root/source4/torture/libnet/libnet_group.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. test_cleanup
  2. test_creategroup
  3. test_opendomain
  4. test_samr_close
  5. test_lsa_close
  6. torture_groupinfo_api
  7. torture_grouplist
  8. torture_creategroup

   1 /* 
   2    Unix SMB/CIFS implementation.
   3    Test suite for libnet calls.
   4 
   5    Copyright (C) Rafal Szczesniak  2007
   6    
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 3 of the License, or
  10    (at your option) any later version.
  11    
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16    
  17    You should have received a copy of the GNU General Public License
  18    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19 */
  20 
  21 
  22 #include "includes.h"
  23 #include "lib/cmdline/popt_common.h"
  24 #include "libnet/libnet.h"
  25 #include "librpc/gen_ndr/ndr_samr_c.h"
  26 #include "librpc/gen_ndr/ndr_lsa_c.h"
  27 #include "torture/torture.h"
  28 #include "torture/rpc/rpc.h"
  29 #include "param/param.h"
  30 
  31 
  32 #define TEST_GROUPNAME  "libnetgrouptest"
  33 
  34 
  35 static bool test_cleanup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
  36                          struct policy_handle *domain_handle, const char *groupname)
  37 {
  38         NTSTATUS status;
  39         struct samr_LookupNames r1;
  40         struct samr_OpenGroup r2;
  41         struct samr_DeleteDomainGroup r3;
  42         struct lsa_String names[2];
  43         uint32_t rid;
  44         struct policy_handle group_handle;
  45         struct samr_Ids rids, types;
  46 
  47         names[0].string = groupname;
  48 
  49         r1.in.domain_handle  = domain_handle;
  50         r1.in.num_names      = 1;
  51         r1.in.names          = names;
  52         r1.out.rids          = &rids;
  53         r1.out.types         = &types;
  54         
  55         printf("group account lookup '%s'\n", groupname);
  56 
  57         status = dcerpc_samr_LookupNames(p, mem_ctx, &r1);
  58         if (!NT_STATUS_IS_OK(status)) {
  59                 printf("LookupNames failed - %s\n", nt_errstr(status));
  60                 return false;
  61         }
  62 
  63         rid = r1.out.rids->ids[0];
  64         
  65         r2.in.domain_handle  = domain_handle;
  66         r2.in.access_mask    = SEC_FLAG_MAXIMUM_ALLOWED;
  67         r2.in.rid            = rid;
  68         r2.out.group_handle  = &group_handle;
  69 
  70         printf("opening group account\n");
  71 
  72         status = dcerpc_samr_OpenGroup(p, mem_ctx, &r2);
  73         if (!NT_STATUS_IS_OK(status)) {
  74                 printf("OpenGroup failed - %s\n", nt_errstr(status));
  75                 return false;
  76         }
  77 
  78         r3.in.group_handle  = &group_handle;
  79         r3.out.group_handle = &group_handle;
  80 
  81         printf("deleting group account\n");
  82         
  83         status = dcerpc_samr_DeleteDomainGroup(p, mem_ctx, &r3);
  84         if (!NT_STATUS_IS_OK(status)) {
  85                 printf("DeleteGroup failed - %s\n", nt_errstr(status));
  86                 return false;
  87         }
  88 
  89         return true;
  90 }
  91 
  92 
  93 static bool test_creategroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
  94                              struct policy_handle *handle, const char *name)
  95 {
  96         NTSTATUS status;
  97         struct lsa_String groupname;
  98         struct samr_CreateDomainGroup r;
  99         struct policy_handle group_handle;
 100         uint32_t group_rid;
 101         
 102         groupname.string = name;
 103         
 104         r.in.domain_handle  = handle;
 105         r.in.name           = &groupname;
 106         r.in.access_mask    = SEC_FLAG_MAXIMUM_ALLOWED;
 107         r.out.group_handle  = &group_handle;
 108         r.out.rid           = &group_rid;
 109 
 110         printf("creating group account %s\n", name);
 111 
 112         status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
 113         if (!NT_STATUS_IS_OK(status)) {
 114                 printf("CreateGroup failed - %s\n", nt_errstr(status));
 115 
 116                 if (NT_STATUS_EQUAL(status, NT_STATUS_GROUP_EXISTS)) {
 117                         printf("Group (%s) already exists - attempting to delete and recreate group again\n", name);
 118                         if (!test_cleanup(p, mem_ctx, handle, TEST_GROUPNAME)) {
 119                                 return false;
 120                         }
 121 
 122                         printf("creating group account\n");
 123                         
 124                         status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
 125                         if (!NT_STATUS_IS_OK(status)) {
