search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ctdb-scripts: Improve update and listing code
[samba4-gss.git] / python / samba / tests / dcerpc / raw_protocol.py
blob815db6d01d13d99ecf2532c01ddc295b553b2dc6
1 #!/usr/bin/env python3
2 # Unix SMB/CIFS implementation.
3 # Copyright (C) Stefan Metzmacher 2014,2015
4 #
5 # This program is free software; you can redistribute it and/or modify
6 # it under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
9 #
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License
16 # along with this program. If not, see <http://www.gnu.org/licenses/>.
17 #
18
19 import sys
20 import os
21 import time
22
23 sys.path.insert(0, "bin/python")
24 os.environ["PYTHONUNBUFFERED"] = "1"
25
26 import samba.dcerpc.dcerpc as dcerpc
27 import samba.dcerpc.base as base
28 import samba.dcerpc.misc as misc
29 import samba.dcerpc.epmapper
30 import samba.dcerpc.mgmt
31 import samba.dcerpc.netlogon
32 import samba.dcerpc.lsa
33 import samba.dcerpc.schannel as schannel
34 import struct
35 from samba import gensec
36 from samba.tests.dcerpc.raw_testcase import RawDCERPCTest
37 from samba.tests import DynamicTestCase
38 from samba.ntstatus import (
39 NT_STATUS_SUCCESS
40 )
41
42 global_ndr_print = False
43 global_hexdump = False
44
45
46 @DynamicTestCase
47 class TestDCERPC_BIND(RawDCERPCTest):
48
49 def setUp(self):
50 super().setUp()
51 self.do_ndr_print = global_ndr_print
52 self.do_hexdump = global_hexdump
53
54 @classmethod
55 def setUpDynamicTestCases(cls):
56 cls._setup_auth_pad_ignored()
57 cls._setup_test_schannel_invalid()
58 return
59
60 def _test_no_auth_request_bind_pfc_flags(self, req_pfc_flags, rep_pfc_flags):
61 ndr32 = base.transfer_syntax_ndr()
62
63 tsf1_list = [ndr32]
64 ctx1 = dcerpc.ctx_list()
65 ctx1.context_id = 1
66 ctx1.num_transfer_syntaxes = len(tsf1_list)
67 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
68 ctx1.transfer_syntaxes = tsf1_list
69
70 req = self.generate_bind(call_id=0, pfc_flags=req_pfc_flags, ctx_list=[ctx1])
71 self.send_pdu(req)
72 rep = self.recv_pdu()
73 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
74 pfc_flags=rep_pfc_flags, auth_length=0)
75 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
76 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
77 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
78 self.assertEqual(rep.u.secondary_address_size, 4)
79 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
80 self.assertPadding(rep.u._pad1, 2)
81 self.assertEqual(rep.u.num_results, 1)
82 self.assertEqual(rep.u.ctx_list[0].result,
83 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
84 self.assertEqual(rep.u.ctx_list[0].reason,
85 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
86 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
87 self.assertEqual(rep.u.auth_info, b'\0' * 0)
88
89 # And now try a request
90 req = self.generate_request(call_id=1,
91 context_id=ctx1.context_id,
92 opnum=0,
93 stub=b"")
94 self.send_pdu(req)
95 rep = self.recv_pdu()
96 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
97 auth_length=0)
98 self.assertNotEqual(rep.u.alloc_hint, 0)
99 self.assertEqual(rep.u.context_id, req.u.context_id)
100 self.assertEqual(rep.u.cancel_count, 0)
101 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
102
103 def _test_no_auth_request_alter_pfc_flags(self, req_pfc_flags, rep_pfc_flags):
104 ndr32 = base.transfer_syntax_ndr()
105
106 tsf1_list = [ndr32]
107 ctx1 = dcerpc.ctx_list()
108 ctx1.context_id = 1
109 ctx1.num_transfer_syntaxes = len(tsf1_list)
110 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
111 ctx1.transfer_syntaxes = tsf1_list
112
113 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
114 self.send_pdu(req)
115 rep = self.recv_pdu()
116 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
117 auth_length=0)
118 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
119 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
120 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
121 self.assertEqual(rep.u.secondary_address_size, 4)
122 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
123 self.assertPadding(rep.u._pad1, 2)
124 self.assertEqual(rep.u.num_results, 1)
125 self.assertEqual(rep.u.ctx_list[0].result,
126 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
127 self.assertEqual(rep.u.ctx_list[0].reason,
128 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
129 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
130 self.assertEqual(rep.u.auth_info, b'\0' * 0)
131
132 # And now try a alter context
133 req = self.generate_alter(call_id=0, pfc_flags=req_pfc_flags, ctx_list=[ctx1])
134 self.send_pdu(req)
135 rep = self.recv_pdu()
136 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
137 pfc_flags=rep_pfc_flags, auth_length=0)
138 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
139 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
140 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
141 self.assertEqual(rep.u.secondary_address_size, 0)
142 self.assertEqual(rep.u.secondary_address, "")
143 self.assertPadding(rep.u._pad1, 2)
144 self.assertEqual(rep.u.num_results, 1)
145 self.assertEqual(rep.u.ctx_list[0].result,
146 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
147 self.assertEqual(rep.u.ctx_list[0].reason,
148 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
149 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
150 self.assertEqual(rep.u.auth_info, b'\0' * 0)
151
152 # And now try a request
153 req = self.generate_request(call_id=1,
154 context_id=ctx1.context_id,
155 opnum=0,
156 stub=b"")
157 self.send_pdu(req)
158 rep = self.recv_pdu()
159 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
160 auth_length=0)
161 self.assertNotEqual(rep.u.alloc_hint, 0)
162 self.assertEqual(rep.u.context_id, req.u.context_id)
163 self.assertEqual(rep.u.cancel_count, 0)
164 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
165
166 def test_no_auth_request(self):
167 return self._test_no_auth_request_bind_pfc_flags(
168 req_pfc_flags=0 |
169 dcerpc.DCERPC_PFC_FLAG_FIRST |
170 dcerpc.DCERPC_PFC_FLAG_LAST,
171 rep_pfc_flags=0 |
172 dcerpc.DCERPC_PFC_FLAG_FIRST |
173 dcerpc.DCERPC_PFC_FLAG_LAST)
174
175 def test_no_auth_request_bind_pfc_00(self):
176 return self._test_no_auth_request_bind_pfc_flags(
177 req_pfc_flags=0 |
178 0,
179 rep_pfc_flags=0 |
180 dcerpc.DCERPC_PFC_FLAG_FIRST |
181 dcerpc.DCERPC_PFC_FLAG_LAST)
182
183 def test_no_auth_request_bind_pfc_FIRST(self):
184 return self._test_no_auth_request_bind_pfc_flags(
185 req_pfc_flags=0 |
186 dcerpc.DCERPC_PFC_FLAG_FIRST |
187 0,
188 rep_pfc_flags=0 |
189 dcerpc.DCERPC_PFC_FLAG_FIRST |
190 dcerpc.DCERPC_PFC_FLAG_LAST)
191
192 def test_no_auth_request_bind_pfc_LAST(self):
193 return self._test_no_auth_request_bind_pfc_flags(
194 req_pfc_flags=0 |
195 dcerpc.DCERPC_PFC_FLAG_LAST |
196 0,
197 rep_pfc_flags=0 |
198 dcerpc.DCERPC_PFC_FLAG_FIRST |
199 dcerpc.DCERPC_PFC_FLAG_LAST)
200
201 def test_no_auth_request_bind_pfc_HDR_SIGNING(self):
202 return self._test_no_auth_request_bind_pfc_flags(
203 req_pfc_flags=0 |
204 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN |
205 0,
206 rep_pfc_flags=0 |
207 dcerpc.DCERPC_PFC_FLAG_FIRST |
208 dcerpc.DCERPC_PFC_FLAG_LAST |
209 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
210
211 def test_no_auth_request_bind_pfc_08(self):
212 return self._test_no_auth_request_bind_pfc_flags(
213 req_pfc_flags=0 |
214 8 |
215 0,
216 rep_pfc_flags=0 |
217 dcerpc.DCERPC_PFC_FLAG_FIRST |
218 dcerpc.DCERPC_PFC_FLAG_LAST)
219
220 def test_no_auth_request_bind_pfc_CONC_MPX(self):
221 return self._test_no_auth_request_bind_pfc_flags(
222 req_pfc_flags=0 |
223 dcerpc.DCERPC_PFC_FLAG_CONC_MPX |
224 0,
225 rep_pfc_flags=0 |
226 dcerpc.DCERPC_PFC_FLAG_FIRST |
227 dcerpc.DCERPC_PFC_FLAG_LAST |
228 dcerpc.DCERPC_PFC_FLAG_CONC_MPX)
229
230 def test_no_auth_request_bind_pfc_DID_NOT_EXECUTE(self):
231 return self._test_no_auth_request_bind_pfc_flags(
232 req_pfc_flags=0 |
233 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE |
234 0,
235 rep_pfc_flags=0 |
236 dcerpc.DCERPC_PFC_FLAG_FIRST |
237 dcerpc.DCERPC_PFC_FLAG_LAST)
238
239 def test_no_auth_request_bind_pfc_MAYBE(self):
240 return self._test_no_auth_request_bind_pfc_flags(
241 req_pfc_flags=0 |
242 dcerpc.DCERPC_PFC_FLAG_MAYBE |
243 0,
244 rep_pfc_flags=0 |
245 dcerpc.DCERPC_PFC_FLAG_FIRST |
246 dcerpc.DCERPC_PFC_FLAG_LAST)
247
248 def test_no_auth_request_bind_pfc_OBJECT_UUID(self):
249 return self._test_no_auth_request_bind_pfc_flags(
250 req_pfc_flags=0 |
251 dcerpc.DCERPC_PFC_FLAG_OBJECT_UUID |
252 0,
253 rep_pfc_flags=0 |
254 dcerpc.DCERPC_PFC_FLAG_FIRST |
255 dcerpc.DCERPC_PFC_FLAG_LAST)
256
257 # TODO: doesn't announce DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
258 # without authentication
259 # TODO: doesn't announce DCERPC_PFC_FLAG_CONC_MPX
260 # by default
261 def _test_no_auth_request_bind_pfc_ff(self):
262 return self._test_no_auth_request_bind_pfc_flags(
263 req_pfc_flags=0 |
264 0xff |
265 0,
266 rep_pfc_flags=0 |
267 dcerpc.DCERPC_PFC_FLAG_FIRST |
268 dcerpc.DCERPC_PFC_FLAG_LAST |
269 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN |
270 dcerpc.DCERPC_PFC_FLAG_CONC_MPX)
271
272 def test_no_auth_request_alter_pfc_00(self):
273 return self._test_no_auth_request_alter_pfc_flags(
274 req_pfc_flags=0 |
275 0,
276 rep_pfc_flags=0 |
277 dcerpc.DCERPC_PFC_FLAG_FIRST |
278 dcerpc.DCERPC_PFC_FLAG_LAST)
279
280 def test_no_auth_request_alter_pfc_FIRST(self):
281 return self._test_no_auth_request_alter_pfc_flags(
282 req_pfc_flags=0 |
283 dcerpc.DCERPC_PFC_FLAG_FIRST |
284 0,
285 rep_pfc_flags=0 |
286 dcerpc.DCERPC_PFC_FLAG_FIRST |
287 dcerpc.DCERPC_PFC_FLAG_LAST)
288
289 def test_no_auth_request_alter_pfc_LAST(self):
290 return self._test_no_auth_request_alter_pfc_flags(
291 req_pfc_flags=0 |
292 dcerpc.DCERPC_PFC_FLAG_LAST |
293 0,
294 rep_pfc_flags=0 |
295 dcerpc.DCERPC_PFC_FLAG_FIRST |
296 dcerpc.DCERPC_PFC_FLAG_LAST)
297
298 def test_no_auth_request_alter_pfc_HDR_SIGNING(self):
299 return self._test_no_auth_request_alter_pfc_flags(
300 req_pfc_flags=0 |
301 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN |
302 0,
303 rep_pfc_flags=0 |
304 dcerpc.DCERPC_PFC_FLAG_FIRST |
305 dcerpc.DCERPC_PFC_FLAG_LAST |
306 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
307
308 def test_no_auth_request_alter_pfc_08(self):
309 return self._test_no_auth_request_alter_pfc_flags(
310 req_pfc_flags=0 |
311 8 |
312 0,
313 rep_pfc_flags=0 |
314 dcerpc.DCERPC_PFC_FLAG_FIRST |
315 dcerpc.DCERPC_PFC_FLAG_LAST)
316
317 def test_no_auth_request_alter_pfc_CONC_MPX(self):
318 return self._test_no_auth_request_alter_pfc_flags(
319 req_pfc_flags=0 |
320 dcerpc.DCERPC_PFC_FLAG_CONC_MPX |
321 0,
322 rep_pfc_flags=0 |
323 dcerpc.DCERPC_PFC_FLAG_FIRST |
324 dcerpc.DCERPC_PFC_FLAG_LAST)
325
326 def test_no_auth_request_alter_pfc_DID_NOT_EXECUTE(self):
327 return self._test_no_auth_request_alter_pfc_flags(
328 req_pfc_flags=0 |
329 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE |
330 0,
331 rep_pfc_flags=0 |
332 dcerpc.DCERPC_PFC_FLAG_FIRST |
333 dcerpc.DCERPC_PFC_FLAG_LAST)
334
335 def test_no_auth_request_alter_pfc_MAYBE(self):
336 return self._test_no_auth_request_alter_pfc_flags(
337 req_pfc_flags=0 |
338 dcerpc.DCERPC_PFC_FLAG_MAYBE |
339 0,
340 rep_pfc_flags=0 |
341 dcerpc.DCERPC_PFC_FLAG_FIRST |
342 dcerpc.DCERPC_PFC_FLAG_LAST)
343
344 def test_no_auth_request_alter_pfc_OBJECT_UUID(self):
345 return self._test_no_auth_request_alter_pfc_flags(
346 req_pfc_flags=0 |
347 dcerpc.DCERPC_PFC_FLAG_OBJECT_UUID |
348 0,
349 rep_pfc_flags=0 |
350 dcerpc.DCERPC_PFC_FLAG_FIRST |
351 dcerpc.DCERPC_PFC_FLAG_LAST)
352
353 def test_no_auth_request_alter_pfc_ff(self):
354 return self._test_no_auth_request_alter_pfc_flags(
355 req_pfc_flags=0 |
356 0xff |
357 0,
358 rep_pfc_flags=0 |
359 dcerpc.DCERPC_PFC_FLAG_FIRST |
360 dcerpc.DCERPC_PFC_FLAG_LAST |
361 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
362
363 def test_no_auth_no_ctx(self):
364 # send an useless bind
365 req = self.generate_bind(call_id=0)
366 self.send_pdu(req)
367 rep = self.recv_pdu()
368 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
369 auth_length=0)
370 if self.legacy_bind_nak_no_reason:
371 # legacy e.g. w2012r2
372 expected_reject_reason = dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED
