root/source4/torture/rpc/samsync.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. test_SamLogon
  2. samsync_open_domain
  3. samsync_query_samr_sec_desc
  4. samsync_query_lsa_sec_desc
  5. samsync_handle_domain
  6. samsync_handle_policy
  7. samsync_handle_user
  8. samsync_handle_alias
  9. samsync_handle_group
  10. samsync_handle_secret
  11. samsync_handle_trusted_domain
  12. samsync_handle_account
  13. test_DatabaseSync
  14. test_DatabaseDeltas
  15. test_DatabaseSync2
  16. torture_rpc_samsync

   1 /* 
   2    Unix SMB/CIFS implementation.
   3 
   4    test suite for netlogon rpc operations
   5 
   6    Copyright (C) Andrew Tridgell 2003
   7    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
   8    Copyright (C) Tim Potter      2003
   9    
  10    This program is free software; you can redistribute it and/or modify
  11    it under the terms of the GNU General Public License as published by
  12    the Free Software Foundation; either version 3 of the License, or
  13    (at your option) any later version.
  14    
  15    This program is distributed in the hope that it will be useful,
  16    but WITHOUT ANY WARRANTY; without even the implied warranty of
  17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18    GNU General Public License for more details.
  19    
  20    You should have received a copy of the GNU General Public License
  21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22 */
  23 
  24 #include "includes.h"
  25 #include "torture/torture.h"
  26 #include "auth/auth.h"
  27 #include "../lib/util/dlinklist.h"
  28 #include "../lib/crypto/crypto.h"
  29 #include "system/time.h"
  30 #include "torture/rpc/rpc.h"
  31 #include "auth/gensec/schannel_proto.h"
  32 #include "auth/gensec/gensec.h"
  33 #include "libcli/auth/libcli_auth.h"
  34 #include "libcli/security/security.h"
  35 #include "librpc/gen_ndr/ndr_netlogon.h"
  36 #include "librpc/gen_ndr/ndr_netlogon_c.h"
  37 #include "librpc/gen_ndr/ndr_lsa_c.h"
  38 #include "librpc/gen_ndr/ndr_samr_c.h"
  39 #include "librpc/gen_ndr/ndr_security.h"
  40 #include "param/param.h"
  41 
  42 #define TEST_MACHINE_NAME "samsynctest"
  43 #define TEST_WKSTA_MACHINE_NAME "samsynctest2"
  44 #define TEST_USER_NAME "samsynctestuser"
  45 
  46 /*
  47   try a netlogon SamLogon
  48 */
  49 static NTSTATUS test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
     /* [<][>][^][v][top][bottom][index][help] */
  50                               struct creds_CredentialState *creds, 
  51                               const char *domain, const char *account_name,
  52                               const char *workstation, 
  53                               struct samr_Password *lm_hash, 
  54                               struct samr_Password *nt_hash, 
  55                               struct netr_SamInfo3 **info3)
  56 {
  57         NTSTATUS status;
  58         struct netr_LogonSamLogon r;
  59         struct netr_Authenticator auth, auth2;
  60         struct netr_NetworkInfo ninfo;
  61         union netr_LogonLevel logon;
  62         union netr_Validation validation;
  63         uint8_t authoritative;
  64 
  65         ninfo.identity_info.domain_name.string = domain;
  66         ninfo.identity_info.parameter_control = 0;
  67         ninfo.identity_info.logon_id_low = 0;
  68         ninfo.identity_info.logon_id_high = 0;
  69         ninfo.identity_info.account_name.string = account_name;
  70         ninfo.identity_info.workstation.string = workstation;
  71         generate_random_buffer(ninfo.challenge, 
  72                                sizeof(ninfo.challenge));
  73         if (nt_hash) {
  74                 ninfo.nt.length = 24;
  75                 ninfo.nt.data = talloc_array(mem_ctx, uint8_t, 24);
  76                 SMBOWFencrypt(nt_hash->hash, ninfo.challenge, ninfo.nt.data);
  77         } else {
  78                 ninfo.nt.length = 0;
  79                 ninfo.nt.data = NULL;
  80         }
  81         
  82         if (lm_hash) {
  83                 ninfo.lm.length = 24;
  84                 ninfo.lm.data = talloc_array(mem_ctx, uint8_t, 24);
  85                 SMBOWFencrypt(lm_hash->hash, ninfo.challenge, ninfo.lm.data);
  86         } else {
  87                 ninfo.lm.length = 0;
  88                 ninfo.lm.data = NULL;
  89         }
  90 
  91         logon.network = &ninfo;
  92 
  93         r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
  94         r.in.computer_name = workstation;
  95         r.in.credential = &auth;
  96         r.in.return_authenticator = &auth2;
  97         r.in.logon_level = 2;
  98         r.in.logon = &logon;
  99         r.out.validation = &validation;
 100         r.out.authoritative = &authoritative;
 101 
 102         ZERO_STRUCT(auth2);
 103         creds_client_authenticator(creds, &auth);
 104         
 105         r.in.validation_level = 3;
 106         
 107         status = dcerpc_netr_LogonSamLogon(p, mem_ctx, &r);
 108 
 109         if (!creds_client_check(creds, &r.out.return_authenticator->cred)) {
 110                 printf("Credential chaining failed\n");
 111         }
 112 
 113         if (info3) {
 114                 *info3 = validation.sam3;
 115         }
 116 
 117         return status;
 118 }
 119 
 120 struct samsync_state {
 121 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
 122         uint64_t seq_num[3];
 123         const char *domain_name[2];
 124         struct samsync_secret *secrets;
 125         struct samsync_trusted_domain *trusted_domains;
 126         struct creds_CredentialState *creds;
 127         struct creds_CredentialState *creds_netlogon_wksta;
 128         struct policy_handle *connect_handle;
 129         struct policy_handle *domain_handle[2];
 130         struct dom_sid *sid[2];
 131         struct dcerpc_pipe *p;
 132         struct dcerpc_pipe *p_netlogon_wksta;
 133         struct dcerpc_pipe *p_samr;
 134         struct dcerpc_pipe *p_lsa;
 135         struct policy_handle *lsa_handle;
 136 };
 137 
 138 struct samsync_secret {
 139         struct samsync_secret *prev, *next;
 140         DATA_BLOB secret;
 141         const char *name;
 142         NTTIME mtime;
 143 };
 144 
 145 struct samsync_trusted_domain {
 146         struct samsync_trusted_domain *prev, *next;
 147         struct dom_sid *sid;
 148         const char *name;
 149 };
 150 
 151 static struct policy_handle *samsync_open_domain(TALLOC_CTX *mem_ctx, 
     /* [<][>][^][v][top][bottom][index][help] */
 152                                                  struct samsync_state *samsync_state, 
 153                                                  const char *domain, 
 154                                                  struct dom_sid **sid_p)
 155 {
 156         struct lsa_String name;
 157         struct samr_OpenDomain o;
 158         struct samr_LookupDomain l;
 159         struct dom_sid2 *sid = NULL;
 160         struct policy_handle *domain_handle = talloc(mem_ctx, struct policy_handle);
 161         NTSTATUS nt_status;
 162 
 163         name.string = domain;
 164         l.in.connect_handle = samsync_state->connect_handle;
 165         l.in.domain_name = &name;
 166         l.out.sid = &sid;
 167 
 168         nt_status = dcerpc_samr_LookupDomain(samsync_state->p_samr, mem_ctx, &l);
 169         if (!NT_STATUS_IS_OK(nt_status)) {
 170                 printf("LookupDomain failed - %s\n", nt_errstr(nt_status));
 171                 return NULL;
 172         }
 173 
 174         o.in.connect_handle = samsync_state->connect_handle;
 175         o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 176         o.in.sid = *l.out.sid;
 177         o.out.domain_handle = domain_handle;
 178         
 179         if (sid) {
 180                 *sid_p = *l.out.sid;
 181         }
 182 
 183         nt_status = dcerpc_samr_OpenDomain(samsync_state->p_samr, mem_ctx, &o);
 184         if (!NT_STATUS_IS_OK(nt_status)) {
 185                 printf("OpenDomain failed - %s\n", nt_errstr(nt_status));
 186                 return NULL;
 187         }
 188 
 189         return domain_handle;
 190 }
 191 
 192 static struct sec_desc_buf *samsync_query_samr_sec_desc(TALLOC_CTX *mem_ctx, 
     /* [<][>][^][v][top][bottom][index][help] */
 193                                                         struct samsync_state *samsync_state, 
 194                                                         struct policy_handle *handle) 
 195 {
 196         struct samr_QuerySecurity r;
 197         struct sec_desc_buf *sdbuf = NULL;
 198         NTSTATUS status;
 199 
 200         r.in.handle = handle;
 201         r.in.sec_info = 0x7;
 202         r.out.sdbuf = &sdbuf;
 203 
 204         status = dcerpc_samr_QuerySecurity(samsync_state->p_samr, mem_ctx, &r);
 205         if (!NT_STATUS_IS_OK(status)) {
 206                 printf("SAMR QuerySecurity failed - %s\n", nt_errstr(status));
 207                 return NULL;
 208         }
 209 
 210         return sdbuf;
 211 }
 212 
 213 static struct sec_desc_buf *samsync_query_lsa_sec_desc(TALLOC_CTX *mem_ctx, 
     /* [<][>][^][v][top][bottom][index][help] */
 214                                                        struct samsync_state *samsync_state, 
 215                                                        struct policy_handle *handle) 
 216 {
 217         struct lsa_QuerySecurity r;
 218         struct sec_desc_buf *sdbuf = NULL;
 219         NTSTATUS status;
 220 
 221         r.in.handle = handle;
 222         r.in.sec_info = 0x7;
 223         r.out.sdbuf = &sdbuf;
 224 
 225         status = dcerpc_lsa_QuerySecurity(samsync_state->p_lsa, mem_ctx, &r);
 226         if (!NT_STATUS_IS_OK(status)) {
 227                 printf("LSA QuerySecurity failed - %s\n", nt_errstr(status));
 228                 return NULL;
 229         }
 230 
 231         return sdbuf;
 232 }
 233 
 234 #define TEST_UINT64_EQUAL(i1, i2) do {\
 235         if (i1 != i2) {\
 236               printf("%s: uint64 mismatch: " #i1 ": 0x%016llx (%lld) != " #i2 ": 0x%016llx (%lld)\n", \
 237                      __location__, \
 238                      (long long)i1, (long long)i1, \
 239                      (long long)i2, (long long)i2);\
 240               ret = false;\
 241         } \
 242 } while (0)
 243 #define TEST_INT_EQUAL(i1, i2) do {\
 244         if (i1 != i2) {\
 245               printf("%s: integer mismatch: " #i1 ": 0x%08x (%d) != " #i2 ": 0x%08x (%d)\n", \
