

  202. 	if (!NT_STATUS_IS_OK(status)) {
    203. 

  203. 		d_printf("failed to connect to server: %s\n", nt_errstr(status));
    204. 

  204. 		ret = false;
    205. 

  205. 		goto done;
    206. 

  206. 	}
    207. 

  207. 

  208. 	domain_name.string = lp_workgroup(torture->lp_ctx);
    209. 

  209. 	
    210. 

  210. 	if (!test_opendomain_lsa(p, torture, &h, &domain_name, &access_mask)) {
    211. 

  211. 		d_printf("failed to open domain on lsa service\n");
    212. 

  212. 		ret = false;
    213. 

  213. 		goto done;
    214. 

  214. 	}
    215. 

  215. 	
    216. 

  216. 	ctx->lsa.pipe        = p;
    217. 

  217. 	ctx->lsa.name        = domain_name.string;
    218. 

  218. 	ctx->lsa.access_mask = access_mask;
    219. 

  219. 	ctx->lsa.handle      = h;
    220. 

  220. 	/* we have to use pipe's event context, otherwise the call will
    221. 

  221. 	   hang indefinitely */
    222. 

  222. 	ctx->event_ctx       = p->conn->event_ctx;
    223. 

  223. 

  224. 	ZERO_STRUCT(r);
    225. 

  225. 	r.in.type = DOMAIN_LSA;
    226. 

  226. 	r.in.domain_name = domain_name.string;
    227. 

  227. 	
    228. 

  228. 	status = libnet_DomainClose(ctx, mem_ctx, &r);
    229. 

  229. 	if (!NT_STATUS_IS_OK(status)) {
    230. 

  230. 		ret = false;
    231. 

  231. 		goto done;
    232. 

  232. 	}
    233. 

  233. 

  234. done:
    235. 

  235. 	talloc_free(mem_ctx);
    236. 

  236. 	talloc_free(ctx);
    237. 

  237. 	return ret;
    238. 

  238. }
    239. 

  239. 

  240. 

  241. bool torture_domain_open_samr(struct torture_context *torture)
    242. 

  242. {
    243. 

  243. 	NTSTATUS status;
    244. 

  244. 	struct libnet_context *ctx;
    245. 

  245. 	TALLOC_CTX *mem_ctx;
    246. 

  246. 	struct policy_handle domain_handle, handle;
    247. 

  247. 	struct libnet_DomainOpen io;
    248. 

  248. 	struct samr_Close r;
    249. 

  249. 	const char *domain_name;
    250. 

  250. 	bool ret = true;
    251. 

  251. 

  252. 	mem_ctx = talloc_init("test_domainopen_lsa");
    253. 

  253. 

  254. 	ctx = libnet_context_init(torture->ev, torture->lp_ctx);
    255. 

  255. 	ctx->cred = cmdline_credentials;
    256. 

  256. 

  257. 	/* we're accessing domain controller so the domain name should be
    258. 

  258. 	   passed (it's going to be resolved to dc name and address) instead
    259. 

  259. 	   of specific server name. */
    260. 

  260. 	domain_name = lp_workgroup(torture->lp_ctx);
    261. 

  261. 

  262. 	/*
    263. 

  263. 	 * Testing synchronous version
    264. 

  264. 	 */
    265. 

  265. 	printf("opening domain\n");
    266. 

  266. 	
    267. 

  267. 	io.in.type         = DOMAIN_SAMR;
    268. 

  268. 	io.in.domain_name  = domain_name;
    269. 

  269. 	io.in.access_mask  = SEC_FLAG_MAXIMUM_ALLOWED;
    270. 

  270. 

  271. 	status = libnet_DomainOpen(ctx, mem_ctx, &io);
    272. 

  272. 	if (!NT_STATUS_IS_OK(status)) {
    273. 

  273. 		printf("Composite domain open failed - %s\n", nt_errstr(status));
    274. 

  274. 		ret = false;
    275. 

  275. 		goto done;
    276. 

  276. 	}
    277. 

  277. 

  278. 	domain_handle = ctx->samr.handle;
    279. 

  279. 

  280. 	r.in.handle   = &domain_handle;
    281. 