373 else:
374 # modern (e.g. w2022)
375 expected_reject_reason = dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED
376 self.assertEqual(rep.u.reject_reason, expected_reject_reason)
377 self.assertEqual(rep.u.num_versions, 1)
378 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
379 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
380 self.assertPadding(rep.u._pad, 3)
381
382 # wait for a disconnect
383 rep = self.recv_pdu()
384 self.assertIsNone(rep)
385 self.assertNotConnected()
386
387 def test_invalid_auth_noctx(self):
388 req = self.generate_bind(call_id=0)
389 req.auth_length = dcerpc.DCERPC_AUTH_TRAILER_LENGTH
390 self.send_pdu(req)
391 rep = self.recv_pdu()
392 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
393 auth_length=0)
394 self.assertEqual(rep.u.reject_reason,
395 dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED)
396 self.assertEqual(rep.u.num_versions, 1)
397 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
398 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
399 self.assertPadding(rep.u._pad, 3)
400 # wait for a disconnect
401 rep = self.recv_pdu()
402 self.assertIsNone(rep)
403 self.assertNotConnected()
404
405 def test_no_auth_valid_valid_request(self):
406 ndr32 = base.transfer_syntax_ndr()
407
408 tsf1_list = [ndr32]
409 ctx1 = dcerpc.ctx_list()
410 ctx1.context_id = 1
411 ctx1.num_transfer_syntaxes = len(tsf1_list)
412 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
413 ctx1.transfer_syntaxes = tsf1_list
414
415 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
416 self.send_pdu(req)
417 rep = self.recv_pdu()
418 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
419 auth_length=0)
420 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
421 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
422 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
423 self.assertEqual(rep.u.secondary_address_size, 4)
424 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
425 self.assertPadding(rep.u._pad1, 2)
426 self.assertEqual(rep.u.num_results, 1)
427 self.assertEqual(rep.u.ctx_list[0].result,
428 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
429 self.assertEqual(rep.u.ctx_list[0].reason,
430 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
431 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
432 self.assertEqual(rep.u.auth_info, b'\0' * 0)
433
434 # Send a bind again
435 tsf2_list = [ndr32]
436 ctx2 = dcerpc.ctx_list()
437 ctx2.context_id = 2
438 ctx2.num_transfer_syntaxes = len(tsf2_list)
439 ctx2.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
440 ctx2.transfer_syntaxes = tsf2_list
441
442 req = self.generate_bind(call_id=1, ctx_list=[ctx2])
443 self.send_pdu(req)
444 rep = self.recv_pdu()
445 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
446 auth_length=0)
447 self.assertEqual(rep.u.reject_reason,
448 dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
449 self.assertEqual(rep.u.num_versions, 1)
450 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
451 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
452 self.assertPadding(rep.u._pad, 3)
453
454 # wait for a disconnect
455 rep = self.recv_pdu()
456 self.assertIsNone(rep)
457 self.assertNotConnected()
458
459 def test_no_auth_invalid_valid_request(self):
460 # send an useless bind
461 req = self.generate_bind(call_id=0)
462 self.send_pdu(req)
463 rep = self.recv_pdu()
464 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
465 auth_length=0)
466 if self.legacy_bind_nak_no_reason:
467 # legacy e.g. w2012r2
468 expected_reject_reason = dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED
469 else:
470 # modern (e.g. w2022)
471 expected_reject_reason = dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED
472 self.assertEqual(rep.u.reject_reason, expected_reject_reason)
473 self.assertEqual(rep.u.num_versions, 1)
474 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
475 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
476 self.assertPadding(rep.u._pad, 3)
477
478 # wait for a disconnect
479 rep = self.recv_pdu()
480 self.assertIsNone(rep)
481 self.assertNotConnected()
482
483 def test_alter_no_auth_no_ctx(self):
484 ndr32 = base.transfer_syntax_ndr()
485
486 tsf1_list = [ndr32]
487 ctx1 = dcerpc.ctx_list()
488 ctx1.context_id = 1
489 ctx1.num_transfer_syntaxes = len(tsf1_list)
490 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
491 ctx1.transfer_syntaxes = tsf1_list
492
493 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
494 self.send_pdu(req)
495 rep = self.recv_pdu()
496 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
497 auth_length=0)
498 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
499 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
500 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
501 self.assertEqual(rep.u.secondary_address_size, 4)
502 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
503 self.assertPadding(rep.u._pad1, 2)
504 self.assertEqual(rep.u.num_results, 1)
505 self.assertEqual(rep.u.ctx_list[0].result,
506 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
507 self.assertEqual(rep.u.ctx_list[0].reason,
508 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
509 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
510 self.assertEqual(rep.u.auth_info, b'\0' * 0)
511
512 # Send a alter
513 req = self.generate_alter(call_id=1, ctx_list=[])
514 self.send_pdu(req)
515 rep = self.recv_pdu()
516 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
517 pfc_flags=req.pfc_flags |
518 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
519 auth_length=0)
520 self.assertNotEqual(rep.u.alloc_hint, 0)
521 self.assertEqual(rep.u.context_id, 0)
522 self.assertEqual(rep.u.cancel_count, 0)
523 self.assertEqual(rep.u.flags, 0)
524 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
525 self.assertEqual(rep.u.reserved, 0)
526 self.assertEqual(len(rep.u.error_and_verifier), 0)
527
528 # wait for a disconnect
529 rep = self.recv_pdu()
530 self.assertIsNone(rep)
531 self.assertNotConnected()
532
533 def test_no_auth_presentation_ctx_valid1(self):
534 ndr32 = base.transfer_syntax_ndr()
535
536 zero_syntax = misc.ndr_syntax_id()
537
538 tsf1_list = [zero_syntax, ndr32]
539 ctx1 = dcerpc.ctx_list()
540 ctx1.context_id = 1
541 ctx1.num_transfer_syntaxes = len(tsf1_list)
542 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
543 ctx1.transfer_syntaxes = tsf1_list
544
545 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
546 self.send_pdu(req)
547 rep = self.recv_pdu()
548 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
549 auth_length=0)
550 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
551 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
552 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
553 self.assertEqual(rep.u.secondary_address_size, 4)
554 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
555 self.assertPadding(rep.u._pad1, 2)
556 self.assertEqual(rep.u.num_results, 1)
557 self.assertEqual(rep.u.ctx_list[0].result,
558 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
559 self.assertEqual(rep.u.ctx_list[0].reason,
560 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
561 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
562 self.assertEqual(rep.u.auth_info, b'\0' * 0)
563
564 # Send a alter
565 req = self.generate_alter(call_id=1, ctx_list=[ctx1])
566 self.send_pdu(req)
567 rep = self.recv_pdu()
568 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
569 auth_length=0)
570 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
571 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
572 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
573 self.assertEqual(rep.u.secondary_address_size, 0)
574 self.assertPadding(rep.u._pad1, 2)
575 self.assertEqual(rep.u.num_results, 1)
576 self.assertEqual(rep.u.ctx_list[0].result,
577 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
578 self.assertEqual(rep.u.ctx_list[0].reason,
579 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
580 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
581 self.assertEqual(rep.u.auth_info, b'\0' * 0)
582
583 req = self.generate_request(call_id=2,
584 context_id=ctx1.context_id,
585 opnum=0xffff,
586 stub=b"")
587 self.send_pdu(req)
588 rep = self.recv_pdu()
589 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
590 pfc_flags=req.pfc_flags |
591 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
592 auth_length=0)
593 self.assertNotEqual(rep.u.alloc_hint, 0)
594 self.assertEqual(rep.u.context_id, ctx1.context_id)
595 self.assertEqual(rep.u.cancel_count, 0)
596 self.assertEqual(rep.u.flags, 0)
597 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_OP_RNG_ERROR)
598 self.assertEqual(rep.u.reserved, 0)
599 self.assertEqual(len(rep.u.error_and_verifier), 0)
600
601 def test_no_auth_presentation_ctx_invalid1(self):
602 ndr32 = base.transfer_syntax_ndr()
603
604 zero_syntax = misc.ndr_syntax_id()
605
606 tsf1_list = [ndr32]
607 ctx1 = dcerpc.ctx_list()
608 ctx1.context_id = 1
609 ctx1.num_transfer_syntaxes = len(tsf1_list)
610 ctx1.abstract_syntax = ndr32
611 ctx1.transfer_syntaxes = tsf1_list
612
613 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
614 self.send_pdu(req)
615 rep = self.recv_pdu()
616 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
617 auth_length=0)
618 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
619 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
620 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
621 self.assertEqual(rep.u.secondary_address_size, 4)
622 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
623 self.assertPadding(rep.u._pad1, 2)
624 self.assertEqual(rep.u.num_results, 1)
625 self.assertEqual(rep.u.ctx_list[0].result,
626 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
627 self.assertEqual(rep.u.ctx_list[0].reason,
628 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
629 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
630 self.assertEqual(rep.u.auth_info, b'\0' * 0)
631
632 # Send a alter
633 req = self.generate_alter(call_id=1, ctx_list=[ctx1])
634 self.send_pdu(req)
635 rep = self.recv_pdu()
636 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
637 auth_length=0)
638 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
639 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
640 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
641 self.assertEqual(rep.u.secondary_address_size, 0)
642 self.assertPadding(rep.u._pad1, 2)
643 self.assertEqual(rep.u.num_results, 1)
644 self.assertEqual(rep.u.ctx_list[0].result,
645 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
646 self.assertEqual(rep.u.ctx_list[0].reason,
647 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
648 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
649 self.assertEqual(rep.u.auth_info, b'\0' * 0)
650
651 req = self.generate_request(call_id=2,
652 context_id=12345,
653 opnum=0,
654 stub=b"")
655 self.send_pdu(req)
656 rep = self.recv_pdu()
657 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
658 pfc_flags=req.pfc_flags |
659 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
660 auth_length=0)
661 self.assertNotEqual(rep.u.alloc_hint, 0)
662 self.assertEqual(rep.u.context_id, 0)
663 self.assertEqual(rep.u.cancel_count, 0)
664 self.assertEqual(rep.u.flags, 0)
665 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_UNKNOWN_IF)
666 self.assertEqual(rep.u.reserved, 0)
667 self.assertEqual(len(rep.u.error_and_verifier), 0)
668
669 # Send a alter again to prove the connection is still alive
670 req = self.generate_alter(call_id=3, ctx_list=[ctx1])
671 self.send_pdu(req)
672 rep = self.recv_pdu()
673 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
674 auth_length=0)
675 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
676 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
677 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
678 self.assertEqual(rep.u.secondary_address_size, 0)
679 self.assertPadding(rep.u._pad1, 2)
680 self.assertEqual(rep.u.num_results, 1)
681 self.assertEqual(rep.u.ctx_list[0].result,
682 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
683 self.assertEqual(rep.u.ctx_list[0].reason,
684 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
685 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