 246                      __location__, i1, i1, i2, i2);                     \
 247               ret = false;\
 248         } \
 249 } while (0)
 250 #define TEST_TIME_EQUAL(t1, t2) do {\
 251         if (t1 != t2) {\
 252               printf("%s: NTTIME mismatch: " #t1 ":%s != " #t2 ": %s\n", \
 253                      __location__, nt_time_string(mem_ctx, t1),  nt_time_string(mem_ctx, t2));\
 254               ret = false;\
 255         } \
 256 } while (0)
 257 
 258 #define TEST_STRING_EQUAL(s1, s2) do {\
 259         if (!((!s1.string || s1.string[0]=='\0') && (!s2.string || s2.string[0]=='\0')) \
 260             && strcmp_safe(s1.string, s2.string) != 0) {\
 261               printf("%s: string mismatch: " #s1 ":%s != " #s2 ": %s\n", \
 262                      __location__, s1.string, s2.string);\
 263               ret = false;\
 264         } \
 265 } while (0)
 266 
 267 #define TEST_BINARY_STRING_EQUAL(s1, s2) do {\
 268         if (!((!s1.array || s1.array[0]=='\0') && (!s2.array || s2.array[0]=='\0')) \
 269             && memcmp(s1.array, s2.array, s1.length * 2) != 0) {\
 270               printf("%s: string mismatch: " #s1 ":%s != " #s2 ": %s\n", \
 271                      __location__, (const char *)s1.array, (const char *)s2.array);\
 272               ret = false;\
 273         } \
 274 } while (0)
 275 
 276 #define TEST_SID_EQUAL(s1, s2) do {\
 277         if (!dom_sid_equal(s1, s2)) {\
 278               printf("%s: dom_sid mismatch: " #s1 ":%s != " #s2 ": %s\n", \
 279                      __location__, dom_sid_string(mem_ctx, s1), dom_sid_string(mem_ctx, s2));\
 280               ret = false;\
 281         } \
 282 } while (0)
 283 
 284 /* The ~SEC_DESC_SACL_PRESENT is because we don't, as administrator,
 285  * get back the SACL part of the SD when we ask over SAMR */
 286 
 287 #define TEST_SEC_DESC_EQUAL(sd1, pipe, handle) do {\
 288         struct sec_desc_buf *sdbuf = samsync_query_ ##pipe## _sec_desc(mem_ctx, samsync_state, \
 289                                                             handle); \
 290         if (!sdbuf || !sdbuf->sd) { \
 291                 printf("Could not obtain security descriptor to match " #sd1 "\n");\
 292                 ret = false; \
 293         } else {\
 294                 if (!security_descriptor_mask_equal(sd1.sd, sdbuf->sd, \
 295                             ~SEC_DESC_SACL_PRESENT)) {\
 296                         printf("Security Descriptor Mismatch for %s:\n", #sd1);\
 297                         ndr_print_debug((ndr_print_fn_t)ndr_print_security_descriptor, "SamSync", sd1.sd);\
 298                         ndr_print_debug((ndr_print_fn_t)ndr_print_security_descriptor, "SamR", sdbuf->sd);\
 299                         ret = false;\
 300                 }\
 301         }\
 302 } while (0)
 303 
 304 static bool samsync_handle_domain(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
     /* [<][>][^][v][top][bottom][index][help] */
 305                            int database_id, struct netr_DELTA_ENUM *delta) 
 306 {
 307         struct netr_DELTA_DOMAIN *domain = delta->delta_union.domain;
 308         struct dom_sid *dom_sid;
 309         struct samr_QueryDomainInfo q[14]; /* q[0] will be unused simple for clarity */
 310         union samr_DomainInfo *info[14];
 311         uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
 312         NTSTATUS nt_status;
 313         int i;
 314         bool ret = true;
 315         
 316         samsync_state->seq_num[database_id] = 
 317                 domain->sequence_num;
 318         switch (database_id) {
 319         case SAM_DATABASE_DOMAIN:
 320                 break;
 321         case SAM_DATABASE_BUILTIN:
 322                 if (strcasecmp_m("BUILTIN", domain->domain_name.string) != 0) {
 323                         printf("BUILTIN domain has different name: %s\n", domain->domain_name.string);
 324                 }
 325                 break;
 326         case SAM_DATABASE_PRIVS:
 327                 printf("DOMAIN entry on privs DB!\n");
 328                 return false;
 329                 break;
 330         }
 331         
 332         if (!samsync_state->domain_name[database_id]) {
 333                 samsync_state->domain_name[database_id] = 
 334                         talloc_reference(samsync_state, domain->domain_name.string);
 335         } else {
 336                 if (strcasecmp_m(samsync_state->domain_name[database_id], domain->domain_name.string) != 0) {
 337                         printf("Domain has name varies!: %s != %s\n", samsync_state->domain_name[database_id], 
 338                                domain->domain_name.string);
 339                         return false;
 340                 }
 341         }
 342 
 343         if (!samsync_state->domain_handle[database_id]) {
 344                 samsync_state->domain_handle[database_id]
 345                         = talloc_reference(samsync_state, 
 346                                            samsync_open_domain(mem_ctx, samsync_state, samsync_state->domain_name[database_id], 
 347                                                                &dom_sid));
 348         }
 349         if (samsync_state->domain_handle[database_id]) {
 350                 samsync_state->sid[database_id] = talloc_reference(samsync_state, dom_sid);
 351         }
 352 
 353         printf("\tsequence_nums[%d/%s]=%llu\n",
 354                database_id, domain->domain_name.string,
 355                (long long)samsync_state->seq_num[database_id]);
 356 
 357         for (i=0;i<ARRAY_SIZE(levels);i++) {
 358 
 359                 q[levels[i]].in.domain_handle = samsync_state->domain_handle[database_id];
 360                 q[levels[i]].in.level = levels[i];
 361                 q[levels[i]].out.info = &info[levels[i]];
 362 
 363                 nt_status = dcerpc_samr_QueryDomainInfo(samsync_state->p_samr, mem_ctx, &q[levels[i]]);
 364 
 365                 if (!NT_STATUS_IS_OK(nt_status)) {
 366                         printf("QueryDomainInfo level %u failed - %s\n", 
 367                                q[levels[i]].in.level, nt_errstr(nt_status));
 368                         return false;
 369                 }
 370         }
 371 
 372         TEST_STRING_EQUAL(info[5]->info5.domain_name, domain->domain_name);
 373         
 374         TEST_STRING_EQUAL(info[2]->general.oem_information, domain->oem_information);
 375         TEST_STRING_EQUAL(info[4]->oem.oem_information, domain->oem_information);
 376         TEST_TIME_EQUAL(info[2]->general.force_logoff_time, domain->force_logoff_time);
 377         TEST_TIME_EQUAL(info[3]->info3.force_logoff_time, domain->force_logoff_time);
 378 
 379         TEST_TIME_EQUAL(info[1]->info1.min_password_length, domain->min_password_length);
 380         TEST_TIME_EQUAL(info[1]->info1.password_history_length, domain->password_history_length);
 381         TEST_TIME_EQUAL(info[1]->info1.max_password_age, domain->max_password_age);
 382         TEST_TIME_EQUAL(info[1]->info1.min_password_age, domain->min_password_age);
 383 
 384         TEST_UINT64_EQUAL(info[8]->info8.sequence_num,
 385                         domain->sequence_num);
 386         TEST_TIME_EQUAL(info[8]->info8.domain_create_time,
 387                         domain->domain_create_time);
 388         TEST_TIME_EQUAL(info[13]->info13.domain_create_time,
 389                         domain->domain_create_time);
 390 
 391         TEST_SEC_DESC_EQUAL(domain->sdbuf, samr, samsync_state->domain_handle[database_id]);
 392 
 393         return ret;
 394 }
 395 
 396 static bool samsync_handle_policy(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
     /* [<][>][^][v][top][bottom][index][help] */
 397                            int database_id, struct netr_DELTA_ENUM *delta) 
 398 {
 399         struct netr_DELTA_POLICY *policy = delta->delta_union.policy;
 400 
 401         samsync_state->seq_num[database_id] = 
 402                 policy->sequence_num;
 403         
 404         if (!samsync_state->domain_name[SAM_DATABASE_DOMAIN]) {
 405                 samsync_state->domain_name[SAM_DATABASE_DOMAIN] = 
 406                         talloc_reference(samsync_state, policy->primary_domain_name.string);
 407         } else {
 408                 if (strcasecmp_m(samsync_state->domain_name[SAM_DATABASE_DOMAIN], policy->primary_domain_name.string) != 0) {
 409                         printf("PRIMARY domain has name varies between DOMAIN and POLICY!: %s != %s\n", samsync_state->domain_name[SAM_DATABASE_DOMAIN], 
 410                                policy->primary_domain_name.string);
 411                         return false;
 412                 }
 413         }
 414 
 415         if (!dom_sid_equal(samsync_state->sid[SAM_DATABASE_DOMAIN], policy->sid)) {
 416                 printf("Domain SID from POLICY (%s) does not match domain sid from SAMR (%s)\n", 
 417                        dom_sid_string(mem_ctx, policy->sid), dom_sid_string(mem_ctx, samsync_state->sid[SAM_DATABASE_DOMAIN]));
 418                 return false;
 419         }
 420 
 421         printf("\tsequence_nums[%d/PRIVS]=%llu\n",
 422                database_id, 
 423                (long long)samsync_state->seq_num[database_id]);
 424         return true;
 425 }
 426 
 427 static bool samsync_handle_user(struct torture_context *tctx, TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
     /* [<][>][^][v][top][bottom][index][help] */
 428                                 int database_id, struct netr_DELTA_ENUM *delta) 
 429 {
 430         uint32_t rid = delta->delta_id_union.rid;
 431         struct netr_DELTA_USER *user = delta->delta_union.user;
 432         struct netr_SamInfo3 *info3;
 433         struct samr_Password lm_hash;
 434         struct samr_Password nt_hash;
 435         struct samr_Password *lm_hash_p = NULL;
 436         struct samr_Password *nt_hash_p = NULL;
 437         const char *domain = samsync_state->domain_name[database_id];
 438         const char *username = user->account_name.string;
 439         NTSTATUS nt_status;
 440         bool ret = true;
 441 
 442         struct samr_OpenUser r;
 443         struct samr_QueryUserInfo q;
 444         union samr_UserInfo *info;
 445         struct policy_handle user_handle;
 446 
 447         struct samr_GetGroupsForUser getgroups;
 448         struct samr_RidWithAttributeArray *rids;
 449 
 450         if (!samsync_state->domain_name || !samsync_state->domain_handle[database_id]) {