 126                                 printf("CreateGroup failed - %s\n", nt_errstr(status));
 127                                 return false;
 128                         }
 129                         return true;
 130                 }
 131                 return false;
 132         }
 133 
 134         return true;
 135 }
 136 
 137 
 138 static bool test_opendomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 139                             struct policy_handle *handle, struct lsa_String *domname)
 140 {
 141         NTSTATUS status;
 142         struct policy_handle h, domain_handle;
 143         struct samr_Connect r1;
 144         struct samr_LookupDomain r2;
 145         struct dom_sid2 *sid = NULL;
 146         struct samr_OpenDomain r3;
 147         
 148         printf("connecting\n");
 149         
 150         r1.in.system_name = 0;
 151         r1.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 152         r1.out.connect_handle = &h;
 153         
 154         status = dcerpc_samr_Connect(p, mem_ctx, &r1);
 155         if (!NT_STATUS_IS_OK(status)) {
 156                 printf("Connect failed - %s\n", nt_errstr(status));
 157                 return false;
 158         }
 159         
 160         r2.in.connect_handle = &h;
 161         r2.in.domain_name = domname;
 162         r2.out.sid = &sid;
 163 
 164         printf("domain lookup on %s\n", domname->string);
 165 
 166         status = dcerpc_samr_LookupDomain(p, mem_ctx, &r2);
 167         if (!NT_STATUS_IS_OK(status)) {
 168                 printf("LookupDomain failed - %s\n", nt_errstr(status));
 169                 return false;
 170         }
 171 
 172         r3.in.connect_handle = &h;
 173         r3.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 174         r3.in.sid = *r2.out.sid;
 175         r3.out.domain_handle = &domain_handle;
 176 
 177         printf("opening domain\n");
 178 
 179         status = dcerpc_samr_OpenDomain(p, mem_ctx, &r3);
 180         if (!NT_STATUS_IS_OK(status)) {
 181                 printf("OpenDomain failed - %s\n", nt_errstr(status));
 182                 return false;
 183         } else {
 184                 *handle = domain_handle;
 185         }
 186 
 187         return true;
 188 }
 189 
 190 
 191 static bool test_samr_close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 192                             struct policy_handle *domain_handle)
 193 {
 194         NTSTATUS status;
 195         struct samr_Close r;
 196   
 197         r.in.handle = domain_handle;
 198         r.out.handle = domain_handle;
 199 
 200         status = dcerpc_samr_Close(p, mem_ctx, &r);
 201         if (!NT_STATUS_IS_OK(status)) {
 202                 printf("Close samr domain failed - %s\n", nt_errstr(status));
 203                 return false;
 204         }
 205         
 206         return true;
 207 }
 208 
 209 
 210 static bool test_lsa_close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 211                            struct policy_handle *domain_handle)
 212 {
 213         NTSTATUS status;
 214         struct lsa_Close r;
 215 
 216         r.in.handle = domain_handle;
 217         r.out.handle = domain_handle;
 218         
 219         status = dcerpc_lsa_Close(p, mem_ctx, &r);
 220         if (!NT_STATUS_IS_OK(status)) {
 221                 printf("Close lsa domain failed - %s\n", nt_errstr(status));
 222                 return false;
 223         }
 224 
 225         return true;
 226 }
 227 
 228 
 229 bool torture_groupinfo_api(struct torture_context *torture)
     /* [<][>][^][v][top][bottom][index][help] */
 230 {
 231         const char *name = TEST_GROUPNAME;
 232         bool ret = true;
 233         NTSTATUS status;
 234         TALLOC_CTX *mem_ctx = NULL, *prep_mem_ctx;
 235         struct libnet_context *ctx;
 236         struct dcerpc_pipe *p;
 237         struct policy_handle h;
 238         struct lsa_String domain_name;
 239         struct libnet_GroupInfo req;
 240 
 241         prep_mem_ctx = talloc_init("prepare torture group info");
 242 
 243         ctx = libnet_context_init(torture->ev, torture->lp_ctx);
 244         ctx->cred = cmdline_credentials;
 245 
 246         status = torture_rpc_connection(torture,
 247                                         &p,
 248                                         &ndr_table_samr);
 249         if (!NT_STATUS_IS_OK(status)) {
 250                 return false;
 251         }
 252 
 253         domain_name.string = lp_workgroup(torture->lp_ctx);
 254         if (!test_opendomain(p, prep_mem_ctx, &h, &domain_name)) {
 255                 ret = false;
 256                 goto done;
 257         }
 258 
 259         if (!test_creategroup(p, prep_mem_ctx, &h, name)) {
 260                 ret = false;
 261                 goto done;
 262         }
 263 
 264         mem_ctx = talloc_init("torture group info");
