/* [<][>][^][v][top][bottom][index][help] */
DEFINITIONS
This source file includes following definitions.
- test_cleanup
- test_creategroup
- test_opendomain
- test_samr_close
- test_lsa_close
- torture_groupinfo_api
- torture_grouplist
- torture_creategroup
1 /*
2 Unix SMB/CIFS implementation.
3 Test suite for libnet calls.
4
5 Copyright (C) Rafal Szczesniak 2007
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21
22 #include "includes.h"
23 #include "lib/cmdline/popt_common.h"
24 #include "libnet/libnet.h"
25 #include "librpc/gen_ndr/ndr_samr_c.h"
26 #include "librpc/gen_ndr/ndr_lsa_c.h"
27 #include "torture/torture.h"
28 #include "torture/rpc/rpc.h"
29 #include "param/param.h"
30
31
32 #define TEST_GROUPNAME "libnetgrouptest"
33
34
35 static bool test_cleanup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
/* [<][>][^][v][top][bottom][index][help] */
36 struct policy_handle *domain_handle, const char *groupname)
37 {
38 NTSTATUS status;
39 struct samr_LookupNames r1;
40 struct samr_OpenGroup r2;
41 struct samr_DeleteDomainGroup r3;
42 struct lsa_String names[2];
43 uint32_t rid;
44 struct policy_handle group_handle;
45 struct samr_Ids rids, types;
46
47 names[0].string = groupname;
48
49 r1.in.domain_handle = domain_handle;
50 r1.in.num_names = 1;
51 r1.in.names = names;
52 r1.out.rids = &rids;
53 r1.out.types = &types;
54
55 printf("group account lookup '%s'\n", groupname);
56
57 status = dcerpc_samr_LookupNames(p, mem_ctx, &r1);
58 if (!NT_STATUS_IS_OK(status)) {
59 printf("LookupNames failed - %s\n", nt_errstr(status));
60 return false;
61 }
62
63 rid = r1.out.rids->ids[0];
64
65 r2.in.domain_handle = domain_handle;
66 r2.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
67 r2.in.rid = rid;
68 r2.out.group_handle = &group_handle;
69
70 printf("opening group account\n");
71
72 status = dcerpc_samr_OpenGroup(p, mem_ctx, &r2);
73 if (!NT_STATUS_IS_OK(status)) {
74 printf("OpenGroup failed - %s\n", nt_errstr(status));
75 return false;
76 }
77
78 r3.in.group_handle = &group_handle;
79 r3.out.group_handle = &group_handle;
80
81 printf("deleting group account\n");
82
83 status = dcerpc_samr_DeleteDomainGroup(p, mem_ctx, &r3);
84 if (!NT_STATUS_IS_OK(status)) {
85 printf("DeleteGroup failed - %s\n", nt_errstr(status));
86 return false;
87 }
88
89 return true;
90 }
91
92
93 static bool test_creategroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
/* [<][>][^][v][top][bottom][index][help] */
94 struct policy_handle *handle, const char *name)
95 {
96 NTSTATUS status;
97 struct lsa_String groupname;
98 struct samr_CreateDomainGroup r;
99 struct policy_handle group_handle;
100 uint32_t group_rid;
101
102 groupname.string = name;
103
104 r.in.domain_handle = handle;
105 r.in.name = &groupname;
106 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
107 r.out.group_handle = &group_handle;
108 r.out.rid = &group_rid;
109
110 printf("creating group account %s\n", name);
111
112 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
113 if (!NT_STATUS_IS_OK(status)) {
114 printf("CreateGroup failed - %s\n", nt_errstr(status));
115
116 if (NT_STATUS_EQUAL(status, NT_STATUS_GROUP_EXISTS)) {
117 printf("Group (%s) already exists - attempting to delete and recreate group again\n", name);
118 if (!test_cleanup(p, mem_ctx, handle, TEST_GROUPNAME)) {
119 return false;
120 }
121
122 printf("creating group account\n");
123
124 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
125 if (!NT_STATUS_IS_OK(status)) {
126 printf("CreateGroup failed - %s\n", nt_errstr(status));
127 return false;
128 }
129 return true;