 451                 printf("SamSync needs domain information before the users\n");
 452                 return false;
 453         }
 454 
 455         r.in.domain_handle = samsync_state->domain_handle[database_id];
 456         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 457         r.in.rid = rid;
 458         r.out.user_handle = &user_handle;
 459 
 460         nt_status = dcerpc_samr_OpenUser(samsync_state->p_samr, mem_ctx, &r);
 461         if (!NT_STATUS_IS_OK(nt_status)) {
 462                 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(nt_status));
 463                 return false;
 464         }
 465 
 466         q.in.user_handle = &user_handle;
 467         q.in.level = 21;
 468         q.out.info = &info;
 469 
 470         TEST_SEC_DESC_EQUAL(user->sdbuf, samr, &user_handle);
 471 
 472         nt_status = dcerpc_samr_QueryUserInfo(samsync_state->p_samr, mem_ctx, &q);
 473         if (!NT_STATUS_IS_OK(nt_status)) {
 474                 printf("QueryUserInfo level %u failed - %s\n", 
 475                        q.in.level, nt_errstr(nt_status));
 476                 ret = false;
 477         }
 478 
 479         getgroups.in.user_handle = &user_handle;
 480         getgroups.out.rids = &rids;
 481         
 482         nt_status = dcerpc_samr_GetGroupsForUser(samsync_state->p_samr, mem_ctx, &getgroups);
 483         if (!NT_STATUS_IS_OK(nt_status)) {
 484                 printf("GetGroupsForUser failed - %s\n",
 485                        nt_errstr(nt_status));
 486                 ret = false;
 487         }
 488 
 489         if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, &user_handle)) {
 490                 printf("samr_handle_Close failed - %s\n", 
 491                        nt_errstr(nt_status));
 492                 ret = false;
 493         }
 494         if (!ret) {
 495                 return false;
 496         }
 497 
 498         if (!NT_STATUS_IS_OK(nt_status)) {
 499                 printf("QueryUserInfo level %u failed - %s\n", 
 500                        q.in.level, nt_errstr(nt_status));
 501                 return false;
 502         }
 503 
 504         TEST_STRING_EQUAL(info->info21.account_name, user->account_name);
 505         TEST_STRING_EQUAL(info->info21.full_name, user->full_name);
 506         TEST_INT_EQUAL(info->info21.rid, user->rid);
 507         TEST_INT_EQUAL(info->info21.primary_gid, user->primary_gid);
 508         TEST_STRING_EQUAL(info->info21.home_directory, user->home_directory);
 509         TEST_STRING_EQUAL(info->info21.home_drive, user->home_drive);
 510         TEST_STRING_EQUAL(info->info21.logon_script, user->logon_script);
 511         TEST_STRING_EQUAL(info->info21.description, user->description);
 512         TEST_STRING_EQUAL(info->info21.workstations, user->workstations);
 513 
 514         TEST_TIME_EQUAL(info->info21.last_logon, user->last_logon);
 515         TEST_TIME_EQUAL(info->info21.last_logoff, user->last_logoff);
 516 
 517 
 518         TEST_INT_EQUAL(info->info21.logon_hours.units_per_week,
 519                        user->logon_hours.units_per_week);
 520         if (ret) {
 521                 if (memcmp(info->info21.logon_hours.bits, user->logon_hours.bits,
 522                            info->info21.logon_hours.units_per_week/8) != 0) {
 523                         printf("Logon hours mismatch\n");
 524                         ret = false;
 525                 }
 526         }
 527 
 528         TEST_INT_EQUAL(info->info21.bad_password_count,
 529                        user->bad_password_count);
 530         TEST_INT_EQUAL(info->info21.logon_count,
 531                        user->logon_count);
 532 
 533         TEST_TIME_EQUAL(info->info21.last_password_change,
 534                        user->last_password_change);
 535         TEST_TIME_EQUAL(info->info21.acct_expiry,
 536                        user->acct_expiry);
 537 
 538         TEST_INT_EQUAL((info->info21.acct_flags & ~ACB_PW_EXPIRED), user->acct_flags);
 539         if (user->acct_flags & ACB_PWNOEXP) {
 540                 if (info->info21.acct_flags & ACB_PW_EXPIRED) {
 541                         printf("ACB flags mismatch: both expired and no expiry!\n");
 542                         ret = false;
 543                 }
 544                 if (info->info21.force_password_change != (NTTIME)0x7FFFFFFFFFFFFFFFULL) {
 545                         printf("ACB flags mismatch: no password expiry, but force password change 0x%016llx (%lld) != 0x%016llx (%lld)\n",
 546                                (unsigned long long)info->info21.force_password_change,
 547                                (unsigned long long)info->info21.force_password_change,
 548                                (unsigned long long)0x7FFFFFFFFFFFFFFFULL, (unsigned long long)0x7FFFFFFFFFFFFFFFULL
 549                                 );
 550                         ret = false;
 551                 }
 552         }
 553 
 554         TEST_INT_EQUAL(info->info21.nt_password_set, user->nt_password_present);
 555         TEST_INT_EQUAL(info->info21.lm_password_set, user->lm_password_present);
 556         TEST_INT_EQUAL(info->info21.password_expired, user->password_expired);
 557 
 558         TEST_STRING_EQUAL(info->info21.comment, user->comment);
 559         TEST_BINARY_STRING_EQUAL(info->info21.parameters, user->parameters);
 560 
 561         TEST_INT_EQUAL(info->info21.country_code, user->country_code);
 562         TEST_INT_EQUAL(info->info21.code_page, user->code_page);
 563 
 564         TEST_STRING_EQUAL(info->info21.profile_path, user->profile_path);
 565 
 566         if (user->lm_password_present) {
 567                 sam_rid_crypt(rid, user->lmpassword.hash, lm_hash.hash, 0);
 568                 lm_hash_p = &lm_hash;
 569         }
 570         if (user->nt_password_present) {
 571                 sam_rid_crypt(rid, user->ntpassword.hash, nt_hash.hash, 0);
 572                 nt_hash_p = &nt_hash;
 573         }
 574 
 575         if (user->user_private_info.SensitiveData) {
 576                 DATA_BLOB data;
 577                 struct netr_USER_KEYS keys;
 578                 enum ndr_err_code ndr_err;
 579                 data.data = user->user_private_info.SensitiveData;
 580                 data.length = user->user_private_info.DataLength;
 581                 creds_arcfour_crypt(samsync_state->creds, data.data, data.length);
 582                 ndr_err = ndr_pull_struct_blob(&data, mem_ctx, lp_iconv_convenience(tctx->lp_ctx), &keys, (ndr_pull_flags_fn_t)ndr_pull_netr_USER_KEYS);
 583                 if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 584                         if (keys.keys.keys2.lmpassword.length == 16) {
 585                                 sam_rid_crypt(rid, keys.keys.keys2.lmpassword.pwd.hash, lm_hash.hash, 0);
 586                                 lm_hash_p = &lm_hash;
 587                         }
 588                         if (keys.keys.keys2.ntpassword.length == 16) {
 589                                 sam_rid_crypt(rid, keys.keys.keys2.ntpassword.pwd.hash, nt_hash.hash, 0);
 590                                 nt_hash_p = &nt_hash;
 591                         }
 592                 } else {
 593                         printf("Failed to parse Sensitive Data for %s:\n", username);
 594 #if 0
 595                         dump_data(0, data.data, data.length);
 596 #endif
 597                         return false;
 598                 }
 599         }
 600 
 601         if (nt_hash_p) {
 602                 DATA_BLOB nt_hash_blob = data_blob_const(nt_hash_p, 16);
 603                 DEBUG(100,("ACCOUNT [%s\\%-25s] NTHASH %s\n", samsync_state->domain_name[0], username, data_blob_hex_string(mem_ctx, &nt_hash_blob)));
 604         }
 605         if (lm_hash_p) {
 606                 DATA_BLOB lm_hash_blob = data_blob_const(lm_hash_p, 16);
 607                 DEBUG(100,("ACCOUNT [%s\\%-25s] LMHASH %s\n", samsync_state->domain_name[0], username, data_blob_hex_string(mem_ctx, &lm_hash_blob)));
 608         }
 609 
 610         nt_status = test_SamLogon(samsync_state->p_netlogon_wksta, mem_ctx, samsync_state->creds_netlogon_wksta, 
 611                                   domain,
 612                                   username, 
 613                                   TEST_WKSTA_MACHINE_NAME,
 614                                   lm_hash_p,
 615                                   nt_hash_p,
 616                                   &info3);
 617 
 618         if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCOUNT_DISABLED)) {
 619                 if (user->acct_flags & ACB_DISABLED) {
 620                         return true;
 621                 }
 622         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)) {
 623                 if (user->acct_flags & ACB_WSTRUST) {
 624                         return true;
 625                 }
 626         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)) {
 627                 if (user->acct_flags & ACB_SVRTRUST) {
 628                         return true;
 629                 }
 630         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
 631                 if (user->acct_flags & ACB_DOMTRUST) {
 632                         return true;
 633                 }
 634         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
 635                 if (user->acct_flags & ACB_DOMTRUST) {
 636                         return true;
 637                 }
 638         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCOUNT_LOCKED_OUT)) {
 639                 if (user->acct_flags & ACB_AUTOLOCK) {
 640                         return true;
 641                 }
 642         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_PASSWORD_EXPIRED)) {
 643                 if (info->info21.acct_flags & ACB_PW_EXPIRED) {
 644                         return true;
 645                 }
 646         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD)) {
 647                 if (!lm_hash_p && !nt_hash_p) {
 648                         return true;
 649                 }
 650         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_PASSWORD_MUST_CHANGE)) {
 651                 /* We would need to know the server's current time to test this properly */
 652                 return true;
 653         } else if (NT_STATUS_IS_OK(nt_status)) {
 654                 TEST_INT_EQUAL(user->rid, info3->base.rid);