 265 
 266         ZERO_STRUCT(req);
 267 
 268         req.in.domain_name = domain_name.string;
 269         req.in.level = GROUP_INFO_BY_NAME;
 270         req.in.data.group_name = name;
 271 
 272         status = libnet_GroupInfo(ctx, mem_ctx, &req);
 273         if (!NT_STATUS_IS_OK(status)) {
 274                 printf("libnet_GroupInfo call failed: %s\n", nt_errstr(status));
 275                 ret = false;
 276                 talloc_free(mem_ctx);
 277                 goto done;
 278         }
 279 
 280         if (!test_cleanup(ctx->samr.pipe, mem_ctx, &ctx->samr.handle, TEST_GROUPNAME)) {
 281                 printf("cleanup failed\n");
 282                 ret = false;
 283                 goto done;
 284         }
 285 
 286         if (!test_samr_close(ctx->samr.pipe, mem_ctx, &ctx->samr.handle)) {
 287                 printf("domain close failed\n");
 288                 ret = false;
 289         }
 290 
 291         talloc_free(ctx);
 292 
 293 done:
 294         talloc_free(mem_ctx);
 295         return ret;
 296 }
 297 
 298 
 299 bool torture_grouplist(struct torture_context *torture)
     /* [<][>][^][v][top][bottom][index][help] */
 300 {
 301         bool ret = true;
 302         NTSTATUS status;
 303         TALLOC_CTX *mem_ctx = NULL;
 304         struct libnet_context *ctx;
 305         struct lsa_String domain_name;
 306         struct libnet_GroupList req;
 307         int i;
 308 
 309         ctx = libnet_context_init(torture->ev, torture->lp_ctx);
 310         ctx->cred = cmdline_credentials;
 311 
 312         domain_name.string = lp_workgroup(torture->lp_ctx);
 313         mem_ctx = talloc_init("torture group list");
 314 
 315         ZERO_STRUCT(req);
 316 
 317         printf("listing group accounts:\n");
 318         
 319         do {
 320                 req.in.domain_name  = domain_name.string;
 321                 req.in.page_size    = 128;
 322                 req.in.resume_index = req.out.resume_index;
 323 
 324                 status = libnet_GroupList(ctx, mem_ctx, &req);
 325                 if (!NT_STATUS_IS_OK(status) &&
 326                     !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) break;
 327 
 328                 for (i = 0; i < req.out.count; i++) {
 329                         printf("\tgroup: %s, sid=%s\n",
 330                                req.out.groups[i].groupname, req.out.groups[i].sid);
 331                 }
 332 
 333         } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
 334 
 335         if (!(NT_STATUS_IS_OK(status) ||
 336               NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES))) {
 337                 printf("libnet_GroupList call failed: %s\n", nt_errstr(status));
 338                 ret = false;
 339                 goto done;
 340         }
 341 
 342         if (!test_samr_close(ctx->samr.pipe, mem_ctx, &ctx->samr.handle)) {
 343                 printf("domain close failed\n");
 344                 ret = false;
 345         }
 346 
 347         if (!test_lsa_close(ctx->lsa.pipe, mem_ctx, &ctx->lsa.handle)) {
 348                 printf("lsa domain close failed\n");
 349                 ret = false;
 350         }
 351 
 352         talloc_free(ctx);
 353 
 354 done:
 355         talloc_free(mem_ctx);
 356         return ret;
 357 }
 358 
 359 
 360 bool torture_creategroup(struct torture_context *torture)
     /* [<][>][^][v][top][bottom][index][help] */
 361 {
 362         bool ret = true;
 363         NTSTATUS status;
 364         TALLOC_CTX *mem_ctx = NULL;
 365         struct libnet_context *ctx;
 366         struct libnet_CreateGroup req;
 367 
 368         mem_ctx = talloc_init("test_creategroup");
 369 
 370         ctx = libnet_context_init(torture->ev, torture->lp_ctx);
 371         ctx->cred = cmdline_credentials;
 372 
 373         req.in.group_name = TEST_GROUPNAME;
 374         req.in.domain_name = lp_workgroup(torture->lp_ctx);
 375         req.out.error_string = NULL;
 376 
 377         status = libnet_CreateGroup(ctx, mem_ctx, &req);
 378         if (!NT_STATUS_IS_OK(status)) {
 379                 printf("libnet_CreateGroup call failed: %s\n", nt_errstr(status));
 380                 ret = false;
 381                 goto done;
 382         }
 383 
 384         if (!test_cleanup(ctx->samr.pipe, mem_ctx, &ctx->samr.handle, TEST_GROUPNAME)) {
 385                 printf("cleanup failed\n");
 386                 ret = false;
 387                 goto done;
 388         }
 389 
 390         if (!test_samr_close(ctx->samr.pipe, mem_ctx, &ctx->samr.handle)) {
 391                 printf("domain close failed\n");
 392                 ret = false;
 393         }
 394 
 395 done:
 396         talloc_free(ctx);
 397         talloc_free(mem_ctx);
 398         return ret;
 399 }

/* [<][>][^][v][top][bottom][index][help] */