search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ctdb-scripts: Support storing statd-callout state in cluster filesystem
[samba4-gss.git] / source4 / torture / rpc / bind.c
blob84f44e514c581169107fe9af59a2e853fc10589f
1 /*
2 Unix SMB/CIFS implementation.
3 test suite for rpc bind operations
4
5 Copyright (C) Guenther Deschner 2010
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 #include "includes.h"
23 #include "torture/rpc/torture_rpc.h"
24 #include "librpc/gen_ndr/ndr_lsa_c.h"
25 #include "librpc/gen_ndr/ndr_epmapper_c.h"
26 #include "lib/cmdline/cmdline.h"
27
28 static bool test_openpolicy(struct torture_context *tctx,
29 struct dcerpc_pipe *p)
30 {
31 struct dcerpc_binding_handle *b = p->binding_handle;
32 struct policy_handle *handle;
33
34 torture_assert(tctx,
35 test_lsa_OpenPolicy2(b, tctx, &handle),
36 "failed to open policy");
37
38 torture_assert(tctx,
39 test_lsa_Close(b, tctx, handle),
40 "failed to close policy");
41
42 return true;
43 }
44
45 static bool test_bind(struct torture_context *tctx,
46 const void *private_data)
47 {
48 struct dcerpc_binding *binding;
49 struct dcerpc_pipe *p;
50 NTSTATUS status;
51 const uint32_t *flags = (const uint32_t *)private_data;
52
53 torture_assert_ntstatus_ok(tctx,
54 torture_rpc_binding(tctx, &binding),
55 "failed to parse binding string");
56
57 status = dcerpc_binding_set_flags(binding, *flags, DCERPC_AUTH_OPTIONS);
58 torture_assert_ntstatus_ok(tctx, status, "set flags");
59
60 torture_assert_ntstatus_ok(tctx,
61 dcerpc_pipe_connect_b(tctx, &p, binding,
62 &ndr_table_lsarpc,
63 samba_cmdline_get_creds(),
64 tctx->ev,
65 tctx->lp_ctx),
66 "failed to connect pipe");
67
68 torture_assert(tctx,
69 test_openpolicy(tctx, p),
70 "failed to test openpolicy");
71
72 talloc_free(p);
73
74 return true;
75 }
76
77 /**
78 * Verifies a handle created in a connection is available on
79 * a second connection when the same association group is
80 * requested in the bind operation. The LSA interface can't be
81 * used because it runs in preforking mode in the selftests.
82 * Association groups should work when binding to interfaces
83 * running in the same process.
84 */
85 static bool test_assoc_group_handles_external(struct torture_context *tctx,
86 const void *private_data)
87 {
88 struct dcerpc_binding *binding1 = NULL;
89 const struct dcerpc_binding *bd1 = NULL;
90 struct dcerpc_binding *binding2 = NULL;
91 struct dcerpc_pipe *p1 = NULL;
92 struct dcerpc_pipe *p2 = NULL;
93 struct epm_Lookup r;
94 struct epm_LookupHandleFree f;
95 struct policy_handle handle;
96 uint32_t assoc_group_id;
97 uint32_t num_ents = 0;
98
99 ZERO_STRUCT(handle);
100
101 /* Open first pipe and open a policy handle */
102 torture_assert_ntstatus_ok(tctx,
103 torture_rpc_binding(tctx, &binding1),
104 "failed to parse binding string");
105 dcerpc_binding_set_transport(binding1, NCACN_IP_TCP);
106 dcerpc_binding_set_string_option(binding1, "endpoint", "135");
107
108 torture_assert_ntstatus_ok(tctx,
109 dcerpc_pipe_connect_b(tctx, &p1, binding1,
110 &ndr_table_epmapper,
111 samba_cmdline_get_creds(),
112 tctx->ev,
113 tctx->lp_ctx),
114 "failed to connect first pipe");
115
116 r.in.inquiry_type = RPC_C_EP_ALL_ELTS;
117 r.in.object = NULL;
118 r.in.interface_id = NULL;
119 r.in.vers_option = RPC_C_VERS_ALL;
120
121 r.in.entry_handle = &handle;
122 r.in.max_ents = 1;
123
124 r.out.entry_handle = &handle;
125 r.out.num_ents = &num_ents;
126
127 torture_assert_ntstatus_ok(tctx,