 655                 TEST_INT_EQUAL(user->primary_gid, info3->base.primary_gid);
 656                 /* this is 0x0 from NT4 sp6 */
 657                 if (info3->base.acct_flags) {
 658                         TEST_INT_EQUAL(user->acct_flags, info3->base.acct_flags);
 659                 }
 660                 /* this is NULL from NT4 sp6 */
 661                 if (info3->base.account_name.string) {
 662                         TEST_STRING_EQUAL(user->account_name, info3->base.account_name);
 663                 }
 664                 /* this is NULL from Win2k3 */
 665                 if (info3->base.full_name.string) {
 666                         TEST_STRING_EQUAL(user->full_name, info3->base.full_name);
 667                 }
 668                 TEST_STRING_EQUAL(user->logon_script, info3->base.logon_script);
 669                 TEST_STRING_EQUAL(user->profile_path, info3->base.profile_path);
 670                 TEST_STRING_EQUAL(user->home_directory, info3->base.home_directory);
 671                 TEST_STRING_EQUAL(user->home_drive, info3->base.home_drive);
 672                 TEST_STRING_EQUAL(user->logon_script, info3->base.logon_script);
 673 
 674 
 675                 TEST_TIME_EQUAL(user->last_logon, info3->base.last_logon);
 676                 TEST_TIME_EQUAL(user->acct_expiry, info3->base.acct_expiry);
 677                 TEST_TIME_EQUAL(user->last_password_change, info3->base.last_password_change);
 678                 TEST_TIME_EQUAL(info->info21.force_password_change, info3->base.force_password_change);
 679 
 680                 /* Does the concept of a logoff time ever really
 681                  * exist? (not in any sensible way, according to the
 682                  * doco I read -- abartlet) */
 683 
 684                 /* This copes with the two different versions of 0 I see */
 685                 /* with NT4 sp6 we have the || case */
 686                 if (!((user->last_logoff == 0) 
 687                       || (info3->base.last_logoff == 0x7fffffffffffffffLL))) {
 688                         TEST_TIME_EQUAL(user->last_logoff, info3->base.last_logoff);
 689                 }
 690 
 691                 TEST_INT_EQUAL(rids->count, info3->base.groups.count);
 692                 if (rids->count == info3->base.groups.count) {
 693                         int i, j;
 694                         int count = rids->count;
 695                         bool *matched = talloc_zero_array(mem_ctx, bool, rids->count);
 696                                 
 697                         for (i = 0; i < count; i++) {
 698                                 for (j = 0; j < count; j++) {
 699                                         if ((rids->rids[i].rid ==
 700                                              info3->base.groups.rids[j].rid)
 701                                             && (rids->rids[i].attributes ==
 702                                                 info3->base.groups.rids[j].attributes)) {
 703                                                         matched[i] = true;
 704                                                 }
 705                                 }
 706                         }
 707 
 708                         for (i = 0; i < rids->count; i++) {
 709                                 if (matched[i] == false) {
 710                                         ret = false;
 711                                         printf("Could not find group RID %u found in getgroups in NETLOGON reply\n",
 712                                                rids->rids[i].rid);
 713                                 }
 714                         }
 715                 }
 716                 return ret;
 717         } else {
 718                 printf("Could not validate password for user %s\\%s: %s\n",
 719                        domain, username, nt_errstr(nt_status));
 720                 return false;
 721         } 
 722         return false;
 723 }
 724 
 725 static bool samsync_handle_alias(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
     /* [<][>][^][v][top][bottom][index][help] */
 726                                  int database_id, struct netr_DELTA_ENUM *delta) 
 727 {
 728         uint32_t rid = delta->delta_id_union.rid;
 729         struct netr_DELTA_ALIAS *alias = delta->delta_union.alias;
 730         NTSTATUS nt_status;
 731         bool ret = true;
 732 
 733         struct samr_OpenAlias r;
 734         struct samr_QueryAliasInfo q;
 735         union samr_AliasInfo *info;
 736         struct policy_handle alias_handle;
 737 
 738         if (!samsync_state->domain_name || !samsync_state->domain_handle[database_id]) {
 739                 printf("SamSync needs domain information before the users\n");
 740                 return false;
 741         }
 742 
 743         r.in.domain_handle = samsync_state->domain_handle[database_id];
 744         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 745         r.in.rid = rid;
 746         r.out.alias_handle = &alias_handle;
 747 
 748         nt_status = dcerpc_samr_OpenAlias(samsync_state->p_samr, mem_ctx, &r);
 749         if (!NT_STATUS_IS_OK(nt_status)) {
 750                 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(nt_status));
 751                 return false;
 752         }
 753 
 754         q.in.alias_handle = &alias_handle;
 755         q.in.level = 1;
 756         q.out.info = &info;
 757 
 758         TEST_SEC_DESC_EQUAL(alias->sdbuf, samr, &alias_handle);
 759 
 760         nt_status = dcerpc_samr_QueryAliasInfo(samsync_state->p_samr, mem_ctx, &q);
 761         if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, &alias_handle)) {
 762                 return false;
 763         }
 764 
 765         if (!NT_STATUS_IS_OK(nt_status)) {
 766                 printf("QueryAliasInfo level %u failed - %s\n", 
 767                        q.in.level, nt_errstr(nt_status));
 768                 return false;
 769         }
 770 
 771         TEST_STRING_EQUAL(info->all.name, alias->alias_name);
 772         TEST_STRING_EQUAL(info->all.description, alias->description);
 773         return ret;
 774 }
 775 
 776 static bool samsync_handle_group(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
     /* [<][>][^][v][top][bottom][index][help] */
 777                                  int database_id, struct netr_DELTA_ENUM *delta) 
 778 {
 779         uint32_t rid = delta->delta_id_union.rid;
 780         struct netr_DELTA_GROUP *group = delta->delta_union.group;
 781         NTSTATUS nt_status;
 782         bool ret = true;
 783 
 784         struct samr_OpenGroup r;
 785         struct samr_QueryGroupInfo q;
 786         union samr_GroupInfo *info;
 787         struct policy_handle group_handle;
 788 
 789         if (!samsync_state->domain_name || !samsync_state->domain_handle[database_id]) {
 790                 printf("SamSync needs domain information before the users\n");
 791                 return false;
 792         }
 793 
 794         r.in.domain_handle = samsync_state->domain_handle[database_id];
 795         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 796         r.in.rid = rid;
 797         r.out.group_handle = &group_handle;
 798 
 799         nt_status = dcerpc_samr_OpenGroup(samsync_state->p_samr, mem_ctx, &r);
 800         if (!NT_STATUS_IS_OK(nt_status)) {
 801                 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(nt_status));
 802                 return false;
 803         }
 804 
 805         q.in.group_handle = &group_handle;
 806         q.in.level = 1;
 807         q.out.info = &info;
 808 
 809         TEST_SEC_DESC_EQUAL(group->sdbuf, samr, &group_handle);
 810 
 811         nt_status = dcerpc_samr_QueryGroupInfo(samsync_state->p_samr, mem_ctx, &q);
 812         if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, &group_handle)) {
 813                 return false;
 814         }
 815 
 816         if (!NT_STATUS_IS_OK(nt_status)) {
 817                 printf("QueryGroupInfo level %u failed - %s\n", 
 818                        q.in.level, nt_errstr(nt_status));
 819                 return false;
 820         }
 821 
 822         TEST_STRING_EQUAL(info->all.name, group->group_name);
 823         TEST_INT_EQUAL(info->all.attributes, group->attributes);
 824         TEST_STRING_EQUAL(info->all.description, group->description);
 825         return ret;
 826 }
 827 
 828 static bool samsync_handle_secret(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
     /* [<][>][^][v][top][bottom][index][help] */
 829                                   int database_id, struct netr_DELTA_ENUM *delta) 
 830 {
 831         struct netr_DELTA_SECRET *secret = delta->delta_union.secret;
 832         const char *name = delta->delta_id_union.name;
 833         struct samsync_secret *nsec = talloc(samsync_state, struct samsync_secret);
 834         struct samsync_secret *old = talloc(mem_ctx, struct samsync_secret);
 835         struct lsa_QuerySecret q;
 836         struct lsa_OpenSecret o;
 837         struct policy_handle sec_handle;
 838         struct lsa_DATA_BUF_PTR bufp1;
 839         struct lsa_DATA_BUF_PTR bufp2;
 840         NTTIME nsec_mtime;
 841         NTTIME old_mtime;
 842         bool ret = true;
 843         DATA_BLOB lsa_blob1, lsa_blob_out, session_key;
 844         NTSTATUS status;
 845 
 846         creds_arcfour_crypt(samsync_state->creds, secret->current_cipher.cipher_data, 
 847                             secret->current_cipher.maxlen); 
 848 
 849         creds_arcfour_crypt(samsync_state->creds, secret->old_cipher.cipher_data, 
 850                             secret->old_cipher.maxlen); 
 851 
 852         nsec->name = talloc_reference(nsec, name);
 853         nsec->secret = data_blob_talloc(nsec, secret->current_cipher.cipher_data, secret->current_cipher.maxlen);
 854         nsec->mtime = secret->current_cipher_set_time;
 855 
 856         nsec = talloc_reference(samsync_state, nsec);
 857         DLIST_ADD(samsync_state->secrets, nsec);
 858 
 859         old->name = talloc_reference(old, name);
 860         old->secret = data_blob_const(secret->old_cipher.cipher_data, secret->old_cipher.maxlen);
 861         old->mtime = secret->old_cipher_set_time;
 862 
 863         o.in.handle = samsync_state->lsa_handle;
 864         o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 865         o.in.name.string = name;
 866         o.out.sec_handle = &sec_handle;
 867 