686 self.assertEqual(rep.u.auth_info, b'\0' * 0)
687
688 def test_no_auth_presentation_ctx_invalid2(self):
689 ndr32 = base.transfer_syntax_ndr()
690
691 zero_syntax = misc.ndr_syntax_id()
692
693 tsf1a_list = []
694 ctx1a = dcerpc.ctx_list()
695 ctx1a.context_id = 1
696 ctx1a.num_transfer_syntaxes = len(tsf1a_list)
697 ctx1a.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
698 ctx1a.transfer_syntaxes = tsf1a_list
699
700 req = self.generate_bind(call_id=0, ctx_list=[ctx1a])
701 self.send_pdu(req)
702 rep = self.recv_pdu()
703 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
704 auth_length=0)
705 self.assertEqual(rep.u.reject_reason,
706 dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
707 self.assertEqual(rep.u.num_versions, 1)
708 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
709 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
710 self.assertPadding(rep.u._pad, 3)
711
712 # wait for a disconnect
713 rep = self.recv_pdu()
714 self.assertIsNone(rep)
715 self.assertNotConnected()
716
717 def test_no_auth_presentation_ctx_invalid3(self):
718 ndr32 = base.transfer_syntax_ndr()
719
720 zero_syntax = misc.ndr_syntax_id()
721
722 tsf1a_list = [zero_syntax, ndr32, ndr32, ndr32]
723 ctx1a = dcerpc.ctx_list()
724 ctx1a.context_id = 1
725 ctx1a.num_transfer_syntaxes = len(tsf1a_list)
726 ctx1a.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
727 ctx1a.transfer_syntaxes = tsf1a_list
728
729 req = self.generate_bind(call_id=0, ctx_list=[ctx1a])
730 self.send_pdu(req)
731 rep = self.recv_pdu()
732 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
733 auth_length=0)
734 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
735 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
736 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
737 self.assertEqual(rep.u.secondary_address_size, 4)
738 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
739 self.assertPadding(rep.u._pad1, 2)
740 self.assertEqual(rep.u.num_results, 1)
741 self.assertEqual(rep.u.ctx_list[0].result,
742 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
743 self.assertEqual(rep.u.ctx_list[0].reason,
744 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
745 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
746 self.assertEqual(rep.u.auth_info, b'\0' * 0)
747
748 tsf1b_list = []
749 ctx1b = dcerpc.ctx_list()
750 ctx1b.context_id = 1
751 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
752 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
753 ctx1b.transfer_syntaxes = tsf1b_list
754
755 # Send a alter
756 req = self.generate_alter(call_id=1, ctx_list=[ctx1b])
757 self.send_pdu(req)
758 rep = self.recv_pdu()
759 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
760 pfc_flags=req.pfc_flags |
761 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
762 auth_length=0)
763 self.assertNotEqual(rep.u.alloc_hint, 0)
764 self.assertEqual(rep.u.context_id, 0)
765 self.assertEqual(rep.u.cancel_count, 0)
766 self.assertEqual(rep.u.flags, 0)
767 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
768 self.assertEqual(rep.u.reserved, 0)
769 self.assertEqual(len(rep.u.error_and_verifier), 0)
770
771 # wait for a disconnect
772 rep = self.recv_pdu()
773 self.assertIsNone(rep)
774 self.assertNotConnected()
775
776 def test_no_auth_presentation_ctx_invalid4(self):
777 ndr32 = base.transfer_syntax_ndr()
778 ndr64 = base.transfer_syntax_ndr64()
779
780 zero_syntax = misc.ndr_syntax_id()
781
782 tsf1a_list = [zero_syntax, ndr32, ndr32, ndr32]
783 ctx1a = dcerpc.ctx_list()
784 ctx1a.context_id = 1
785 ctx1a.num_transfer_syntaxes = len(tsf1a_list)
786 ctx1a.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
787 ctx1a.transfer_syntaxes = tsf1a_list
788
789 req = self.generate_bind(call_id=0, ctx_list=[ctx1a])
790 self.send_pdu(req)
791 rep = self.recv_pdu()
792 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
793 auth_length=0)
794 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
795 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
796 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
797 self.assertEqual(rep.u.secondary_address_size, 4)
798 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
799 self.assertPadding(rep.u._pad1, 2)
800 self.assertEqual(rep.u.num_results, 1)
801 self.assertEqual(rep.u.ctx_list[0].result,
802 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
803 self.assertEqual(rep.u.ctx_list[0].reason,
804 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
805 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
806 self.assertEqual(rep.u.auth_info, b'\0' * 0)
807
808 # With a known but wrong syntax we get a protocol error
809 # see test_no_auth_presentation_ctx_valid2
810 tsf1b_list = [zero_syntax, samba.dcerpc.epmapper.abstract_syntax(), ndr64]
811 ctx1b = dcerpc.ctx_list()
812 ctx1b.context_id = 1
813 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
814 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
815 ctx1b.transfer_syntaxes = tsf1b_list
816
817 # Send a alter
818 req = self.generate_alter(call_id=1, ctx_list=[ctx1b])
819 self.send_pdu(req)
820 rep = self.recv_pdu()
821 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
822 pfc_flags=req.pfc_flags |
823 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
824 auth_length=0)
825 self.assertNotEqual(rep.u.alloc_hint, 0)
826 self.assertEqual(rep.u.context_id, 0)
827 self.assertEqual(rep.u.cancel_count, 0)
828 self.assertEqual(rep.u.flags, 0)
829 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
830 self.assertEqual(rep.u.reserved, 0)
831 self.assertEqual(len(rep.u.error_and_verifier), 0)
832
833 # wait for a disconnect
834 rep = self.recv_pdu()
835 self.assertIsNone(rep)
836 self.assertNotConnected()
837
838 def test_no_auth_presentation_ctx_valid2(self):
839 ndr32 = base.transfer_syntax_ndr()
840
841 zero_syntax = misc.ndr_syntax_id()
842
843 tsf1a_list = [zero_syntax, ndr32, ndr32, ndr32]
844 ctx1a = dcerpc.ctx_list()
845 ctx1a.context_id = 1
846 ctx1a.num_transfer_syntaxes = len(tsf1a_list)
847 ctx1a.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
848 ctx1a.transfer_syntaxes = tsf1a_list
849
850 req = self.generate_bind(call_id=0, ctx_list=[ctx1a])
851 self.send_pdu(req)
852 rep = self.recv_pdu()
853 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
854 auth_length=0)
855 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
856 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
857 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
858 self.assertEqual(rep.u.secondary_address_size, 4)
859 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
860 self.assertPadding(rep.u._pad1, 2)
861 self.assertEqual(rep.u.num_results, 1)
862 self.assertEqual(rep.u.ctx_list[0].result,
863 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
864 self.assertEqual(rep.u.ctx_list[0].reason,
865 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
866 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
867 self.assertEqual(rep.u.auth_info, b'\0' * 0)
868
869 # With a unknown but wrong syntaxes we get NO protocol error
870 # see test_no_auth_presentation_ctx_invalid4
871 tsf1b_list = [zero_syntax, samba.dcerpc.epmapper.abstract_syntax()]
872 ctx1b = dcerpc.ctx_list()
873 ctx1b.context_id = 1
874 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
875 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
876 ctx1b.transfer_syntaxes = tsf1b_list
877
878 # Send a alter
879 req = self.generate_alter(call_id=1, ctx_list=[ctx1b])
880 self.send_pdu(req)
881 rep = self.recv_pdu()
882 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
883 auth_length=0)
884 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
885 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
886 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
887 self.assertEqual(rep.u.secondary_address_size, 0)
888 self.assertPadding(rep.u._pad1, 2)
889 self.assertEqual(rep.u.num_results, 1)
890 self.assertEqual(rep.u.ctx_list[0].result,
891 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
892 self.assertEqual(rep.u.ctx_list[0].reason,
893 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
894 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
895 self.assertEqual(rep.u.auth_info, b'\0' * 0)
896
897 req = self.generate_request(call_id=2,
898 context_id=ctx1a.context_id,
899 opnum=0xffff,
900 stub=b"")
901 self.send_pdu(req)
902 rep = self.recv_pdu()
903 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
904 pfc_flags=req.pfc_flags |
905 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
906 auth_length=0)
907 self.assertNotEqual(rep.u.alloc_hint, 0)
908 self.assertEqual(rep.u.context_id, ctx1a.context_id)
909 self.assertEqual(rep.u.cancel_count, 0)
910 self.assertEqual(rep.u.flags, 0)
911 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_OP_RNG_ERROR)
912 self.assertEqual(rep.u.reserved, 0)
913 self.assertEqual(len(rep.u.error_and_verifier), 0)
914
915 def test_no_auth_presentation_ctx_no_ndr64(self):
916 ndr32 = base.transfer_syntax_ndr()
917 zero_syntax = misc.ndr_syntax_id()
918
919 tsfZ_list = [zero_syntax]
920 ctxZ = dcerpc.ctx_list()
921 ctxZ.context_id = 54321
922 ctxZ.num_transfer_syntaxes = len(tsfZ_list)
923 ctxZ.abstract_syntax = zero_syntax
924 ctxZ.transfer_syntaxes = tsfZ_list
925
926 req = self.generate_bind(call_id=0, ctx_list=[ctxZ])
927 self.send_pdu(req)
928 rep = self.recv_pdu()
929 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
930 auth_length=0)
931 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
932 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
933 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
934 self.assertEqual(rep.u.secondary_address_size, 4)
935 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
936 self.assertPadding(rep.u._pad1, 2)
937 self.assertEqual(rep.u.num_results, 1)
938 self.assertEqual(rep.u.ctx_list[0].result,
939 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
940 self.assertEqual(rep.u.ctx_list[0].reason,
941 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
942 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
943 self.assertEqual(rep.u.auth_info, b'\0' * 0)
944
945 tsf0_list = [ndr32]
946 ctx0 = dcerpc.ctx_list()
947 ctx0.context_id = 0
948 ctx0.num_transfer_syntaxes = len(tsf0_list)
949 ctx0.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
950 ctx0.transfer_syntaxes = tsf0_list
951
952 req = self.generate_alter(call_id=0, ctx_list=[ctx0])
953 self.send_pdu(req)
954 rep = self.recv_pdu()
955 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
956 auth_length=0)
957 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
958 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
959 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
960 self.assertEqual(rep.u.secondary_address_size, 0)
961 self.assertPadding(rep.u._pad1, 2)
962 self.assertEqual(rep.u.num_results, 1)
963 self.assertEqual(rep.u.ctx_list[0].result,
964 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
965 self.assertEqual(rep.u.ctx_list[0].reason,
966 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
967 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
968 self.assertEqual(rep.u.auth_info, b'\0' * 0)
969
970 req = self.generate_request(call_id=1,
971 context_id=ctx0.context_id,
972 opnum=0,
973 stub=b"")
974 self.send_pdu(req)
975 rep = self.recv_pdu()
976 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
977 auth_length=0)
978 self.assertNotEqual(rep.u.alloc_hint, 0)
979 self.assertEqual(rep.u.context_id, req.u.context_id)
980 self.assertEqual(rep.u.cancel_count, 0)
981 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
982
983 tsf1_list = [zero_syntax, ndr32]
984 ctx1 = dcerpc.ctx_list()
985 ctx1.context_id = 1
986 ctx1.num_transfer_syntaxes = len(tsf1_list)
987 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
988 ctx1.transfer_syntaxes = tsf1_list
989
990 req = self.generate_alter(call_id=1, ctx_list=[ctx1])
991 self.send_pdu(req)
992 rep = self.recv_pdu()
993 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
994 auth_length=0)
995 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
996 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
997 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
998 self.assertEqual(rep.u.secondary_address_size, 0)
999 self.assertPadding(rep.u._pad1, 2)