  281. 	r.out.handle  = &handle;
    282. 

  282. 	
    283. 

  283. 	printf("closing domain handle\n");
    284. 

  284. 	
    285. 

  285. 	status = dcerpc_samr_Close(ctx->samr.pipe, mem_ctx, &r);
    286. 

  286. 	if (!NT_STATUS_IS_OK(status)) {
    287. 

  287. 		printf("Close failed - %s\n", nt_errstr(status));
    288. 

  288. 		ret = false;
    289. 

  289. 		goto done;
    290. 

  290. 	}
    291. 

  291. 

  292. done:
    293. 

  293. 	talloc_free(mem_ctx);
    294. 

  294. 	talloc_free(ctx);
    295. 

  295. 

  296. 	return ret;
    297. 

  297. }
    298. 

  298. 

  299. 

  300. bool torture_domain_close_samr(struct torture_context *torture)
    301. 

  301. {
    302. 

  302. 	bool ret = true;
    303. 

  303. 	NTSTATUS status;
    304. 

  304. 	TALLOC_CTX *mem_ctx = NULL;
    305. 

  305. 	struct libnet_context *ctx;
    306. 

  306. 	struct lsa_String domain_name;
    307. 

  307. 	struct dcerpc_binding *binding;
    308. 

  308. 	uint32_t access_mask;
    309. 

  309. 	struct policy_handle h;
    310. 

  310. 	struct dcerpc_pipe *p;
    311. 

  311. 	struct libnet_DomainClose r;
    312. 

  312. 	struct dom_sid *sid;
    313. 

  313. 

  314. 	status = torture_rpc_binding(torture, &binding);
    315. 

  315. 	if (!NT_STATUS_IS_OK(status)) {
    316. 

  316. 		return false;
    317. 

  317. 	}
    318. 

  318. 

  319. 	ctx = libnet_context_init(torture->ev, torture->lp_ctx);
    320. 

  320. 	if (ctx == NULL) {
    321. 

  321. 		d_printf("failed to create libnet context\n");
    322. 

  322. 		ret = false;
    323. 

  323. 		goto done;
    324. 

  324. 	}
    325. 

  325. 

  326. 	ctx->cred = cmdline_credentials;
    327. 

  327. 

  328. 	mem_ctx = talloc_init("torture_domain_close_samr");
    329. 

  329. 	status = dcerpc_pipe_connect_b(mem_ctx, &p, binding, &ndr_table_samr,
    330. 

  330. 				     ctx->cred, torture->ev, torture->lp_ctx);
    331. 

  331. 	if (!NT_STATUS_IS_OK(status)) {
    332. 

  332. 		d_printf("failed to connect to server: %s\n", nt_errstr(status));
    333. 

  333. 		ret = false;
    334. 

  334. 		goto done;
    335. 

  335. 	}
    336. 

  336. 

  337. 	domain_name.string = talloc_strdup(mem_ctx, lp_workgroup(torture->lp_ctx));
    338. 

  338. 	
    339. 

  339. 	if (!test_opendomain_samr(p, torture, &h, &domain_name, &access_mask, &sid)) {
    340. 

  340. 		d_printf("failed to open domain on samr service\n");
    341. 

  341. 		ret = false;
    342. 

  342. 		goto done;
    343. 

  343. 	}
    344. 

  344. 	
    345. 

  345. 	ctx->samr.pipe        = p;
    346. 

  346. 	ctx->samr.name        = talloc_steal(ctx, domain_name.string);
    347. 

  347. 	ctx->samr.access_mask = access_mask;
    348. 

  348. 	ctx->samr.handle      = h;
    349. 

  349. 	ctx->samr.sid         = talloc_steal(ctx, sid);
    350. 

  350. 	/* we have to use pipe's event context, otherwise the call will
    351. 

  351. 	   hang indefinitely - this wouldn't be the case if pipe was opened
    352. 

  352. 	   by means of libnet call */
    353. 

  353. 	ctx->event_ctx       = p->conn->event_ctx;
    354. 

  354. 

  355. 	ZERO_STRUCT(r);
    356. 

  356. 	r.in.type = DOMAIN_SAMR;
    357. 