 868         status = dcerpc_lsa_OpenSecret(samsync_state->p_lsa, mem_ctx, &o);
 869         if (!NT_STATUS_IS_OK(status)) {
 870                 printf("OpenSecret failed - %s\n", nt_errstr(status));
 871                 return false;
 872         }
 873 
 874 /*
 875   We would like to do this, but it is NOT_SUPPORTED on win2k3
 876   TEST_SEC_DESC_EQUAL(secret->sdbuf, lsa, &sec_handle);
 877 */
 878         status = dcerpc_fetch_session_key(samsync_state->p_lsa, &session_key);
 879         if (!NT_STATUS_IS_OK(status)) {
 880                 printf("dcerpc_fetch_session_key failed - %s\n", nt_errstr(status));
 881                 return false;
 882         }
 883 
 884 
 885         ZERO_STRUCT(nsec_mtime);
 886         ZERO_STRUCT(old_mtime);
 887 
 888         /* fetch the secret back again */
 889         q.in.sec_handle = &sec_handle;
 890         q.in.new_val = &bufp1;
 891         q.in.new_mtime = &nsec_mtime;
 892         q.in.old_val = &bufp2;
 893         q.in.old_mtime = &old_mtime;
 894 
 895         bufp1.buf = NULL;
 896         bufp2.buf = NULL;
 897 
 898         status = dcerpc_lsa_QuerySecret(samsync_state->p_lsa, mem_ctx, &q);
 899         if (NT_STATUS_EQUAL(NT_STATUS_ACCESS_DENIED, status)) {
 900                 /* some things are just off limits */
 901                 return true;
 902         } else if (!NT_STATUS_IS_OK(status)) {
 903                 printf("QuerySecret failed - %s\n", nt_errstr(status));
 904                 return false;
 905         }
 906 
 907         if (q.out.old_val->buf == NULL) {
 908                 /* probably just not available due to ACLs */
 909         } else {
 910                 lsa_blob1.data = q.out.old_val->buf->data;
 911                 lsa_blob1.length = q.out.old_val->buf->length;
 912 
 913                 status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out);
 914                 if (!NT_STATUS_IS_OK(status)) {
 915                         printf("Failed to decrypt secrets OLD blob: %s\n", nt_errstr(status));
 916                         return false;
 917                 }
 918 
 919                 if (!q.out.old_mtime) {
 920                         printf("OLD mtime not available on LSA for secret %s\n", old->name);
 921                         ret = false;
 922                 }
 923                 if (old->mtime != *q.out.old_mtime) {
 924                         printf("OLD mtime on secret %s does not match between SAMSYNC (%s) and LSA (%s)\n", 
 925                                old->name, nt_time_string(mem_ctx, old->mtime), 
 926                                nt_time_string(mem_ctx, *q.out.old_mtime)); 
 927                         ret = false;
 928                 }
 929 
 930                 if (old->secret.length != lsa_blob_out.length) {
 931                         printf("Returned secret %s doesn't match: %d != %d\n",
 932                                old->name, (int)old->secret.length, (int)lsa_blob_out.length);
 933                         ret = false;
 934                 } else if (memcmp(lsa_blob_out.data, 
 935                            old->secret.data, old->secret.length) != 0) {
 936                         printf("Returned secret %s doesn't match: \n",
 937                                old->name);
 938                         DEBUG(1, ("SamSync Secret:\n"));
 939                         dump_data(1, old->secret.data, old->secret.length);
 940                         DEBUG(1, ("LSA Secret:\n"));
 941                         dump_data(1, lsa_blob_out.data, lsa_blob_out.length);
 942                         ret = false;
 943                 }
 944 
 945         }
 946 
 947         if (q.out.new_val->buf == NULL) {
 948                 /* probably just not available due to ACLs */
 949         } else {
 950                 lsa_blob1.data = q.out.new_val->buf->data;
 951                 lsa_blob1.length = q.out.new_val->buf->length;
 952 
 953                 status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out);
 954                 if (!NT_STATUS_IS_OK(status)) {
 955                         printf("Failed to decrypt secrets OLD blob\n");
 956                         return false;
 957                 }
 958                 
 959                 if (!q.out.new_mtime) {
 960                         printf("NEW mtime not available on LSA for secret %s\n", nsec->name);
 961                         ret = false;
 962                 }
 963                 if (nsec->mtime != *q.out.new_mtime) {
 964                         printf("NEW mtime on secret %s does not match between SAMSYNC (%s) and LSA (%s)\n", 
 965                                nsec->name, nt_time_string(mem_ctx, nsec->mtime),
 966                                nt_time_string(mem_ctx, *q.out.new_mtime)); 
 967                         ret = false;
 968                 }
 969 
 970                 if (nsec->secret.length != lsa_blob_out.length) {
 971                         printf("Returned secret %s doesn't match: %d != %d\n",
 972                                nsec->name, (int)nsec->secret.length, (int)lsa_blob_out.length);
 973                         ret = false;
 974                 } else if (memcmp(lsa_blob_out.data, 
 975                            nsec->secret.data, nsec->secret.length) != 0) {
 976                         printf("Returned secret %s doesn't match: \n",
 977                                nsec->name);
 978                         DEBUG(1, ("SamSync Secret:\n"));
 979                         dump_data(1, nsec->secret.data, nsec->secret.length);
 980                         DEBUG(1, ("LSA Secret:\n"));
 981                         dump_data(1, lsa_blob_out.data, lsa_blob_out.length);
 982                         ret = false;
 983                 }
 984         }
 985 
 986         return ret;
 987 }
 988 
 989 static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
     /* [<][>][^][v][top][bottom][index][help] */
 990                                           int database_id, struct netr_DELTA_ENUM *delta) 
 991 {
 992         NTSTATUS status;
 993         bool ret = true;
 994         struct netr_DELTA_TRUSTED_DOMAIN *trusted_domain = delta->delta_union.trusted_domain;
 995         struct dom_sid *dom_sid = delta->delta_id_union.sid;
 996 
 997         struct samsync_trusted_domain *ndom = talloc(samsync_state, struct samsync_trusted_domain);
 998         struct lsa_OpenTrustedDomain t;
 999         struct policy_handle trustdom_handle;
1000         struct lsa_QueryTrustedDomainInfo q;
1001         union lsa_TrustedDomainInfo *info[9];
1002         union lsa_TrustedDomainInfo *_info = NULL;
1003         int levels [] = {1, 3, 8};
1004         int i;
1005 
1006         ndom->name = talloc_reference(ndom, trusted_domain->domain_name.string);
1007         ndom->sid = talloc_reference(ndom, dom_sid);
1008 
1009         t.in.handle = samsync_state->lsa_handle;
1010         t.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1011         t.in.sid = dom_sid;
1012         t.out.trustdom_handle = &trustdom_handle;
1013 
1014         status = dcerpc_lsa_OpenTrustedDomain(samsync_state->p_lsa, mem_ctx, &t);
1015         if (!NT_STATUS_IS_OK(status)) {
1016                 printf("OpenTrustedDomain failed - %s\n", nt_errstr(status));
1017                 return false;
1018         }
1019         
1020         for (i=0; i< ARRAY_SIZE(levels); i++) {
1021                 q.in.trustdom_handle = &trustdom_handle;
1022                 q.in.level = levels[i];
1023                 q.out.info = &_info;
1024                 status = dcerpc_lsa_QueryTrustedDomainInfo(samsync_state->p_lsa, mem_ctx, &q);
1025                 if (!NT_STATUS_IS_OK(status)) {
1026                         if (q.in.level == 8 && NT_STATUS_EQUAL(status,NT_STATUS_INVALID_PARAMETER)) {
1027                                 info[levels[i]] = NULL;
1028                                 continue;
1029                         }
1030                         printf("QueryInfoTrustedDomain level %d failed - %s\n", 
1031                                levels[i], nt_errstr(status));
1032                         return false;
1033                 }
1034                 info[levels[i]]  = _info;
1035         }
1036 
1037         if (info[8]) {
1038                 TEST_SID_EQUAL(info[8]->full_info.info_ex.sid, dom_sid);
1039                 TEST_STRING_EQUAL(info[8]->full_info.info_ex.netbios_name, trusted_domain->domain_name);
1040         }
1041         TEST_STRING_EQUAL(info[1]->name.netbios_name, trusted_domain->domain_name);
1042         TEST_INT_EQUAL(info[3]->posix_offset.posix_offset, trusted_domain->posix_offset);
1043 /*
1044   We would like to do this, but it is NOT_SUPPORTED on win2k3
1045         TEST_SEC_DESC_EQUAL(trusted_domain->sdbuf, lsa, &trustdom_handle);
1046 */
1047         ndom = talloc_reference(samsync_state, ndom);
1048         DLIST_ADD(samsync_state->trusted_domains, ndom);
1049 
1050         return ret;
1051 }
1052 
1053 static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
     /* [<][>][^][v][top][bottom][index][help] */
1054                                           int database_id, struct netr_DELTA_ENUM *delta) 
1055 {
1056         NTSTATUS status;
1057         bool ret = true;
1058         struct netr_DELTA_ACCOUNT *account = delta->delta_union.account;
1059         struct dom_sid *dom_sid = delta->delta_id_union.sid;
1060 
1061         struct lsa_OpenAccount a;
1062         struct policy_handle acct_handle;
1063         struct lsa_EnumPrivsAccount e;
1064         struct lsa_PrivilegeSet *privs = NULL;
1065         struct lsa_LookupPrivName r;
1066 
1067         int i, j;
1068 
1069         bool *found_priv_in_lsa;
1070 
1071         a.in.handle = samsync_state->lsa_handle;
1072         a.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1073         a.in.sid = dom_sid;
1074         a.out.acct_handle = &acct_handle;
1075 
1076         status = dcerpc_lsa_OpenAccount(samsync_state->p_lsa, mem_ctx, &a);
1077         if (!NT_STATUS_IS_OK(status)) {
1078                 printf("OpenTrustedDomain failed - %s\n", nt_errstr(status));
1079                 return false;
1080         }
1081 
1082         TEST_SEC_DESC_EQUAL(account->sdbuf, lsa, &acct_handle);
1083 
1084         found_priv_in_lsa = talloc_zero_array(mem_ctx, bool, account->privilege_entries);
1085 
1086         e.in.handle = &acct_handle;
1087         e.out.privs = &privs;
1088 
1089         status = dcerpc_lsa_EnumPrivsAccount(samsync_state->p_lsa, mem_ctx, &e);