1000 self.assertEqual(rep.u.num_results, 1)
1001 self.assertEqual(rep.u.ctx_list[0].result,
1002 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1003 self.assertEqual(rep.u.ctx_list[0].reason,
1004 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1005 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1006 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1007
1008 req = self.generate_request(call_id=1,
1009 context_id=ctx1.context_id,
1010 opnum=0,
1011 stub=b"")
1012 self.send_pdu(req)
1013 rep = self.recv_pdu()
1014 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1015 auth_length=0)
1016 self.assertNotEqual(rep.u.alloc_hint, 0)
1017 self.assertEqual(rep.u.context_id, req.u.context_id)
1018 self.assertEqual(rep.u.cancel_count, 0)
1019 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1020
1021 tsf2_list = [ndr32, ndr32]
1022 ctx2 = dcerpc.ctx_list()
1023 ctx2.context_id = 2
1024 ctx2.num_transfer_syntaxes = len(tsf2_list)
1025 ctx2.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1026 ctx2.transfer_syntaxes = tsf2_list
1027
1028 req = self.generate_alter(call_id=2, ctx_list=[ctx2])
1029 self.send_pdu(req)
1030 rep = self.recv_pdu()
1031 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1032 auth_length=0)
1033 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1034 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1035 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1036 self.assertEqual(rep.u.secondary_address_size, 0)
1037 self.assertPadding(rep.u._pad1, 2)
1038 self.assertEqual(rep.u.num_results, 1)
1039 self.assertEqual(rep.u.ctx_list[0].result,
1040 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1041 self.assertEqual(rep.u.ctx_list[0].reason,
1042 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1043 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1044 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1045
1046 req = self.generate_request(call_id=1,
1047 context_id=ctx2.context_id,
1048 opnum=0,
1049 stub=b"")
1050 self.send_pdu(req)
1051 rep = self.recv_pdu()
1052 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1053 auth_length=0)
1054 self.assertNotEqual(rep.u.alloc_hint, 0)
1055 self.assertEqual(rep.u.context_id, req.u.context_id)
1056 self.assertEqual(rep.u.cancel_count, 0)
1057 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1058
1059 tsf3_list = [ndr32]
1060 ctx3 = dcerpc.ctx_list()
1061 ctx3.context_id = 3
1062 ctx3.num_transfer_syntaxes = len(tsf3_list)
1063 ctx3.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1064 ctx3.transfer_syntaxes = tsf3_list
1065
1066 tsf4_list = [ndr32]
1067 ctx4 = dcerpc.ctx_list()
1068 ctx4.context_id = 4
1069 ctx4.num_transfer_syntaxes = len(tsf4_list)
1070 ctx4.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1071 ctx4.transfer_syntaxes = tsf4_list
1072
1073 req = self.generate_alter(call_id=34, ctx_list=[ctx3, ctx4])
1074 self.send_pdu(req)
1075 rep = self.recv_pdu()
1076 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1077 auth_length=0)
1078 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1079 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1080 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1081 self.assertEqual(rep.u.secondary_address_size, 0)
1082 self.assertPadding(rep.u._pad1, 2)
1083 self.assertEqual(rep.u.num_results, 2)
1084 self.assertEqual(rep.u.ctx_list[0].result,
1085 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1086 self.assertEqual(rep.u.ctx_list[0].reason,
1087 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1088 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1089 self.assertEqual(rep.u.ctx_list[1].result,
1090 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1091 self.assertEqual(rep.u.ctx_list[1].reason,
1092 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1093 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1094 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1095
1096 req = self.generate_request(call_id=1,
1097 context_id=ctx3.context_id,
1098 opnum=0,
1099 stub=b"")
1100 self.send_pdu(req)
1101 rep = self.recv_pdu()
1102 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1103 auth_length=0)
1104 self.assertNotEqual(rep.u.alloc_hint, 0)
1105 self.assertEqual(rep.u.context_id, req.u.context_id)
1106 self.assertEqual(rep.u.cancel_count, 0)
1107 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1108
1109 req = self.generate_alter(call_id=43, ctx_list=[ctx4, ctx3])
1110 self.send_pdu(req)
1111 rep = self.recv_pdu()
1112 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1113 auth_length=0)
1114 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1115 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1116 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1117 self.assertEqual(rep.u.secondary_address_size, 0)
1118 self.assertPadding(rep.u._pad1, 2)
1119 self.assertEqual(rep.u.num_results, 2)
1120 self.assertEqual(rep.u.ctx_list[0].result,
1121 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1122 self.assertEqual(rep.u.ctx_list[0].reason,
1123 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1124 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1125 self.assertEqual(rep.u.ctx_list[1].result,
1126 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1127 self.assertEqual(rep.u.ctx_list[1].reason,
1128 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1129 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1130 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1131
1132 req = self.generate_request(call_id=1,
1133 context_id=ctx4.context_id,
1134 opnum=0,
1135 stub=b"")
1136 self.send_pdu(req)
1137 rep = self.recv_pdu()
1138 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1139 auth_length=0)
1140 self.assertNotEqual(rep.u.alloc_hint, 0)
1141 self.assertEqual(rep.u.context_id, req.u.context_id)
1142 self.assertEqual(rep.u.cancel_count, 0)
1143 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1144
1145 req = self.generate_request(call_id=1,
1146 context_id=ctx3.context_id,
1147 opnum=0,
1148 stub=b"")
1149 self.send_pdu(req)
1150 rep = self.recv_pdu()
1151 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1152 auth_length=0)
1153 self.assertNotEqual(rep.u.alloc_hint, 0)
1154 self.assertEqual(rep.u.context_id, req.u.context_id)
1155 self.assertEqual(rep.u.cancel_count, 0)
1156 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1157
1158 req = self.generate_alter(call_id=44, ctx_list=[ctx4, ctx4])
1159 self.send_pdu(req)
1160 rep = self.recv_pdu()
1161 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1162 auth_length=0)
1163 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1164 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1165 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1166 self.assertEqual(rep.u.secondary_address_size, 0)
1167 self.assertPadding(rep.u._pad1, 2)
1168 self.assertEqual(rep.u.num_results, 2)
1169 self.assertEqual(rep.u.ctx_list[0].result,
1170 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1171 self.assertEqual(rep.u.ctx_list[0].reason,
1172 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1173 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1174 self.assertEqual(rep.u.ctx_list[1].result,
1175 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1176 self.assertEqual(rep.u.ctx_list[1].reason,
1177 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1178 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1179 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1180
1181 req = self.generate_request(call_id=1,
1182 context_id=ctx4.context_id,
1183 opnum=0,
1184 stub=b"")
1185 self.send_pdu(req)
1186 rep = self.recv_pdu()
1187 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1188 auth_length=0)
1189 self.assertNotEqual(rep.u.alloc_hint, 0)
1190 self.assertEqual(rep.u.context_id, req.u.context_id)
1191 self.assertEqual(rep.u.cancel_count, 0)
1192 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1193
1194 req = self.generate_request(call_id=1,
1195 context_id=ctx3.context_id,
1196 opnum=0,
1197 stub=b"")
1198 self.send_pdu(req)
1199 rep = self.recv_pdu()
1200 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1201 auth_length=0)
1202 self.assertNotEqual(rep.u.alloc_hint, 0)
1203 self.assertEqual(rep.u.context_id, req.u.context_id)
1204 self.assertEqual(rep.u.cancel_count, 0)
1205 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1206
1207 tsf5mgmt_list = [ndr32]
1208 ctx5mgmt = dcerpc.ctx_list()
1209 ctx5mgmt.context_id = 5
1210 ctx5mgmt.num_transfer_syntaxes = len(tsf5mgmt_list)
1211 ctx5mgmt.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1212 ctx5mgmt.transfer_syntaxes = tsf5mgmt_list
1213
1214 tsf5epm_list = [ndr32]
1215 ctx5epm = dcerpc.ctx_list()
1216 ctx5epm.context_id = 5
1217 ctx5epm.num_transfer_syntaxes = len(tsf5epm_list)
1218 ctx5epm.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1219 ctx5epm.transfer_syntaxes = tsf5epm_list
1220
1221 req = self.generate_alter(call_id=55, ctx_list=[ctx5mgmt, ctx5epm])
1222 self.send_pdu(req)
1223 rep = self.recv_pdu()
1224 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1225 auth_length=0)
1226 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1227 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1228 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1229 self.assertEqual(rep.u.secondary_address_size, 0)
1230 self.assertPadding(rep.u._pad1, 2)
1231 self.assertEqual(rep.u.num_results, 2)
1232 self.assertEqual(rep.u.ctx_list[0].result,
1233 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1234 self.assertEqual(rep.u.ctx_list[0].reason,
1235 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1236 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1237 self.assertEqual(rep.u.ctx_list[1].result,
1238 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1239 self.assertEqual(rep.u.ctx_list[1].reason,
1240 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1241 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1242 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1243
1244 req = self.generate_request(call_id=1,
1245 context_id=ctx5mgmt.context_id,
1246 opnum=0,
1247 stub=b"")
1248 self.send_pdu(req)
1249 rep = self.recv_pdu()
1250 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1251 auth_length=0)
1252 self.assertNotEqual(rep.u.alloc_hint, 0)
1253 self.assertEqual(rep.u.context_id, req.u.context_id)
1254 self.assertEqual(rep.u.cancel_count, 0)
1255 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1256
1257 req = self.generate_alter(call_id=55, ctx_list=[ctx5mgmt, ctx5epm])
1258 self.send_pdu(req)
1259 rep = self.recv_pdu()
1260 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1261 auth_length=0)
1262 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1263 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1264 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1265 self.assertEqual(rep.u.secondary_address_size, 0)
1266 self.assertPadding(rep.u._pad1, 2)
1267 self.assertEqual(rep.u.num_results, 2)
1268 self.assertEqual(rep.u.ctx_list[0].result,
1269 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1270 self.assertEqual(rep.u.ctx_list[0].reason,
1271 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1272 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1273 self.assertEqual(rep.u.ctx_list[1].result,
1274 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1275 self.assertEqual(rep.u.ctx_list[1].reason,
1276 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1277 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1278 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1279
1280 req = self.generate_request(call_id=1,
1281 context_id=ctx5mgmt.context_id,
1282 opnum=0,
1283 stub=b"")
1284 self.send_pdu(req)
1285 rep = self.recv_pdu()
1286 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1287 auth_length=0)
1288 self.assertNotEqual(rep.u.alloc_hint, 0)
1289 self.assertEqual(rep.u.context_id, req.u.context_id)
1290 self.assertEqual(rep.u.cancel_count, 0)
1291 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1292
1293 def test_no_auth_bind_time_none_simple(self):
1294 features = 0
1295 btf = base.bind_time_features_syntax(features)
1296
1297 zero_syntax = misc.ndr_syntax_id()
1298
1299 tsf1_list = [btf]
1300 ctx1 = dcerpc.ctx_list()
1301 ctx1.context_id = 1
1302 ctx1.num_transfer_syntaxes = len(tsf1_list)