  357. 	r.in.domain_name = domain_name.string;
    358. 

  358. 	
    359. 

  359. 	status = libnet_DomainClose(ctx, mem_ctx, &r);
    360. 

  360. 	if (!NT_STATUS_IS_OK(status)) {
    361. 

  361. 		ret = false;
    362. 

  362. 		goto done;
    363. 

  363. 	}
    364. 

  364. 

  365. done:
    366. 

  366. 	talloc_free(mem_ctx);
    367. 

  367. 	talloc_free(ctx);
    368. 

  368. 	return ret;
    369. 

  369. }
    370. 

  370. 

  371. 

  372. bool torture_domain_list(struct torture_context *torture)
    373. 

  373. {
    374. 

  374. 	bool ret = true;
    375. 

  375. 	NTSTATUS status;
    376. 

  376. 	TALLOC_CTX *mem_ctx = NULL;
    377. 

  377. 	struct dcerpc_binding *binding;
    378. 

  378. 	struct libnet_context *ctx;
    379. 

  379. 	struct libnet_DomainList r;
    380. 

  380. 	int i;
    381. 

  381. 

  382. 	status = torture_rpc_binding(torture, &binding);
    383. 

  383. 	if (!NT_STATUS_IS_OK(status)) {
    384. 

  384. 		return false;
    385. 

  385. 	}
    386. 

  386. 

  387. 	ctx = libnet_context_init(torture->ev, torture->lp_ctx);
    388. 

  388. 	if (ctx == NULL) {
    389. 

  389. 		d_printf("failed to create libnet context\n");
    390. 

  390. 		ret = false;
    391. 

  391. 		goto done;
    392. 

  392. 	}
    393. 

  393. 

  394. 	ctx->cred = cmdline_credentials;
    395. 

  395. 	
    396. 

  396. 	mem_ctx = talloc_init("torture_domain_close_samr");
    397. 

  397. 

  398. 	/*
    399. 

  399. 	 * querying the domain list using default buffer size
    400. 

  400. 	 */
    401. 

  401. 

  402. 	ZERO_STRUCT(r);
    403. 

  403. 	r.in.hostname = binding->host;
    404. 

  404. 

  405. 	status = libnet_DomainList(ctx, mem_ctx, &r);
    406. 

  406. 	if (!NT_STATUS_IS_OK(status)) {
    407. 

  407. 		ret = false;
    408. 

  408. 		goto done;
    409. 

  409. 	}
    410. 

  410. 

  411. 	d_printf("Received list or domains (everything in one piece):\n");
    412. 

  412. 	
    413. 

  413. 	for (i = 0; i < r.out.count; i++) {
    414. 

  414. 		d_printf("Name[%d]: %s\n", i, r.out.domains[i].name);
    415. 

  415. 	}
    416. 

  416. 

  417. 	/*
    418. 

  418. 	 * querying the domain list using specified (much smaller) buffer size
    419. 

  419. 	 */
    420. 

  420. 

  421. 	ctx->samr.buf_size = 32;
    422. 

  422. 

  423. 	ZERO_STRUCT(r);
    424. 

  424. 	r.in.hostname = binding->host;
    425. 

  425. 

  426. 	status = libnet_DomainList(ctx, mem_ctx, &r);
    427. 

  427. 	if (!NT_STATUS_IS_OK(status)) {
    428. 

  428. 		ret = false;
    429. 

  429. 		goto done;
    430. 

  430. 	}
    431. 

  431. 

  432. 	d_printf("Received list or domains (collected in more than one round):\n");
    433. 

  433. 	
    434. 

  434. 	for (i = 0; i < r.out.count; i++) {
    435. 

  435. 		d_printf("Name[%d]: %s\n", i, r.out.domains[i].name);
    436. 

  436. 	}
    437. 

  437. 

  438. done:
    439. 

  439. 	d_printf("\nStatus: %s\n", nt_errstr(status));
    440. 

  440. 

  441. 	talloc_free(mem_ctx);
    442. 

  442. 	talloc_free(ctx);
    443. 

  443. 	return ret;
    444. 

  444. }
    445. 

  445.