1090         if (!NT_STATUS_IS_OK(status)) {
1091                 printf("EnumPrivsAccount failed - %s\n", nt_errstr(status));
1092                 return false;
1093         }
1094 
1095         if ((account->privilege_entries && !privs)) {
1096                 printf("Account %s has privileges in SamSync, but not LSA\n",
1097                        dom_sid_string(mem_ctx, dom_sid));
1098                 return false;
1099         }
1100 
1101         if (!account->privilege_entries && privs && privs->count) {
1102                 printf("Account %s has privileges in LSA, but not SamSync\n",
1103                        dom_sid_string(mem_ctx, dom_sid));
1104                 return false;
1105         }
1106 
1107         TEST_INT_EQUAL(account->privilege_entries, privs->count);
1108         
1109         for (i=0;i< privs->count; i++) {
1110 
1111                 struct lsa_StringLarge *name = NULL;
1112 
1113                 r.in.handle = samsync_state->lsa_handle;
1114                 r.in.luid = &privs->set[i].luid;
1115                 r.out.name = &name;
1116                 
1117                 status = dcerpc_lsa_LookupPrivName(samsync_state->p_lsa, mem_ctx, &r);
1118                 if (!NT_STATUS_IS_OK(status)) {
1119                         printf("\nLookupPrivName failed - %s\n", nt_errstr(status));
1120                         return false;
1121                 }
1122                 
1123                 if (!r.out.name) {
1124                         printf("\nLookupPrivName failed to return a name\n");
1125                         return false;
1126                 }
1127                 for (j=0;j<account->privilege_entries; j++) {
1128                         if (strcmp(name->string, account->privilege_name[j].string) == 0) {
1129                                 found_priv_in_lsa[j] = true;
1130                                 break;
1131                         }
1132                 }
1133         }
1134         for (j=0;j<account->privilege_entries; j++) {
1135                 if (!found_priv_in_lsa[j]) {
1136                         printf("Privilage %s on account %s not found in LSA\n", account->privilege_name[j].string, 
1137                                dom_sid_string(mem_ctx, dom_sid));
1138                         ret = false;
1139                 }
1140         }
1141         return ret;
1142 }
1143 
1144 /*
1145   try a netlogon DatabaseSync
1146 */
1147 static bool test_DatabaseSync(struct torture_context *tctx, 
     /* [<][>][^][v][top][bottom][index][help] */
1148                                                           struct samsync_state *samsync_state,
1149                                                           TALLOC_CTX *mem_ctx)
1150 {
1151         NTSTATUS status;
1152         TALLOC_CTX *loop_ctx, *delta_ctx, *trustdom_ctx;
1153         struct netr_DatabaseSync r;
1154         const enum netr_SamDatabaseID database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS}; 
1155         int i, d;
1156         bool ret = true;
1157         struct samsync_trusted_domain *t;
1158         struct samsync_secret *s;
1159         struct netr_Authenticator return_authenticator, credential;
1160         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1161         
1162         const char *domain, *username;
1163 
1164         ZERO_STRUCT(return_authenticator);
1165 
1166         r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(samsync_state->p));
1167         r.in.computername = TEST_MACHINE_NAME;
1168         r.in.preferredmaximumlength = (uint32_t)-1;
1169         r.in.return_authenticator = &return_authenticator;
1170         r.out.return_authenticator = &return_authenticator;
1171         r.out.delta_enum_array = &delta_enum_array;
1172 
1173         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1174 
1175                 uint32_t sync_context = 0;
1176 
1177                 r.in.database_id = database_ids[i];
1178                 r.in.sync_context = &sync_context;
1179                 r.out.sync_context = &sync_context;
1180 
1181                 printf("Testing DatabaseSync of id %d\n", r.in.database_id);
1182 
1183                 do {
1184                         loop_ctx = talloc_named(mem_ctx, 0, "DatabaseSync loop context");
1185                         creds_client_authenticator(samsync_state->creds, &credential);
1186 
1187                         r.in.credential = &credential;
1188 
1189                         status = dcerpc_netr_DatabaseSync(samsync_state->p, loop_ctx, &r);
1190                         if (!NT_STATUS_IS_OK(status) &&
1191                             !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
1192                                 printf("DatabaseSync - %s\n", nt_errstr(status));
1193                                 ret = false;
1194                                 break;
1195                         }
1196 
1197                         if (!creds_client_check(samsync_state->creds, &r.out.return_authenticator->cred)) {
1198                                 printf("Credential chaining failed\n");
1199                         }
1200 
1201                         r.in.sync_context = r.out.sync_context;
1202 
1203                         for (d=0; d < delta_enum_array->num_deltas; d++) {
1204                                 delta_ctx = talloc_named(loop_ctx, 0, "DatabaseSync delta context");
1205                                 switch (delta_enum_array->delta_enum[d].delta_type) {
1206                                 case NETR_DELTA_DOMAIN:
1207                                         if (!samsync_handle_domain(delta_ctx, samsync_state, 
1208                                                                    r.in.database_id, &delta_enum_array->delta_enum[d])) {
1209                                                 printf("Failed to handle DELTA_DOMAIN\n");
1210                                                 ret = false;
1211                                         }
1212                                         break;
1213                                 case NETR_DELTA_GROUP:
1214                                         if (!samsync_handle_group(delta_ctx, samsync_state, 
1215                                                                   r.in.database_id, &delta_enum_array->delta_enum[d])) {
1216                                                 printf("Failed to handle DELTA_USER\n");
1217                                                 ret = false;
1218                                         }
1219                                         break;
1220                                 case NETR_DELTA_USER:
1221                                         if (!samsync_handle_user(tctx, delta_ctx, samsync_state, 
1222                                                                  r.in.database_id, &delta_enum_array->delta_enum[d])) {
1223                                                 printf("Failed to handle DELTA_USER\n");
1224                                                 ret = false;
1225                                         }
1226                                         break;
1227                                 case NETR_DELTA_ALIAS:
1228                                         if (!samsync_handle_alias(delta_ctx, samsync_state, 
1229                                                                   r.in.database_id, &delta_enum_array->delta_enum[d])) {
1230                                                 printf("Failed to handle DELTA_ALIAS\n");
1231                                                 ret = false;
1232                                         }
1233                                         break;
1234                                 case NETR_DELTA_POLICY:
1235                                         if (!samsync_handle_policy(delta_ctx, samsync_state, 
1236                                                                    r.in.database_id, &delta_enum_array->delta_enum[d])) {
1237                                                 printf("Failed to handle DELTA_POLICY\n");
1238                                                 ret = false;
1239                                         }
1240                                         break;
1241                                 case NETR_DELTA_TRUSTED_DOMAIN:
1242                                         if (!samsync_handle_trusted_domain(delta_ctx, samsync_state, 
1243                                                                            r.in.database_id, &delta_enum_array->delta_enum[d])) {
1244                                                 printf("Failed to handle DELTA_TRUSTED_DOMAIN\n");
1245                                                 ret = false;
1246                                         }
1247                                         break;
1248                                 case NETR_DELTA_ACCOUNT:
1249                                         if (!samsync_handle_account(delta_ctx, samsync_state, 
1250                                                                     r.in.database_id, &delta_enum_array->delta_enum[d])) {
1251                                                 printf("Failed to handle DELTA_ACCOUNT\n");
1252                                                 ret = false;
1253                                         }
1254                                         break;
1255                                 case NETR_DELTA_SECRET:
1256                                         if (!samsync_handle_secret(delta_ctx, samsync_state, 
1257                                                                    r.in.database_id, &delta_enum_array->delta_enum[d])) {
1258                                                 printf("Failed to handle DELTA_SECRET\n");
1259                                                 ret = false;
1260                                         }
1261                                         break;
1262                                 case NETR_DELTA_GROUP_MEMBER:
1263                                 case NETR_DELTA_ALIAS_MEMBER:
1264                                         /* These are harder to cross-check, and we expect them */
1265                                         break;
1266                                 case NETR_DELTA_DELETE_GROUP:
1267                                 case NETR_DELTA_RENAME_GROUP:
1268                                 case NETR_DELTA_DELETE_USER:
1269                                 case NETR_DELTA_RENAME_USER:
1270                                 case NETR_DELTA_DELETE_ALIAS:
1271                                 case NETR_DELTA_RENAME_ALIAS:
1272                                 case NETR_DELTA_DELETE_TRUST:
1273                                 case NETR_DELTA_DELETE_ACCOUNT:
1274                                 case NETR_DELTA_DELETE_SECRET:
1275                                 case NETR_DELTA_DELETE_GROUP2:
1276                                 case NETR_DELTA_DELETE_USER2:
1277                                 case NETR_DELTA_MODIFY_COUNT:
1278                                 default:
1279                                         printf("Uxpected delta type %d\n", delta_enum_array->delta_enum[d].delta_type);
1280                                         ret = false;
1281                                         break;
1282                                 }
1283                                 talloc_free(delta_ctx);
1284                         }
1285                         talloc_free(loop_ctx);
1286                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1287                 
1288         }
1289 
1290         domain = samsync_state->domain_name[SAM_DATABASE_DOMAIN];
1291         if (!domain) {
1292                 printf("Never got a DOMAIN object in samsync!\n");
1293                 return false;
1294         }
1295 
1296         trustdom_ctx = talloc_named(mem_ctx, 0, "test_DatabaseSync Trusted domains context");
1297         
1298         username = talloc_asprintf(trustdom_ctx, "%s$", domain);
1299         for (t=samsync_state->trusted_domains; t; t=t->next) {
1300                 char *secret_name = talloc_asprintf(trustdom_ctx, "G$$%s", t->name);
1301                 for (s=samsync_state->secrets; s; s=s->next) {
1302                         if (strcasecmp_m(s->name, secret_name) == 0) {
1303                                 NTSTATUS nt_status;
1304                                 struct samr_Password nt_hash;
1305                                 mdfour(nt_hash.hash, s->secret.data, s->secret.length);
1306                                 
1307                                 printf("Checking password for %s\\%s\n", t->name, username);
1308                                 nt_status = test_SamLogon(samsync_state->p_netlogon_wksta, trustdom_ctx, samsync_state->creds_netlogon_wksta, 
1309                                                           t->name,
1310                                                           username, 
1311                                                           TEST_WKSTA_MACHINE_NAME,
1312                                                           NULL, 
1313                                                           &nt_hash,
1314                                                           NULL);
1315                                 if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_LOGON_SERVERS)) {
1316                                         printf("Verifiction of trust password to %s failed: %s (the trusted domain is not available)\n", 
1317                                                t->name, nt_errstr(nt_status));
1318                                         
1319                                         break;
1320                                 }
1321                                 if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
1322                                         printf("Verifiction of trust password to %s: should have failed (nologon interdomain trust account), instead: %s\n", 
1323                                                t->name, nt_errstr(nt_status));
1324                                         ret = false;
1325                                 }
1326                                 
1327                                 /* break it */
1328                                 nt_hash.hash[0]++;
1329                                 nt_status = test_SamLogon(samsync_state->p_netlogon_wksta, trustdom_ctx, samsync_state->creds_netlogon_wksta, 
1330                                                           t->name,
1331                                                           username, 
1332                                                           TEST_WKSTA_MACHINE_NAME,
1333                                                           NULL,
1334                                                           &nt_hash,
1335                                                           NULL);
1336                                 
1337                                 if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD)) {
1338                                         printf("Verifiction of trust password to %s: should have failed (wrong password), instead: %s\n", 
1339                                                t->name, nt_errstr(nt_status));
1340                                         ret = false;
1341                                 }
1342                                 
1343                                 break;
1344                         }
1345                 }
1346         }
1347         talloc_free(trustdom_ctx);
1348         return ret;
1349 }
1350 
1351 
1352 /*
1353   try a netlogon DatabaseDeltas
1354 */
1355 static bool test_DatabaseDeltas(struct samsync_state *samsync_state, TALLOC_CTX *mem_ctx)
     /* [<][>][^][v][top][bottom][index][help] */
1356 {
1357         NTSTATUS status;
1358         TALLOC_CTX *loop_ctx;
1359         struct netr_DatabaseDeltas r;
1360         struct netr_Authenticator credential;
1361         struct netr_Authenticator return_authenticator;
1362         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1363         const uint32_t database_ids[] = {0, 1, 2}; 
1364         int i;
1365         bool ret = true;
1366 
1367         ZERO_STRUCT(return_authenticator);
1368 
1369         r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(samsync_state->p));
1370         r.in.computername = TEST_MACHINE_NAME;
1371         r.in.credential = &credential;
1372         r.in.preferredmaximumlength = (uint32_t)-1;
1373         r.in.return_authenticator = &return_authenticator;
1374         r.out.return_authenticator = &return_authenticator;
1375         r.out.delta_enum_array = &delta_enum_array;
1376 
1377         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1378 
1379                 uint64_t seq_num = samsync_state->seq_num[i];
1380 
1381                 r.in.database_id = database_ids[i];
1382                 r.in.sequence_num = &seq_num;
1383                 r.out.sequence_num = &seq_num;
1384 
1385                 if (seq_num == 0) continue;
1386 
1387                 /* this shows that the bdc doesn't need to do a single call for
1388                  * each seqnumber, and the pdc doesn't need to know about old values
1389                  * -- metze
1390                  */
1391                 seq_num -= 10;
1392 
1393                 printf("Testing DatabaseDeltas of id %d at %llu\n", 
1394                        r.in.database_id, (long long)seq_num);
1395 
1396                 do {
1397                         loop_ctx = talloc_named(mem_ctx, 0, "test_DatabaseDeltas loop context");
1398                         creds_client_authenticator(samsync_state->creds, &credential);
1399 
1400                         status = dcerpc_netr_DatabaseDeltas(samsync_state->p, loop_ctx, &r);
1401                         if (!NT_STATUS_IS_OK(status) &&
1402                             !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) &&
1403                             !NT_STATUS_EQUAL(status, NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
1404                                 printf("DatabaseDeltas - %s\n", nt_errstr(status));
1405                                 ret = false;
1406                         }
1407 
1408                         if (!creds_client_check(samsync_state->creds, &return_authenticator.cred)) {
1409                                 printf("Credential chaining failed\n");
1410                         }
1411 
1412                         seq_num++;
1413                         talloc_free(loop_ctx);
1414                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1415         }
1416 
1417         return ret;
1418 }
1419 
1420 
1421 /*
1422   try a netlogon DatabaseSync2
1423 */
1424 static bool test_DatabaseSync2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
     /* [<][>][^][v][top][bottom][index][help] */
1425                                struct creds_CredentialState *creds)
1426 {
1427         NTSTATUS status;
1428         TALLOC_CTX *loop_ctx;
1429         struct netr_DatabaseSync2 r;
1430         const uint32_t database_ids[] = {0, 1, 2}; 
1431         int i;
1432         bool ret = true;
1433         struct netr_Authenticator return_authenticator, credential;
1434         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1435 
1436         ZERO_STRUCT(return_authenticator);
1437 
1438         r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1439         r.in.computername = TEST_MACHINE_NAME;
1440         r.in.preferredmaximumlength = (uint32_t)-1;
1441         r.in.return_authenticator = &return_authenticator;
1442         r.out.return_authenticator = &return_authenticator;
1443         r.out.delta_enum_array = &delta_enum_array;
1444 
1445         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1446 
1447                 uint32_t sync_context = 0;
1448 
1449                 r.in.database_id = database_ids[i];
1450                 r.in.sync_context = &sync_context;
1451                 r.out.sync_context = &sync_context;
1452                 r.in.restart_state = 0;
1453 
1454                 printf("Testing DatabaseSync2 of id %d\n", r.in.database_id);
1455 
1456                 do {
1457                         loop_ctx = talloc_named(mem_ctx, 0, "test_DatabaseSync2 loop context");
1458                         creds_client_authenticator(creds, &credential);
1459 
1460                         r.in.credential = &credential;
1461 
1462                         status = dcerpc_netr_DatabaseSync2(p, loop_ctx, &r);
1463                         if (!NT_STATUS_IS_OK(status) &&
1464                             !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
1465                                 printf("DatabaseSync2 - %s\n", nt_errstr(status));
1466                                 ret = false;
1467                         }
1468 
1469                         if (!creds_client_check(creds, &r.out.return_authenticator->cred)) {
1470                                 printf("Credential chaining failed\n");