1303 ctx1.abstract_syntax = zero_syntax
1304 ctx1.transfer_syntaxes = tsf1_list
1305
1306 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1307 self.send_pdu(req)
1308 rep = self.recv_pdu()
1309 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1310 auth_length=0)
1311 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1312 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1313 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1314 self.assertEqual(rep.u.secondary_address_size, 4)
1315 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
1316 self.assertPadding(rep.u._pad1, 2)
1317 self.assertEqual(rep.u.num_results, 1)
1318 self.assertEqual(rep.u.ctx_list[0].result,
1319 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1320 self.assertEqual(rep.u.ctx_list[0].reason, features)
1321 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1322 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1323
1324 def test_no_auth_bind_time_none_ignore_additional(self):
1325 features1 = 0
1326 btf1 = base.bind_time_features_syntax(features1)
1327
1328 features2 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1329 features2 |= dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1330 btf2 = base.bind_time_features_syntax(features2)
1331
1332 zero_syntax = misc.ndr_syntax_id()
1333 ndr64 = base.transfer_syntax_ndr64()
1334
1335 tsf1_list = [btf1, btf2, zero_syntax]
1336 ctx1 = dcerpc.ctx_list()
1337 ctx1.context_id = 1
1338 ctx1.num_transfer_syntaxes = len(tsf1_list)
1339 ctx1.abstract_syntax = ndr64
1340 ctx1.transfer_syntaxes = tsf1_list
1341
1342 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1343 self.send_pdu(req)
1344 rep = self.recv_pdu()
1345 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1346 auth_length=0)
1347 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1348 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1349 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1350 self.assertEqual(rep.u.secondary_address_size, 4)
1351 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
1352 self.assertPadding(rep.u._pad1, 2)
1353 self.assertEqual(rep.u.num_results, 1)
1354 self.assertEqual(rep.u.ctx_list[0].result,
1355 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1356 self.assertEqual(rep.u.ctx_list[0].reason, features1)
1357 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1358 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1359
1360 def test_no_auth_bind_time_only_first(self):
1361 features1 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1362 btf1 = base.bind_time_features_syntax(features1)
1363
1364 features2 = dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1365 btf2 = base.bind_time_features_syntax(features2)
1366
1367 zero_syntax = misc.ndr_syntax_id()
1368
1369 tsf1_list = [zero_syntax, btf1, btf2, zero_syntax]
1370 ctx1 = dcerpc.ctx_list()
1371 ctx1.context_id = 1
1372 ctx1.num_transfer_syntaxes = len(tsf1_list)
1373 ctx1.abstract_syntax = zero_syntax
1374 ctx1.transfer_syntaxes = tsf1_list
1375
1376 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1377 self.send_pdu(req)
1378 rep = self.recv_pdu()
1379 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1380 auth_length=0)
1381 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1382 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1383 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1384 self.assertEqual(rep.u.secondary_address_size, 4)
1385 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
1386 self.assertPadding(rep.u._pad1, 2)
1387 self.assertEqual(rep.u.num_results, 1)
1388 self.assertEqual(rep.u.ctx_list[0].result,
1389 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1390 self.assertEqual(rep.u.ctx_list[0].reason,
1391 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
1392 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1393 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1394
1395 def test_no_auth_bind_time_twice(self):
1396 features1 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1397 btf1 = base.bind_time_features_syntax(features1)
1398
1399 features2 = dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1400 btf2 = base.bind_time_features_syntax(features2)
1401
1402 zero_syntax = misc.ndr_syntax_id()
1403
1404 tsf1_list = [btf1]
1405 ctx1 = dcerpc.ctx_list()
1406 ctx1.context_id = 1
1407 ctx1.num_transfer_syntaxes = len(tsf1_list)
1408 ctx1.abstract_syntax = zero_syntax
1409 ctx1.transfer_syntaxes = tsf1_list
1410
1411 tsf2_list = [btf2]
1412 ctx2 = dcerpc.ctx_list()
1413 ctx2.context_id = 2
1414 ctx2.num_transfer_syntaxes = len(tsf2_list)
1415 ctx2.abstract_syntax = zero_syntax
1416 ctx2.transfer_syntaxes = tsf2_list
1417
1418 req = self.generate_bind(call_id=0, ctx_list=[ctx1, ctx2])
1419 self.send_pdu(req)
1420 rep = self.recv_pdu()
1421 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
1422 auth_length=0)
1423 self.assertEqual(rep.u.reject_reason,
1424 dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1425 self.assertEqual(rep.u.num_versions, 1)
1426 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
1427 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
1428 self.assertPadding(rep.u._pad, 3)
1429
1430 # wait for a disconnect
1431 rep = self.recv_pdu()
1432 self.assertIsNone(rep)
1433 self.assertNotConnected()
1434
1435 def test_no_auth_bind_time_keep_on_orphan_simple(self):
1436 features = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1437 btf = base.bind_time_features_syntax(features)
1438
1439 zero_syntax = misc.ndr_syntax_id()
1440
1441 tsf1_list = [btf]
1442 ctx1 = dcerpc.ctx_list()
1443 ctx1.context_id = 1
1444 ctx1.num_transfer_syntaxes = len(tsf1_list)
1445 ctx1.abstract_syntax = zero_syntax
1446 ctx1.transfer_syntaxes = tsf1_list
1447
1448 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1449 self.send_pdu(req)
1450 rep = self.recv_pdu()
1451 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1452 auth_length=0)
1453 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1454 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1455 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1456 self.assertEqual(rep.u.secondary_address_size, 4)
1457 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
1458 self.assertPadding(rep.u._pad1, 2)
1459 self.assertEqual(rep.u.num_results, 1)
1460 self.assertEqual(rep.u.ctx_list[0].result,
1461 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1462 self.assertEqual(rep.u.ctx_list[0].reason, features)
1463 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1464 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1465
1466 def test_no_auth_bind_time_keep_on_orphan_ignore_additional(self):
1467 features1 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1468 btf1 = base.bind_time_features_syntax(features1)
1469
1470 features2 = dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1471 btf2 = base.bind_time_features_syntax(features2)
1472
1473 zero_syntax = misc.ndr_syntax_id()
1474 ndr64 = base.transfer_syntax_ndr64()
1475
1476 tsf1_list = [btf1, btf2, zero_syntax]
1477 ctx1 = dcerpc.ctx_list()
1478 ctx1.context_id = 1
1479 ctx1.num_transfer_syntaxes = len(tsf1_list)
1480 ctx1.abstract_syntax = ndr64
1481 ctx1.transfer_syntaxes = tsf1_list
1482
1483 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1484 self.send_pdu(req)
1485 rep = self.recv_pdu()
1486 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1487 auth_length=0)
1488 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1489 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1490 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1491 self.assertEqual(rep.u.secondary_address_size, 4)
1492 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
1493 self.assertPadding(rep.u._pad1, 2)
1494 self.assertEqual(rep.u.num_results, 1)
1495 self.assertEqual(rep.u.ctx_list[0].result,
1496 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1497 self.assertEqual(rep.u.ctx_list[0].reason, features1)
1498 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1499 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1500
1501 def test_no_auth_bind_time_sec_ctx_ignore_additional(self):
1502 features1 = dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1503 btf1 = base.bind_time_features_syntax(features1)
1504
1505 features2 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1506 btf2 = base.bind_time_features_syntax(features2)
1507
1508 zero_syntax = misc.ndr_syntax_id()
1509 ndr64 = base.transfer_syntax_ndr64()
1510
1511 tsf1_list = [btf1, btf2, zero_syntax]
1512 ctx1 = dcerpc.ctx_list()
1513 ctx1.context_id = 1
1514 ctx1.num_transfer_syntaxes = len(tsf1_list)
1515 ctx1.abstract_syntax = ndr64
1516 ctx1.transfer_syntaxes = tsf1_list
1517
1518 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1519 self.send_pdu(req)
1520 rep = self.recv_pdu()
1521 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1522 auth_length=0)
1523 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1524 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1525 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1526 self.assertEqual(rep.u.secondary_address_size, 4)
1527 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
1528 self.assertPadding(rep.u._pad1, 2)
1529 self.assertEqual(rep.u.num_results, 1)
1530 self.assertEqual(rep.u.ctx_list[0].result,
1531 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1532 self.assertEqual(rep.u.ctx_list[0].reason, features1)
1533 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1534 self.assertEqual(rep.u.auth_info, b'\0' * 0)
1535
1536 def _test_auth_type_level_bind_nak(self, auth_type, auth_level, creds=None,
1537 reason=dcerpc.DCERPC_BIND_NAK_REASON_INVALID_AUTH_TYPE):
1538 ndr32 = base.transfer_syntax_ndr()
1539
1540 tsf1_list = [ndr32]
1541 ctx1 = dcerpc.ctx_list()
1542 ctx1.context_id = 1
1543 ctx1.num_transfer_syntaxes = len(tsf1_list)
1544 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1545 ctx1.transfer_syntaxes = tsf1_list
1546 ctx_list = [ctx1]
1547
1548 auth_context_id = 0
1549
1550 if creds is not None:
1551 # We always start with DCERPC_AUTH_LEVEL_INTEGRITY
1552 auth_context = self.get_auth_context_creds(creds,
1553 auth_type=auth_type,
1554 auth_level=auth_level,
1555 auth_context_id=auth_context_id,
1556 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
1557 from_server = b""
1558 (finished, to_server) = auth_context["gensec"].update(from_server)
1559 self.assertFalse(finished)
1560
1561 auth_info = self.generate_auth(auth_type=auth_context["auth_type"],
1562 auth_level=auth_context["auth_level"],
1563 auth_context_id=auth_context["auth_context_id"],
1564 auth_blob=to_server)
1565 else:
1566 to_server = b"none"
1567 auth_info = self.generate_auth(auth_type=auth_type,
1568 auth_level=auth_level,
1569 auth_context_id=auth_context_id,
1570 auth_blob=to_server)
1571
1572 req = self.generate_bind(call_id=0,
1573 ctx_list=ctx_list,
1574 auth_info=auth_info)
1575 self.send_pdu(req)
1576 rep = self.recv_pdu()
1577 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
1578 auth_length=0)
1579 self.assertEqual(rep.u.reject_reason, reason)
1580 self.assertEqual(rep.u.num_versions, 1)
1581 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
1582 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
1583 self.assertPadding(rep.u._pad, 3)
1584
1585 # wait for a disconnect
1586 rep = self.recv_pdu()
1587 self.assertIsNone(rep)
1588 self.assertNotConnected()
1589
1590 def _test_auth_none_level_bind(self, auth_level,
1591 reason=dcerpc.DCERPC_BIND_NAK_REASON_INVALID_AUTH_TYPE):
1592 return self._test_auth_type_level_bind_nak(auth_type=dcerpc.DCERPC_AUTH_LEVEL_NONE,
1593 auth_level=auth_level, reason=reason)
1594
1595 def test_auth_none_none_bind(self):
1596 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_NONE,
1597 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1598
1599 def test_auth_none_connect_bind(self):
1600 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_CONNECT)
1601
1602 def test_auth_none_call_bind(self):
1603 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_CALL)
1604
1605 def test_auth_none_packet_bind(self):
1606 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_PACKET)
1607
1608 def test_auth_none_integrity_bind(self):
1609 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
1610