130 }
131 return false;
132 }
133
134 return true;
135 }
136
137
138 static bool test_opendomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
/* [<][>][^][v][top][bottom][index][help] */
139 struct policy_handle *handle, struct lsa_String *domname)
140 {
141 NTSTATUS status;
142 struct policy_handle h, domain_handle;
143 struct samr_Connect r1;
144 struct samr_LookupDomain r2;
145 struct dom_sid2 *sid = NULL;
146 struct samr_OpenDomain r3;
147
148 printf("connecting\n");
149
150 r1.in.system_name = 0;
151 r1.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
152 r1.out.connect_handle = &h;
153
154 status = dcerpc_samr_Connect(p, mem_ctx, &r1);
155 if (!NT_STATUS_IS_OK(status)) {
156 printf("Connect failed - %s\n", nt_errstr(status));
157 return false;
158 }
159
160 r2.in.connect_handle = &h;
161 r2.in.domain_name = domname;
162 r2.out.sid = &sid;
163
164 printf("domain lookup on %s\n", domname->string);
165
166 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r2);
167 if (!NT_STATUS_IS_OK(status)) {
168 printf("LookupDomain failed - %s\n", nt_errstr(status));
169 return false;
170 }
171
172 r3.in.connect_handle = &h;
173 r3.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
174 r3.in.sid = *r2.out.sid;
175 r3.out.domain_handle = &domain_handle;
176
177 printf("opening domain\n");
178
179 status = dcerpc_samr_OpenDomain(p, mem_ctx, &r3);
180 if (!NT_STATUS_IS_OK(status)) {
181 printf("OpenDomain failed - %s\n", nt_errstr(status));
182 return false;
183 } else {
184 *handle = domain_handle;
185 }
186
187 return true;
188 }
189
190
191 static bool test_samr_close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
/* [<][>][^][v][top][bottom][index][help] */
192 struct policy_handle *domain_handle)
193 {
194 NTSTATUS status;
195 struct samr_Close r;
196
197 r.in.handle = domain_handle;
198 r.out.handle = domain_handle;
199
200 status = dcerpc_samr_Close(p, mem_ctx, &r);
201 if (!NT_STATUS_IS_OK(status)) {
202 printf("Close samr domain failed - %s\n", nt_errstr(status));
203 return false;
204 }
205
206 return true;
207 }
208
209
210 static bool test_lsa_close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
/* [<][>][^][v][top][bottom][index][help] */
211 struct policy_handle *domain_handle)
212 {
213 NTSTATUS status;
214 struct lsa_Close r;
215
216 r.in.handle = domain_handle;
217 r.out.handle = domain_handle;
218
219 status = dcerpc_lsa_Close(p, mem_ctx, &r);
220 if (!NT_STATUS_IS_OK(status)) {
221 printf("Close lsa domain failed - %s\n", nt_errstr(status));
222 return false;
223 }
224
225 return true;
226 }
227
228
229 bool torture_groupinfo_api(struct torture_context *torture)
/* [<][>][^][v][top][bottom][index][help] */
230 {
231 const char *name = TEST_GROUPNAME;
232 bool ret = true;
233 NTSTATUS status;
234 TALLOC_CTX *mem_ctx = NULL, *prep_mem_ctx;
235 struct libnet_context *ctx;
236 struct dcerpc_pipe *p;
237 struct policy_handle h;
238 struct lsa_String domain_name;
239 struct libnet_GroupInfo req;
240
241 prep_mem_ctx = talloc_init("prepare torture group info");
242
243 ctx = libnet_context_init(torture->ev, torture->lp_ctx);
244 ctx->cred = cmdline_credentials;
245
246 status = torture_rpc_connection(torture,
247 &p,
248 &ndr_table_samr);
249 if (!NT_STATUS_IS_OK(status)) {
250 return false;
251 }
252
253 domain_name.string = lp_workgroup(torture->lp_ctx);
254 if (!test_opendomain(p, prep_mem_ctx, &h, &domain_name)) {
255 ret = false;
256 goto done;
257 }
258
259 if (!test_creategroup(p, prep_mem_ctx, &h, name)) {
260 ret = false;
261 goto done;
262 }
263