128 dcerpc_epm_Lookup_r(p1->binding_handle, tctx, &r),
129 "failed EPM Lookup");
130 torture_assert_int_equal(tctx,
131 r.out.result,
132 EPMAPPER_STATUS_OK,
133 "failed EPM Lookup");
134
135 /* Open second pipe, different association group. Handle not found */
136 torture_assert_ntstatus_ok(tctx,
137 torture_rpc_binding(tctx, &binding2),
138 "failed to parse binding string");
139 dcerpc_binding_set_transport(binding2, NCACN_IP_TCP);
140 dcerpc_binding_set_string_option(binding2, "endpoint", "135");
141
142 torture_assert_ntstatus_ok(tctx,
143 dcerpc_pipe_connect_b(tctx, &p2, binding2,
144 &ndr_table_epmapper,
145 samba_cmdline_get_creds(),
146 tctx->ev,
147 tctx->lp_ctx),
148 "failed to connect second pipe");
149
150 torture_assert_ntstatus_equal(tctx,
151 dcerpc_epm_Lookup_r(p2->binding_handle, tctx, &r),
152 NT_STATUS_RPC_SS_CONTEXT_MISMATCH,
153 "Unexpected EPM Lookup success");
154
155 /* Open second pipe, same association group. Handle is found */
156 bd1 = dcerpc_binding_handle_get_binding(p1->binding_handle);
157 assoc_group_id = dcerpc_binding_get_assoc_group_id(bd1);
158 dcerpc_binding_set_assoc_group_id(binding2, assoc_group_id);
159
160 TALLOC_FREE(p2);
161 torture_assert_ntstatus_ok(tctx,
162 dcerpc_pipe_connect_b(tctx, &p2, binding2,
163 &ndr_table_epmapper,
164 samba_cmdline_get_creds(),
165 tctx->ev,
166 tctx->lp_ctx),
167 "failed to connect second pipe");
168
169 torture_assert_ntstatus_ok(tctx,
170 dcerpc_epm_Lookup_r(p2->binding_handle, tctx, &r),
171 "failed EPM Lookup");
172
173 torture_assert_int_equal(tctx,
174 r.out.result,
175 EPMAPPER_STATUS_OK,
176 "failed EPM Lookup");
177
178 /* Cleanup */
179 f.in.entry_handle = &handle;
180 f.out.entry_handle = &handle;
181
182 torture_assert_ntstatus_ok(tctx,
183 dcerpc_epm_LookupHandleFree_r(p1->binding_handle, tctx, &f),
184 "failed EPM LookupHandleFree");
185
186 torture_assert_int_equal(tctx,
187 r.out.result,
188 EPMAPPER_STATUS_OK,
189 "failed EPM LookupHandleFree");
190
191 TALLOC_FREE(p1);
192 TALLOC_FREE(p2);
193 TALLOC_FREE(binding2);
194 TALLOC_FREE(binding1);
195
196 return true;
197 }
198
199 static void test_bind_op(struct torture_suite *suite,
200 const char *name,
201 uint32_t flags)
202 {
203 uint32_t *flags_p = talloc(suite, uint32_t);
204
205 *flags_p = flags;
206
207 torture_suite_add_simple_tcase_const(suite, name, test_bind, flags_p);
208 }
209
210
211 struct torture_suite *torture_rpc_bind(TALLOC_CTX *mem_ctx)
212 {
213 struct torture_suite *suite = torture_suite_create(mem_ctx, "bind");
214 struct {
215 const char *test_name;
216 uint32_t flags;
217 } tests[] = {
218 {
219 .test_name = "ntlm,sign",
220 .flags = DCERPC_AUTH_NTLM | DCERPC_SIGN
221 },{
222 .test_name = "ntlm,sign,seal",
223 .flags = DCERPC_AUTH_NTLM | DCERPC_SIGN | DCERPC_SEAL
224 },{
225 .test_name = "spnego,sign",
226 .flags = DCERPC_AUTH_SPNEGO | DCERPC_SIGN
227 },{
228 .test_name = "spnego,sign,seal",
229 .flags = DCERPC_AUTH_SPNEGO | DCERPC_SIGN | DCERPC_SEAL
230 }
231 };
232 int i;
233
234 for (i=0; i < ARRAY_SIZE(tests); i++) {
235 test_bind_op(suite, tests[i].test_name, tests[i].flags);
236 }
237 for (i=0; i < ARRAY_SIZE(tests); i++) {
238 test_bind_op(suite, talloc_asprintf(suite, "bigendian,%s", tests[i].test_name), tests[i].flags | DCERPC_PUSH_BIGENDIAN);
239 }
240
241 torture_suite_add_simple_tcase_const(suite,
242 "assoc_group_handles_external",
243 test_assoc_group_handles_external,
244 NULL);
245
246 return suite;
247 }
GSS-enabled samba4