1611 def test_auth_none_privacy_bind(self):
1612 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_PRIVACY)
1613
1614 def test_auth_none_0_bind(self):
1615 return self._test_auth_none_level_bind(0,
1616 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1617
1618 def test_auth_none_7_bind(self):
1619 return self._test_auth_none_level_bind(7,
1620 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1621
1622 def test_auth_none_255_bind(self):
1623 return self._test_auth_none_level_bind(255,
1624 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1625
1626 def _test_auth_none_level_request(self, auth_level):
1627 ndr32 = base.transfer_syntax_ndr()
1628
1629 tsf1_list = [ndr32]
1630 ctx1 = dcerpc.ctx_list()
1631 ctx1.context_id = 1
1632 ctx1.num_transfer_syntaxes = len(tsf1_list)
1633 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1634 ctx1.transfer_syntaxes = tsf1_list
1635 ctx_list = [ctx1]
1636
1637 auth_type = dcerpc.DCERPC_AUTH_TYPE_NONE
1638 auth_context_id = 0
1639
1640 req = self.generate_bind(call_id=0,
1641 ctx_list=ctx_list)
1642
1643 self.send_pdu(req)
1644 rep = self.recv_pdu()
1645 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
1646 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1647 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
1648 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
1649 self.assertEqual(rep.u.secondary_address_size, 4)
1650 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
1651 self.assertPadding(rep.u._pad1, 2)
1652 self.assertEqual(rep.u.num_results, 1)
1653 self.assertEqual(rep.u.ctx_list[0].result,
1654 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1655 self.assertEqual(rep.u.ctx_list[0].reason,
1656 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1657 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1658 self.assertEqual(len(rep.u.auth_info), 0)
1659
1660 # And now try a request without auth_info
1661 req = self.generate_request(call_id=2,
1662 context_id=ctx1.context_id,
1663 opnum=0,
1664 stub=b"")
1665 self.send_pdu(req)
1666 rep = self.recv_pdu()
1667 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1668 auth_length=0)
1669 self.assertNotEqual(rep.u.alloc_hint, 0)
1670 self.assertEqual(rep.u.context_id, req.u.context_id)
1671 self.assertEqual(rep.u.cancel_count, 0)
1672 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1673
1674 auth_info = self.generate_auth(auth_type=auth_type,
1675 auth_level=auth_level,
1676 auth_context_id=auth_context_id,
1677 auth_blob=b"none")
1678
1679 req = self.generate_request(call_id=3,
1680 context_id=ctx1.context_id,
1681 opnum=0,
1682 stub=b"",
1683 auth_info=auth_info)
1684 self.send_pdu(req)
1685 rep = self.recv_pdu()
1686 # We get a fault back
1687 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
1688 auth_length=0)
1689 self.assertNotEqual(rep.u.alloc_hint, 0)
1690 self.assertEqual(rep.u.context_id, req.u.context_id)
1691 self.assertEqual(rep.u.cancel_count, 0)
1692 self.assertEqual(rep.u.flags, 0)
1693 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
1694 self.assertEqual(rep.u.reserved, 0)
1695 self.assertEqual(len(rep.u.error_and_verifier), 0)
1696
1697 # wait for a disconnect
1698 rep = self.recv_pdu()
1699 self.assertIsNone(rep)
1700 self.assertNotConnected()
1701
1702 def test_auth_none_none_request(self):
1703 return self._test_auth_none_level_request(dcerpc.DCERPC_AUTH_LEVEL_NONE)
1704
1705 def test_auth_none_connect_request(self):
1706 return self._test_auth_none_level_request(dcerpc.DCERPC_AUTH_LEVEL_CONNECT)
1707
1708 def test_auth_none_call_request(self):
1709 return self._test_auth_none_level_request(dcerpc.DCERPC_AUTH_LEVEL_CALL)
1710
1711 def test_auth_none_packet_request(self):
1712 return self._test_auth_none_level_request(dcerpc.DCERPC_AUTH_LEVEL_PACKET)
1713
1714 def test_ntlmssp_multi_auth_first1_lastSame2(self):
1715 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1716 expected_fault = dcerpc.DCERPC_FAULT_SEC_PKG_ERROR
1717 auth_context_2nd = 2
1718 expected_call_id = None
1719 expected_context_id = None
1720 not_executed = False
1721 conc_mpx = False
1722 forced_call_id = None
1723 forced_context_id = None
1724 forced_opnum = None
1725 forced_auth_context_id = None
1726 forced_auth_type = None
1727 forced_auth_level = None
1728 return self._test_generic_auth_first_last(auth_type,
1729 expected_fault,
1730 auth_context_2nd=auth_context_2nd,
1731 expected_call_id=expected_call_id,
1732 expected_context_id=expected_context_id,
1733 not_executed=not_executed,
1734 conc_mpx=conc_mpx,
1735 forced_call_id=forced_call_id,
1736 forced_context_id=forced_context_id,
1737 forced_opnum=forced_opnum,
1738 forced_auth_context_id=forced_auth_context_id,
1739 forced_auth_type=forced_auth_type,
1740 forced_auth_level=forced_auth_level)
1741
1742 def test_ntlmssp_multi_auth_first1_lastNext2(self):
1743 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1744 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1745 auth_context_2nd = 2
1746 expected_call_id = None
1747 expected_context_id = None
1748 not_executed = False
1749 conc_mpx = False
1750 forced_call_id = 4
1751 forced_context_id = None
1752 forced_opnum = None
1753 forced_auth_context_id = None
1754 forced_auth_type = None
1755 forced_auth_level = None
1756 return self._test_generic_auth_first_last(auth_type,
1757 expected_fault,
1758 auth_context_2nd=auth_context_2nd,
1759 expected_call_id=expected_call_id,
1760 expected_context_id=expected_context_id,
1761 not_executed=not_executed,
1762 conc_mpx=conc_mpx,
1763 forced_call_id=forced_call_id,
1764 forced_context_id=forced_context_id,
1765 forced_opnum=forced_opnum,
1766 forced_auth_context_id=forced_auth_context_id,
1767 forced_auth_type=forced_auth_type,
1768 forced_auth_level=forced_auth_level)
1769
1770 def test_ntlmssp_multi_auth_first1_lastSame111(self):
1771 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1772 expected_fault = None
1773 auth_context_2nd = 1
1774 expected_call_id = None
1775 expected_context_id = None
1776 not_executed = False
1777 conc_mpx = False
1778 forced_call_id = None
1779 forced_context_id = 111
1780 forced_opnum = 111
1781 forced_auth_context_id = 111
1782 forced_auth_type = 111
1783 forced_auth_level = 111
1784 return self._test_generic_auth_first_last(auth_type,
1785 expected_fault,
1786 auth_context_2nd=auth_context_2nd,
1787 expected_call_id=expected_call_id,
1788 expected_context_id=expected_context_id,
1789 not_executed=not_executed,
1790 conc_mpx=conc_mpx,
1791 forced_call_id=forced_call_id,
1792 forced_context_id=forced_context_id,
1793 forced_opnum=forced_opnum,
1794 forced_auth_context_id=forced_auth_context_id,
1795 forced_auth_type=forced_auth_type,
1796 forced_auth_level=forced_auth_level)
1797
1798 def test_ntlmssp_multi_auth_first1_lastNext111(self):
1799 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1800 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1801 auth_context_2nd = 1
1802 expected_call_id = None
1803 expected_context_id = None
1804 not_executed = False
1805 conc_mpx = False
1806 forced_call_id = 4
1807 forced_context_id = 111
1808 forced_opnum = 111
1809 forced_auth_context_id = 111
1810 forced_auth_type = 111
1811 forced_auth_level = 111
1812 return self._test_generic_auth_first_last(auth_type,
1813 expected_fault,
1814 auth_context_2nd=auth_context_2nd,
1815 expected_call_id=expected_call_id,
1816 expected_context_id=expected_context_id,
1817 not_executed=not_executed,
1818 conc_mpx=conc_mpx,
1819 forced_call_id=forced_call_id,
1820 forced_context_id=forced_context_id,
1821 forced_opnum=forced_opnum,
1822 forced_auth_context_id=forced_auth_context_id,
1823 forced_auth_type=forced_auth_type,
1824 forced_auth_level=forced_auth_level)
1825
1826 def test_ntlmssp_multi_auth_MPX_first1_lastNext111(self):
1827 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1828 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1829 auth_context_2nd = 1
1830 expected_call_id = 4
1831 expected_context_id = 0
1832 not_executed = False
1833 conc_mpx = True
1834 forced_call_id = 4
1835 forced_context_id = 111
1836 forced_opnum = 111
1837 forced_auth_context_id = 111
1838 forced_auth_type = 111
1839 forced_auth_level = 111
1840 return self._test_generic_auth_first_last(auth_type,
1841 expected_fault,
1842 auth_context_2nd=auth_context_2nd,
1843 expected_call_id=expected_call_id,
1844 expected_context_id=expected_context_id,
1845 not_executed=not_executed,
1846 conc_mpx=conc_mpx,
1847 forced_call_id=forced_call_id,
1848 forced_context_id=forced_context_id,
1849 forced_opnum=forced_opnum,
1850 forced_auth_context_id=forced_auth_context_id,
1851 forced_auth_type=forced_auth_type,
1852 forced_auth_level=forced_auth_level)
1853
1854 def test_ntlmssp_multi_auth_first1_lastSameNone(self):
1855 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1856 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1857 auth_context_2nd = None
1858 expected_call_id = None
1859 expected_context_id = None
1860 not_executed = False
1861 conc_mpx = False
1862 forced_call_id = None
1863 forced_context_id = None
1864 forced_opnum = None
1865 forced_auth_context_id = None
1866 forced_auth_type = None
1867 forced_auth_level = None
1868 return self._test_generic_auth_first_last(auth_type,
1869 expected_fault,
1870 auth_context_2nd=auth_context_2nd,
1871 expected_call_id=expected_call_id,
1872 expected_context_id=expected_context_id,
1873 not_executed=not_executed,
1874 conc_mpx=conc_mpx,
1875 forced_call_id=forced_call_id,
1876 forced_context_id=forced_context_id,
1877 forced_opnum=forced_opnum,
1878 forced_auth_context_id=forced_auth_context_id,
1879 forced_auth_type=forced_auth_type,
1880 forced_auth_level=forced_auth_level)
1881
1882 def test_ntlmssp_multi_auth_MPX_first1_lastSameNone(self):
1883 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1884 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1885 auth_context_2nd = None
1886 expected_call_id = None
1887 expected_context_id = None
1888 not_executed = False
1889 conc_mpx = True
1890 forced_call_id = None
1891 forced_context_id = None
1892 forced_opnum = None
1893 forced_auth_context_id = None
1894 forced_auth_type = None
1895 forced_auth_level = None
1896 return self._test_generic_auth_first_last(auth_type,
1897 expected_fault,
1898 auth_context_2nd=auth_context_2nd,
1899 expected_call_id=expected_call_id,
1900 expected_context_id=expected_context_id,
1901 not_executed=not_executed,
1902 conc_mpx=conc_mpx,
1903 forced_call_id=forced_call_id,
1904 forced_context_id=forced_context_id,
1905 forced_opnum=forced_opnum,
1906 forced_auth_context_id=forced_auth_context_id,
1907 forced_auth_type=forced_auth_type,
1908 forced_auth_level=forced_auth_level)
1909
1910 def test_ntlmssp_multi_auth_first1_lastNextNone(self):
1911 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1912 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1913 auth_context_2nd = None
1914 expected_call_id = None
1915 expected_context_id = None
1916 not_executed = False
1917 conc_mpx = False
1918 forced_call_id = 4
1919 forced_context_id = None
1920 forced_opnum = None
1921 forced_auth_context_id = None
1922 forced_auth_type = None
1923 forced_auth_level = None
1924 return self._test_generic_auth_first_last(auth_type,
1925 expected_fault,
1926 auth_context_2nd=auth_context_2nd,
1927 expected_call_id=expected_call_id,
1928 expected_context_id=expected_context_id,
1929 not_executed=not_executed,
1930 conc_mpx=conc_mpx,
1931 forced_call_id=forced_call_id,
1932 forced_context_id=forced_context_id,
1933 forced_opnum=forced_opnum,
1934 forced_auth_context_id=forced_auth_context_id,
1935 forced_auth_type=forced_auth_type,
1936 forced_auth_level=forced_auth_level)
1937
1938 def test_ntlmssp_multi_auth_MPX_first1_lastNextNone(self):
1939 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1940 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1941 auth_context_2nd = None
1942 expected_call_id = 4
1943 expected_context_id = 0
1944 not_executed = False
1945 conc_mpx = True
1946 forced_call_id = 4
1947 forced_context_id = None
1948 forced_opnum = None
1949 forced_auth_context_id = None
1950 forced_auth_type = None
1951 forced_auth_level = None
1952 return self._test_generic_auth_first_last(auth_type,
1953 expected_fault,
1954 auth_context_2nd=auth_context_2nd,
1955 expected_call_id=expected_call_id,