264 mem_ctx = talloc_init("torture group info");
265
266 ZERO_STRUCT(req);
267
268 req.in.domain_name = domain_name.string;
269 req.in.level = GROUP_INFO_BY_NAME;
270 req.in.data.group_name = name;
271
272 status = libnet_GroupInfo(ctx, mem_ctx, &req);
273 if (!NT_STATUS_IS_OK(status)) {
274 printf("libnet_GroupInfo call failed: %s\n", nt_errstr(status));
275 ret = false;
276 talloc_free(mem_ctx);
277 goto done;
278 }
279
280 if (!test_cleanup(ctx->samr.pipe, mem_ctx, &ctx->samr.handle, TEST_GROUPNAME)) {
281 printf("cleanup failed\n");
282 ret = false;
283 goto done;
284 }
285
286 if (!test_samr_close(ctx->samr.pipe, mem_ctx, &ctx->samr.handle)) {
287 printf("domain close failed\n");
288 ret = false;
289 }
290
291 talloc_free(ctx);
292
293 done:
294 talloc_free(mem_ctx);
295 return ret;
296 }
297
298
299 bool torture_grouplist(struct torture_context *torture)
/* [<][>][^][v][top][bottom][index][help] */
300 {
301 bool ret = true;
302 NTSTATUS status;
303 TALLOC_CTX *mem_ctx = NULL;
304 struct libnet_context *ctx;
305 struct lsa_String domain_name;
306 struct libnet_GroupList req;
307 int i;
308
309 ctx = libnet_context_init(torture->ev, torture->lp_ctx);
310 ctx->cred = cmdline_credentials;
311
312 domain_name.string = lp_workgroup(torture->lp_ctx);
313 mem_ctx = talloc_init("torture group list");
314
315 ZERO_STRUCT(req);
316
317 printf("listing group accounts:\n");
318
319 do {
320 req.in.domain_name = domain_name.string;
321 req.in.page_size = 128;
322 req.in.resume_index = req.out.resume_index;
323
324 status = libnet_GroupList(ctx, mem_ctx, &req);
325 if (!NT_STATUS_IS_OK(status) &&
326 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) break;
327
328 for (i = 0; i < req.out.count; i++) {
329 printf("\tgroup: %s, sid=%s\n",
330 req.out.groups[i].groupname, req.out.groups[i].sid);
331 }
332
333 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
334
335 if (!(NT_STATUS_IS_OK(status) ||
336 NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES))) {
337 printf("libnet_GroupList call failed: %s\n", nt_errstr(status));
338 ret = false;
339 goto done;
340 }
341
342 if (!test_samr_close(ctx->samr.pipe, mem_ctx, &ctx->samr.handle)) {
343 printf("domain close failed\n");
344 ret = false;
345 }
346
347 if (!test_lsa_close(ctx->lsa.pipe, mem_ctx, &ctx->lsa.handle)) {
348 printf("lsa domain close failed\n");
349 ret = false;
350 }
351
352 talloc_free(ctx);
353
354 done:
355 talloc_free(mem_ctx);
356 return ret;
357 }
358
359
360 bool torture_creategroup(struct torture_context *torture)
/* [<][>][^][v][top][bottom][index][help] */
361 {
362 bool ret = true;
363 NTSTATUS status;
364 TALLOC_CTX *mem_ctx = NULL;
365 struct libnet_context *ctx;
366 struct libnet_CreateGroup req;
367
368 mem_ctx = talloc_init("test_creategroup");
369
370 ctx = libnet_context_init(torture->ev, torture->lp_ctx);
371 ctx->cred = cmdline_credentials;
372
373 req.in.group_name = TEST_GROUPNAME;
374 req.in.domain_name = lp_workgroup(torture->lp_ctx);
375 req.out.error_string = NULL;
376
377 status = libnet_CreateGroup(ctx, mem_ctx, &req);
378 if (!NT_STATUS_IS_OK(status)) {
379 printf("libnet_CreateGroup call failed: %s\n", nt_errstr(status));
380 ret = false;
381 goto done;
382 }
383
384 if (!test_cleanup(ctx->samr.pipe, mem_ctx, &ctx->samr.handle, TEST_GROUPNAME)) {
385 printf("cleanup failed\n");
386 ret = false;
387 goto done;
388 }
389
390 if (!test_samr_close(ctx->samr.pipe, mem_ctx, &ctx->samr.handle)) {
391 printf("domain close failed\n");
392 ret = false;
393 }
394
395 done:
396 talloc_free(ctx);
397 talloc_free(mem_ctx);
398 return ret;
399 }