1471                         }
1472 
1473                         talloc_free(loop_ctx);
1474                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1475         }
1476 
1477         return ret;
1478 }
1479 
1480 
1481 
1482 bool torture_rpc_samsync(struct torture_context *torture)
     /* [<][>][^][v][top][bottom][index][help] */
1483 {
1484         NTSTATUS status;
1485         TALLOC_CTX *mem_ctx;
1486         bool ret = true;
1487         struct test_join *join_ctx;
1488         struct test_join *join_ctx2;
1489         struct test_join *user_ctx;
1490         const char *machine_password;
1491         const char *wksta_machine_password;
1492         struct dcerpc_binding *b;
1493         struct dcerpc_binding *b_netlogon_wksta;
1494         struct samr_Connect c;
1495         struct samr_SetDomainInfo s;
1496         struct policy_handle *domain_policy;
1497 
1498         struct lsa_ObjectAttribute attr;
1499         struct lsa_QosInfo qos;
1500         struct lsa_OpenPolicy2 r;
1501         struct cli_credentials *credentials;
1502         struct cli_credentials *credentials_wksta;
1503 
1504         struct samsync_state *samsync_state;
1505 
1506         char *test_machine_account;
1507 
1508         char *test_wksta_machine_account;
1509 
1510         mem_ctx = talloc_init("torture_rpc_netlogon");
1511         
1512         test_machine_account = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
1513         join_ctx = torture_create_testuser(torture, test_machine_account, 
1514                                            lp_workgroup(torture->lp_ctx), ACB_SVRTRUST, 
1515                                            &machine_password);
1516         if (!join_ctx) {
1517                 talloc_free(mem_ctx);
1518                 printf("Failed to join as BDC\n");
1519                 return false;
1520         }
1521         
1522         test_wksta_machine_account = talloc_asprintf(mem_ctx, "%s$", TEST_WKSTA_MACHINE_NAME);
1523         join_ctx2 = torture_create_testuser(torture, test_wksta_machine_account, lp_workgroup(torture->lp_ctx), ACB_WSTRUST, &wksta_machine_password);
1524         if (!join_ctx2) {
1525                 talloc_free(mem_ctx);
1526                 printf("Failed to join as member\n");
1527                 return false;
1528         }
1529         
1530         user_ctx = torture_create_testuser(torture, TEST_USER_NAME,
1531                                            lp_workgroup(torture->lp_ctx),
1532                                            ACB_NORMAL, NULL);
1533         if (!user_ctx) {
1534                 talloc_free(mem_ctx);
1535                 printf("Failed to create test account\n");
1536                 return false;
1537         }
1538 
1539         samsync_state = talloc_zero(mem_ctx, struct samsync_state);
1540 
1541         samsync_state->p_samr = torture_join_samr_pipe(join_ctx);
1542         samsync_state->connect_handle = talloc_zero(samsync_state, struct policy_handle);
1543         samsync_state->lsa_handle = talloc_zero(samsync_state, struct policy_handle);
1544         c.in.system_name = NULL;
1545         c.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1546         c.out.connect_handle = samsync_state->connect_handle;
1547 
1548         status = dcerpc_samr_Connect(samsync_state->p_samr, mem_ctx, &c);
1549         if (!NT_STATUS_IS_OK(status)) {
1550                 printf("samr_Connect failed\n");
1551                 ret = false;
1552                 goto failed;
1553         }
1554 
1555         domain_policy = samsync_open_domain(mem_ctx, samsync_state, lp_workgroup(torture->lp_ctx), NULL);
1556         if (!domain_policy) {
1557                 printf("samrsync_open_domain failed\n");
1558                 ret = false;
1559                 goto failed;
1560         }
1561         
1562         s.in.domain_handle = domain_policy;
1563         s.in.level = 4;
1564         s.in.info = talloc(mem_ctx, union samr_DomainInfo);
1565         
1566         s.in.info->oem.oem_information.string
1567                 = talloc_asprintf(mem_ctx, 
1568                                   "Tortured by Samba4: %s", 
1569                                   timestring(mem_ctx, time(NULL)));
1570         status = dcerpc_samr_SetDomainInfo(samsync_state->p_samr, mem_ctx, &s);
1571 
1572         if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, domain_policy)) {
1573                 ret = false;
1574                 goto failed;
1575         }
1576 
1577         if (!NT_STATUS_IS_OK(status)) {
1578                 printf("SetDomainInfo level %u failed - %s\n", 
1579                        s.in.level, nt_errstr(status));
1580                 ret = false;
1581                 goto failed;
1582         }
1583         
1584 
1585         status = torture_rpc_connection(torture,
1586                                         &samsync_state->p_lsa, 
1587                                         &ndr_table_lsarpc);
1588 
1589         if (!NT_STATUS_IS_OK(status)) {
1590                 ret = false;
1591                 goto failed;
1592         }
1593 
1594         qos.len = 0;
1595         qos.impersonation_level = 2;
1596         qos.context_mode = 1;
1597         qos.effective_only = 0;
1598 
1599         attr.len = 0;
1600         attr.root_dir = NULL;
1601         attr.object_name = NULL;
1602         attr.attributes = 0;
1603         attr.sec_desc = NULL;
1604         attr.sec_qos = &qos;
1605 
1606         r.in.system_name = "\\";
1607         r.in.attr = &attr;
1608         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1609         r.out.handle = samsync_state->lsa_handle;
1610 
1611         status = dcerpc_lsa_OpenPolicy2(samsync_state->p_lsa, mem_ctx, &r);
1612         if (!NT_STATUS_IS_OK(status)) {
1613                 printf("OpenPolicy2 failed - %s\n", nt_errstr(status));
1614                 ret = false;
1615                 goto failed;
1616         }
1617 
1618         status = torture_rpc_binding(torture, &b);
1619         if (!NT_STATUS_IS_OK(status)) {
1620                 ret = false;
1621                 goto failed;
1622         }
1623 
1624         b->flags &= ~DCERPC_AUTH_OPTIONS;
1625         b->flags |= DCERPC_SCHANNEL | DCERPC_SIGN;
1626 
1627         credentials = cli_credentials_init(mem_ctx);
1628 
1629         cli_credentials_set_workstation(credentials, TEST_MACHINE_NAME, CRED_SPECIFIED);
1630         cli_credentials_set_domain(credentials, lp_workgroup(torture->lp_ctx), CRED_SPECIFIED);
1631         cli_credentials_set_username(credentials, test_machine_account, CRED_SPECIFIED);
1632         cli_credentials_set_password(credentials, machine_password, CRED_SPECIFIED);
1633         cli_credentials_set_secure_channel_type(credentials,
1634                                                 SEC_CHAN_BDC);
1635 
1636         status = dcerpc_pipe_connect_b(samsync_state,
1637                                        &samsync_state->p, b, 
1638                                            &ndr_table_netlogon,
1639                                        credentials, torture->ev, torture->lp_ctx);
1640         
1641         if (!NT_STATUS_IS_OK(status)) {
1642                 printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
1643                 ret = false;
1644                 goto failed;
1645         }
1646 
1647         status = dcerpc_schannel_creds(samsync_state->p->conn->security_state.generic_state, 
1648                                        samsync_state, &samsync_state->creds);
1649         if (!NT_STATUS_IS_OK(status)) {
1650                 ret = false;
1651         }
1652 
1653 
1654 
1655         status = torture_rpc_binding(torture, &b_netlogon_wksta);
1656         if (!NT_STATUS_IS_OK(status)) {
1657                 ret = false;
1658                 goto failed;
1659         }
1660 
1661         b_netlogon_wksta->flags &= ~DCERPC_AUTH_OPTIONS;
1662         b_netlogon_wksta->flags |= DCERPC_SCHANNEL | DCERPC_SIGN;
1663 
1664         credentials_wksta = cli_credentials_init(mem_ctx);
1665 
1666         cli_credentials_set_workstation(credentials_wksta, TEST_WKSTA_MACHINE_NAME, CRED_SPECIFIED);
1667         cli_credentials_set_domain(credentials_wksta, lp_workgroup(torture->lp_ctx), CRED_SPECIFIED);
1668         cli_credentials_set_username(credentials_wksta, test_wksta_machine_account, CRED_SPECIFIED);
1669         cli_credentials_set_password(credentials_wksta, wksta_machine_password, CRED_SPECIFIED);
1670         cli_credentials_set_secure_channel_type(credentials_wksta,
1671                                                 SEC_CHAN_WKSTA);
1672 
1673         status = dcerpc_pipe_connect_b(samsync_state, 
1674                                        &samsync_state->p_netlogon_wksta, 
1675                                        b_netlogon_wksta, 
1676                                            &ndr_table_netlogon,
1677                                        credentials_wksta, torture->ev, torture->lp_ctx);
1678 
1679         if (!NT_STATUS_IS_OK(status)) {
1680                 printf("Failed to connect to server as a Workstation: %s\n", nt_errstr(status));
1681                 ret = false;
1682                 goto failed;
1683         }
1684 
1685         status = dcerpc_schannel_creds(samsync_state->p_netlogon_wksta->conn->security_state.generic_state, 
1686                                        samsync_state, &samsync_state->creds_netlogon_wksta);
1687         if (!NT_STATUS_IS_OK(status)) {
1688                 printf("Failed to obtail schanel creds!\n");
1689                 ret = false;
1690         }
1691 
1692         if (!test_DatabaseSync(torture, samsync_state, mem_ctx)) {
1693                 printf("DatabaseSync failed\n");
1694                 ret = false;
1695         }
1696 
1697         if (!test_DatabaseDeltas(samsync_state, mem_ctx)) {
1698                 printf("DatabaseDeltas failed\n");
1699                 ret = false;
1700         }
1701 
1702         if (!test_DatabaseSync2(samsync_state->p, mem_ctx, samsync_state->creds)) {
1703                 printf("DatabaseSync2 failed\n");
1704                 ret = false;
1705         }
1706 failed:
1707 
1708         torture_leave_domain(torture, join_ctx);
1709         torture_leave_domain(torture, join_ctx2);
1710         torture_leave_domain(torture, user_ctx);
1711 
1712         talloc_free(mem_ctx);
1713 
1714         return ret;
1715 }

/* [<][>][^][v][top][bottom][index][help] */