1956 expected_context_id=expected_context_id,
1957 not_executed=not_executed,
1958 conc_mpx=conc_mpx,
1959 forced_call_id=forced_call_id,
1960 forced_context_id=forced_context_id,
1961 forced_opnum=forced_opnum,
1962 forced_auth_context_id=forced_auth_context_id,
1963 forced_auth_type=forced_auth_type,
1964 forced_auth_level=forced_auth_level)
1965
1966 def test_ntlmssp_multi_auth_first1_lastSameNone111(self):
1967 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1968 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1969 auth_context_2nd = None
1970 expected_call_id = None
1971 expected_context_id = None
1972 not_executed = False
1973 conc_mpx = False
1974 forced_call_id = None
1975 forced_context_id = 111
1976 forced_opnum = 111
1977 forced_auth_context_id = None
1978 forced_auth_type = None
1979 forced_auth_level = None
1980 return self._test_generic_auth_first_last(auth_type,
1981 expected_fault,
1982 auth_context_2nd=auth_context_2nd,
1983 expected_call_id=expected_call_id,
1984 expected_context_id=expected_context_id,
1985 not_executed=not_executed,
1986 conc_mpx=conc_mpx,
1987 forced_call_id=forced_call_id,
1988 forced_context_id=forced_context_id,
1989 forced_opnum=forced_opnum,
1990 forced_auth_context_id=forced_auth_context_id,
1991 forced_auth_type=forced_auth_type,
1992 forced_auth_level=forced_auth_level)
1993
1994 def test_ntlmssp_multi_auth_MPX_first1_lastSameNone111(self):
1995 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
1996 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
1997 auth_context_2nd = None
1998 expected_call_id = None
1999 expected_context_id = None
2000 not_executed = False
2001 conc_mpx = True
2002 forced_call_id = None
2003 forced_context_id = 111
2004 forced_opnum = 111
2005 forced_auth_context_id = None
2006 forced_auth_type = None
2007 forced_auth_level = None
2008 return self._test_generic_auth_first_last(auth_type,
2009 expected_fault,
2010 auth_context_2nd=auth_context_2nd,
2011 expected_call_id=expected_call_id,
2012 expected_context_id=expected_context_id,
2013 not_executed=not_executed,
2014 conc_mpx=conc_mpx,
2015 forced_call_id=forced_call_id,
2016 forced_context_id=forced_context_id,
2017 forced_opnum=forced_opnum,
2018 forced_auth_context_id=forced_auth_context_id,
2019 forced_auth_type=forced_auth_type,
2020 forced_auth_level=forced_auth_level)
2021
2022 def test_ntlmssp_multi_auth_first1_lastNextNone111(self):
2023 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2024 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2025 auth_context_2nd = None
2026 expected_call_id = None
2027 expected_context_id = None
2028 not_executed = False
2029 conc_mpx = False
2030 forced_call_id = 4
2031 forced_context_id = 111
2032 forced_opnum = 111
2033 forced_auth_context_id = None
2034 forced_auth_type = None
2035 forced_auth_level = None
2036 return self._test_generic_auth_first_last(auth_type,
2037 expected_fault,
2038 auth_context_2nd=auth_context_2nd,
2039 expected_call_id=expected_call_id,
2040 expected_context_id=expected_context_id,
2041 not_executed=not_executed,
2042 conc_mpx=conc_mpx,
2043 forced_call_id=forced_call_id,
2044 forced_context_id=forced_context_id,
2045 forced_opnum=forced_opnum,
2046 forced_auth_context_id=forced_auth_context_id,
2047 forced_auth_type=forced_auth_type,
2048 forced_auth_level=forced_auth_level)
2049
2050 def test_ntlmssp_multi_auth_MPX_first1_lastNextNone111(self):
2051 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2052 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2053 auth_context_2nd = None
2054 expected_call_id = 4
2055 expected_context_id = 0
2056 not_executed = False
2057 conc_mpx = True
2058 forced_call_id = 4
2059 forced_context_id = 111
2060 forced_opnum = 111
2061 forced_auth_context_id = None
2062 forced_auth_type = None
2063 forced_auth_level = None
2064 return self._test_generic_auth_first_last(auth_type,
2065 expected_fault,
2066 auth_context_2nd=auth_context_2nd,
2067 expected_call_id=expected_call_id,
2068 expected_context_id=expected_context_id,
2069 not_executed=not_executed,
2070 conc_mpx=conc_mpx,
2071 forced_call_id=forced_call_id,
2072 forced_context_id=forced_context_id,
2073 forced_opnum=forced_opnum,
2074 forced_auth_context_id=forced_auth_context_id,
2075 forced_auth_type=forced_auth_type,
2076 forced_auth_level=forced_auth_level)
2077
2078 def _test_generic_auth_first_2nd(self,
2079 auth_type,
2080 pfc_flags_2nd,
2081 expected_fault,
2082 auth_context_2nd=2,
2083 skip_first=False,
2084 expected_call_id=None,
2085 expected_context_id=None,
2086 conc_mpx=False,
2087 not_executed=False,
2088 forced_call_id=None,
2089 forced_context_id=None,
2090 forced_opnum=None,
2091 forced_auth_context_id=None,
2092 forced_auth_type=None,
2093 forced_auth_level=None):
2094 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2095 auth_level1 = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
2096 auth_context_id1=1
2097 auth_level2 = dcerpc.DCERPC_AUTH_LEVEL_PACKET
2098 auth_context_id2=2
2099
2100 creds = self.get_user_creds()
2101
2102 abstract = samba.dcerpc.mgmt.abstract_syntax()
2103 transfer = base.transfer_syntax_ndr()
2104
2105 tsf1_list = [transfer]
2106 ctx = samba.dcerpc.dcerpc.ctx_list()
2107 ctx.context_id = 1
2108 ctx.num_transfer_syntaxes = len(tsf1_list)
2109 ctx.abstract_syntax = abstract
2110 ctx.transfer_syntaxes = tsf1_list
2111
2112 auth_context1 = self.get_auth_context_creds(creds=creds,
2113 auth_type=auth_type,
2114 auth_level=auth_level1,
2115 auth_context_id=auth_context_id1,
2116 hdr_signing=False)
2117 auth_context2 = self.get_auth_context_creds(creds=creds,
2118 auth_type=auth_type,
2119 auth_level=auth_level2,
2120 auth_context_id=auth_context_id2,
2121 hdr_signing=False)
2122
2123 bind_pfc_flags = dcerpc.DCERPC_PFC_FLAG_FIRST | dcerpc.DCERPC_PFC_FLAG_LAST
2124 if conc_mpx:
2125 bind_pfc_flags |= dcerpc.DCERPC_PFC_FLAG_CONC_MPX
2126
2127 ack0 = self.do_generic_bind(call_id=0,
2128 ctx=ctx,
2129 pfc_flags=bind_pfc_flags)
2130
2131 ack1 = self.do_generic_bind(call_id=1,
2132 ctx=ctx,
2133 auth_context=auth_context1,
2134 assoc_group_id = ack0.u.assoc_group_id,
2135 start_with_alter=True)
2136 if auth_context_2nd == 2:
2137 ack2 = self.do_generic_bind(call_id=2,
2138 ctx=ctx,
2139 auth_context=auth_context2,
2140 assoc_group_id = ack0.u.assoc_group_id,
2141 start_with_alter=True)
2142
2143 ndr_print = self.do_ndr_print
2144 hexdump = self.do_hexdump
2145 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
2146 io = inq_if_ids
2147 if ndr_print:
2148 sys.stderr.write("in: %s" % samba.ndr.ndr_print_in(io))
2149 stub_in = samba.ndr.ndr_pack_in(io)
2150 stub_in += b'\xfe'*45 # add some padding in order to have some payload
2151 if hexdump:
2152 sys.stderr.write("stub_in: %d\n%s" % (len(stub_in), self.hexdump(stub_in)))
2153
2154 call_id = 3
2155 context_id = ctx.context_id
2156 opnum = io.opnum()
2157
2158 if not skip_first:
2159 pfc_flags = samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST
2160 stub_in_tmp = stub_in[0:16]
2161 req = self.generate_request_auth(call_id=call_id,
2162 context_id=context_id,
2163 pfc_flags=pfc_flags,
2164 opnum=opnum,
2165 alloc_hint=len(stub_in),
2166 stub=stub_in_tmp,
2167 auth_context=auth_context1)
2168 self.send_pdu(req, ndr_print=ndr_print, hexdump=hexdump)
2169 rep = self.recv_pdu(timeout=0.01)
2170 self.assertIsNone(rep)
2171 self.assertIsConnected()
2172
2173 # context_id, opnum and auth header values are completely ignored
2174 if auth_context_2nd == 1:
2175 auth_context_copy = auth_context1.copy()
2176 elif auth_context_2nd == 2:
2177 auth_context_copy = auth_context2.copy()
2178 else:
2179 auth_context_copy = None
2180
2181 expected_pfc_flags = dcerpc.DCERPC_PFC_FLAG_FIRST | dcerpc.DCERPC_PFC_FLAG_LAST
2182 if expected_context_id is None:
2183 expected_context_id = context_id
2184 if expected_call_id is None:
2185 expected_call_id = call_id
2186 if not_executed:
2187 expected_pfc_flags |= dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
2188
2189 if forced_call_id is not None:
2190 call_id = forced_call_id
2191 if forced_context_id is not None:
2192 context_id = forced_context_id
2193 if forced_opnum is not None:
2194 opnum = forced_opnum
2195 if forced_auth_context_id is not None:
2196 auth_context_copy["auth_context_id"] = forced_auth_context_id
2197 if forced_auth_type is not None:
2198 auth_context_copy["auth_type"] = forced_auth_type
2199 if forced_auth_level is not None:
2200 auth_context_copy["auth_level"] = forced_auth_level
2201
2202 pfc_flags = samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST
2203 stub_in_tmp = stub_in[16:-1]
2204 req = self.generate_request_auth(call_id=call_id,
2205 context_id=context_id,
2206 pfc_flags=pfc_flags_2nd,
2207 opnum=opnum,
2208 alloc_hint=len(stub_in_tmp),
2209 stub=stub_in_tmp,
2210 auth_context=auth_context_copy)
2211 self.send_pdu(req, ndr_print=ndr_print, hexdump=hexdump)
2212 if expected_fault is None:
2213 self.do_single_request(call_id=3, ctx=ctx, io=io, send_req=False, auth_context=auth_context1)
2214 return
2215 rep = self.recv_pdu()
2216 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, expected_call_id,
2217 pfc_flags=expected_pfc_flags,
2218 auth_length=0)
2219 self.assertNotEqual(rep.u.alloc_hint, 0)
2220 self.assertEqual(rep.u.context_id, expected_context_id)
2221 self.assertEqual(rep.u.cancel_count, 0)
2222 self.assertEqual(rep.u.flags, 0)
2223 self.assertEqual(rep.u.status, expected_fault)
2224 self.assertEqual(rep.u.reserved, 0)
2225 self.assertEqual(len(rep.u.error_and_verifier), 0)
2226
2227 if not_executed:
2228 # still alive
2229 rep = self.recv_pdu(timeout=0.01)
2230 self.assertIsNone(rep)
2231 self.assertIsConnected()
2232 return
2233
2234 # wait for a disconnect
2235 rep = self.recv_pdu()
2236 self.assertIsNone(rep)
2237 self.assertNotConnected()
2238
2239 def _test_generic_auth_first_last(self,
2240 auth_type,
2241 expected_fault,
2242 auth_context_2nd=2,
2243 expected_call_id=None,
2244 expected_context_id=None,
2245 conc_mpx=False,
2246 not_executed=False,
2247 forced_call_id=None,
2248 forced_context_id=None,
2249 forced_opnum=None,
2250 forced_auth_context_id=None,
2251 forced_auth_type=None,
2252 forced_auth_level=None):
2253 pfc_flags_2nd = samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_LAST
2254 return self._test_generic_auth_first_2nd(auth_type,
2255 pfc_flags_2nd,
2256 expected_fault,
2257 auth_context_2nd=auth_context_2nd,
2258 expected_call_id=expected_call_id,
2259 expected_context_id=expected_context_id,
2260 not_executed=not_executed,
2261 conc_mpx=conc_mpx,
2262 forced_call_id=forced_call_id,
2263 forced_context_id=forced_context_id,
2264 forced_opnum=forced_opnum,
2265 forced_auth_context_id=forced_auth_context_id,
2266 forced_auth_type=forced_auth_type,
2267 forced_auth_level=forced_auth_level)
2268
2269 def _test_generic_auth_first_first(self,
2270 auth_type,
2271 expected_fault,
2272 auth_context_2nd=2,
2273 expected_call_id=None,
2274 expected_context_id=None,
2275 conc_mpx=False,
2276 not_executed=False,
2277 forced_call_id=None,
2278 forced_context_id=None,
2279 forced_opnum=None,
2280 forced_auth_context_id=None,
2281 forced_auth_type=None,
2282 forced_auth_level=None):
2283 pfc_flags_2nd = samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST
2284 return self._test_generic_auth_first_2nd(auth_type,
2285 pfc_flags_2nd,
2286 expected_fault,
2287 auth_context_2nd=auth_context_2nd,
2288 expected_call_id=expected_call_id,
2289 expected_context_id=expected_context_id,
2290 not_executed=not_executed,
2291 conc_mpx=conc_mpx,
2292 forced_call_id=forced_call_id,
2293 forced_context_id=forced_context_id,
2294 forced_opnum=forced_opnum,
2295 forced_auth_context_id=forced_auth_context_id,
2296 forced_auth_type=forced_auth_type,
2297 forced_auth_level=forced_auth_level)
2298
2299 def test_ntlmssp_multi_auth_first1_firstSame2(self):
2300 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2301 expected_fault = dcerpc.DCERPC_FAULT_SEC_PKG_ERROR
2302 auth_context_2nd = 2
2303 expected_call_id = None
2304 expected_context_id = None
2305 not_executed = False
2306 conc_mpx = False
2307 forced_call_id = None
2308 forced_context_id = None
2309 forced_opnum = None
2310 forced_auth_context_id = None
2311 forced_auth_type = None
2312 forced_auth_level = None
2313 return self._test_generic_auth_first_first(auth_type,
2314 expected_fault,
2315 auth_context_2nd=auth_context_2nd,
2316 expected_call_id=expected_call_id,
2317 expected_context_id=expected_context_id,
2318 not_executed=not_executed,
2319 conc_mpx=conc_mpx,
2320 forced_call_id=forced_call_id,
2321 forced_context_id=forced_context_id,
2322 forced_opnum=forced_opnum,
2323 forced_auth_context_id=forced_auth_context_id,
2324 forced_auth_type=forced_auth_type,
2325 forced_auth_level=forced_auth_level)
2326
2327 def test_ntlmssp_multi_auth_first1_firstNext2(self):
2328 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2329 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2330 auth_context_2nd = 2
2331 expected_call_id = 3
2332 expected_context_id = None
2333 not_executed = False
2334 conc_mpx = False
2335 forced_call_id = 4
2336 forced_context_id = None
2337 forced_opnum = None
2338 forced_auth_context_id = None
2339 forced_auth_type = None
2340 forced_auth_level = None
2341 return self._test_generic_auth_first_first(auth_type,
2342 expected_fault,
2343 auth_context_2nd=auth_context_2nd,
2344 expected_call_id=expected_call_id,
2345 expected_context_id=expected_context_id,
2346 not_executed=not_executed,
2347 conc_mpx=conc_mpx,
2348 forced_call_id=forced_call_id,
2349 forced_context_id=forced_context_id,
2350 forced_opnum=forced_opnum,
2351 forced_auth_context_id=forced_auth_context_id,
2352 forced_auth_type=forced_auth_type,
2353 forced_auth_level=forced_auth_level)
2354
2355 def test_ntlmssp_multi_auth_first1_firstSame111(self):
2356 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2357 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2358 auth_context_2nd = 1
2359 expected_call_id = None
2360 expected_context_id = None
2361 not_executed = False
2362 conc_mpx = False
2363 forced_call_id = None
2364 forced_context_id = 111
2365 forced_opnum = 111
2366 forced_auth_context_id = 111
2367 forced_auth_type = 111
2368 forced_auth_level = 111
2369 return self._test_generic_auth_first_first(auth_type,
2370 expected_fault,
2371 auth_context_2nd=auth_context_2nd,
2372 expected_call_id=expected_call_id,
2373 expected_context_id=expected_context_id,
2374 not_executed=not_executed,
2375 conc_mpx=conc_mpx,
2376 forced_call_id=forced_call_id,
2377 forced_context_id=forced_context_id,
2378 forced_opnum=forced_opnum,
2379 forced_auth_context_id=forced_auth_context_id,
2380 forced_auth_type=forced_auth_type,
2381 forced_auth_level=forced_auth_level)
2382
2383 def test_ntlmssp_multi_auth_MPX_first1_firstSame111(self):
2384 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2385 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2386 auth_context_2nd = 1
2387 expected_call_id = None
2388 expected_context_id = None
2389 not_executed = False
2390 conc_mpx = True
2391 forced_call_id = None
2392 forced_context_id = 111
2393 forced_opnum = 111
2394 forced_auth_context_id = 111
2395 forced_auth_type = 111
2396 forced_auth_level = 111
2397 return self._test_generic_auth_first_first(auth_type,
2398 expected_fault,
2399 auth_context_2nd=auth_context_2nd,
2400 expected_call_id=expected_call_id,
2401 expected_context_id=expected_context_id,
2402 not_executed=not_executed,
2403 conc_mpx=conc_mpx,
2404 forced_call_id=forced_call_id,
2405 forced_context_id=forced_context_id,
2406 forced_opnum=forced_opnum,
2407 forced_auth_context_id=forced_auth_context_id,
2408 forced_auth_type=forced_auth_type,
2409 forced_auth_level=forced_auth_level)
2410
2411 def test_ntlmssp_multi_auth_first1_firstNext111(self):
2412 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2413 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2414 auth_context_2nd = 1
2415 expected_call_id = 3
2416 expected_context_id = None
2417 not_executed = False
2418 conc_mpx = False
2419 forced_call_id = 4
2420 forced_context_id = 111
2421 forced_opnum = 111
2422 forced_auth_context_id = 111
2423 forced_auth_type = 111
2424 forced_auth_level = 111
2425 return self._test_generic_auth_first_first(auth_type,
2426 expected_fault,
2427 auth_context_2nd=auth_context_2nd,
2428 expected_call_id=expected_call_id,
2429 expected_context_id=expected_context_id,
2430 not_executed=not_executed,
2431 conc_mpx=conc_mpx,
2432 forced_call_id=forced_call_id,
2433 forced_context_id=forced_context_id,
2434 forced_opnum=forced_opnum,
2435 forced_auth_context_id=forced_auth_context_id,
2436 forced_auth_type=forced_auth_type,
2437 forced_auth_level=forced_auth_level)
2438
2439 def test_ntlmssp_multi_auth_MPX_first1_firstNext111(self):
2440 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2441 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2442 auth_context_2nd = 1
2443 expected_call_id = 4
2444 expected_context_id = 0
2445 not_executed = False
2446 conc_mpx = True
2447 forced_call_id = 4
2448 forced_context_id = 111
2449 forced_opnum = 111
2450 forced_auth_context_id = 111
2451 forced_auth_type = 111
2452 forced_auth_level = 111
2453 return self._test_generic_auth_first_first(auth_type,
2454 expected_fault,
2455 auth_context_2nd=auth_context_2nd,
2456 expected_call_id=expected_call_id,
2457 expected_context_id=expected_context_id,
2458 not_executed=not_executed,
2459 conc_mpx=conc_mpx,
2460 forced_call_id=forced_call_id,
2461 forced_context_id=forced_context_id,
2462 forced_opnum=forced_opnum,
2463 forced_auth_context_id=forced_auth_context_id,
2464 forced_auth_type=forced_auth_type,
2465 forced_auth_level=forced_auth_level)
2466
2467 def test_ntlmssp_multi_auth_first1_firstSameNone(self):
2468 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2469 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2470 auth_context_2nd = None
2471 expected_call_id = None
2472 expected_context_id = None
2473 not_executed = False
2474 conc_mpx = False
2475 forced_call_id = None
2476 forced_context_id = None
2477 forced_opnum = None
2478 forced_auth_context_id = None
2479 forced_auth_type = None
2480 forced_auth_level = None
2481 return self._test_generic_auth_first_first(auth_type,
2482 expected_fault,
2483 auth_context_2nd=auth_context_2nd,
2484 expected_call_id=expected_call_id,
2485 expected_context_id=expected_context_id,
2486 not_executed=not_executed,
2487 conc_mpx=conc_mpx,
2488 forced_call_id=forced_call_id,
2489 forced_context_id=forced_context_id,
2490 forced_opnum=forced_opnum,
2491 forced_auth_context_id=forced_auth_context_id,
2492 forced_auth_type=forced_auth_type,
2493 forced_auth_level=forced_auth_level)
2494
2495 def test_ntlmssp_multi_auth_MPX_first1_firstSameNone(self):
2496 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2497 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2498 auth_context_2nd = None
2499 expected_call_id = None
2500 expected_context_id = None
2501 not_executed = False
2502 conc_mpx = True
2503 forced_call_id = None
2504 forced_context_id = None
2505 forced_opnum = None
2506 forced_auth_context_id = None
2507 forced_auth_type = None
2508 forced_auth_level = None
2509 return self._test_generic_auth_first_first(auth_type,
2510 expected_fault,
2511 auth_context_2nd=auth_context_2nd,
2512 expected_call_id=expected_call_id,
2513 expected_context_id=expected_context_id,
2514 not_executed=not_executed,
2515 conc_mpx=conc_mpx,
2516 forced_call_id=forced_call_id,
2517 forced_context_id=forced_context_id,
2518 forced_opnum=forced_opnum,
2519 forced_auth_context_id=forced_auth_context_id,
2520 forced_auth_type=forced_auth_type,
2521 forced_auth_level=forced_auth_level)
2522
2523 def test_ntlmssp_multi_auth_first1_firstNextNone(self):
2524 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2525 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2526 auth_context_2nd = None
2527 expected_call_id = None
2528 expected_context_id = None
2529 not_executed = False
2530 conc_mpx = False
2531 forced_call_id = 4
2532 forced_context_id = None
2533 forced_opnum = None
2534 forced_auth_context_id = None
2535 forced_auth_type = None
2536 forced_auth_level = None
2537 return self._test_generic_auth_first_first(auth_type,
2538 expected_fault,
2539 auth_context_2nd=auth_context_2nd,
2540 expected_call_id=expected_call_id,
2541 expected_context_id=expected_context_id,
2542 not_executed=not_executed,
2543 conc_mpx=conc_mpx,
2544 forced_call_id=forced_call_id,
2545 forced_context_id=forced_context_id,
2546 forced_opnum=forced_opnum,
2547 forced_auth_context_id=forced_auth_context_id,
2548 forced_auth_type=forced_auth_type,
2549 forced_auth_level=forced_auth_level)
2550
2551 def test_ntlmssp_multi_auth_MPX_first1_firstNextNone(self):
2552 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2553 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2554 auth_context_2nd = None
2555 expected_call_id = 4
2556 expected_context_id = 0
2557 not_executed = False
2558 conc_mpx = True
2559 forced_call_id = 4
2560 forced_context_id = None
2561 forced_opnum = None
2562 forced_auth_context_id = None
2563 forced_auth_type = None
2564 forced_auth_level = None
2565 return self._test_generic_auth_first_first(auth_type,
2566 expected_fault,
2567 auth_context_2nd=auth_context_2nd,
2568 expected_call_id=expected_call_id,
2569 expected_context_id=expected_context_id,
2570 not_executed=not_executed,
2571 conc_mpx=conc_mpx,
2572 forced_call_id=forced_call_id,
2573 forced_context_id=forced_context_id,
2574 forced_opnum=forced_opnum,
2575 forced_auth_context_id=forced_auth_context_id,
2576 forced_auth_type=forced_auth_type,
2577 forced_auth_level=forced_auth_level)
2578
2579 def test_ntlmssp_multi_auth_first1_firstSameNone111(self):
2580 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2581 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2582 auth_context_2nd = None
2583 expected_call_id = None
2584 expected_context_id = None
2585 not_executed = False
2586 conc_mpx = False
2587 forced_call_id = None
2588 forced_context_id = 111
2589 forced_opnum = 111
2590 forced_auth_context_id = None
2591 forced_auth_type = None
2592 forced_auth_level = None
2593 return self._test_generic_auth_first_first(auth_type,
2594 expected_fault,
2595 auth_context_2nd=auth_context_2nd,
2596 expected_call_id=expected_call_id,
2597 expected_context_id=expected_context_id,
2598 not_executed=not_executed,
2599 conc_mpx=conc_mpx,
2600 forced_call_id=forced_call_id,
2601 forced_context_id=forced_context_id,
2602 forced_opnum=forced_opnum,
2603 forced_auth_context_id=forced_auth_context_id,
2604 forced_auth_type=forced_auth_type,
2605 forced_auth_level=forced_auth_level)
2606
2607 def test_ntlmssp_multi_auth_MPX_first1_firstSameNone111(self):
2608 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2609 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2610 auth_context_2nd = None
2611 expected_call_id = None
2612 expected_context_id = None
2613 not_executed = False
2614 conc_mpx = True
2615 forced_call_id = None
2616 forced_context_id = 111
2617 forced_opnum = 111
2618 forced_auth_context_id = None
2619 forced_auth_type = None
2620 forced_auth_level = None
2621 return self._test_generic_auth_first_first(auth_type,
2622 expected_fault,
2623 auth_context_2nd=auth_context_2nd,
2624 expected_call_id=expected_call_id,
2625 expected_context_id=expected_context_id,
2626 not_executed=not_executed,
2627 conc_mpx=conc_mpx,
2628 forced_call_id=forced_call_id,
2629 forced_context_id=forced_context_id,
2630 forced_opnum=forced_opnum,
2631 forced_auth_context_id=forced_auth_context_id,
2632 forced_auth_type=forced_auth_type,
2633 forced_auth_level=forced_auth_level)
2634
2635 def test_ntlmssp_multi_auth_first1_firstNextNone111(self):
2636 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2637 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2638 auth_context_2nd = None
2639 expected_call_id = None
2640 expected_context_id = None
2641 not_executed = False
2642 conc_mpx = False
2643 forced_call_id = 4
2644 forced_context_id = 111
2645 forced_opnum = 111
2646 forced_auth_context_id = None
2647 forced_auth_type = None
2648 forced_auth_level = None
2649 return self._test_generic_auth_first_first(auth_type,
2650 expected_fault,
2651 auth_context_2nd=auth_context_2nd,
2652 expected_call_id=expected_call_id,
2653 expected_context_id=expected_context_id,
2654 not_executed=not_executed,
2655 conc_mpx=conc_mpx,
2656 forced_call_id=forced_call_id,
2657 forced_context_id=forced_context_id,
2658 forced_opnum=forced_opnum,
2659 forced_auth_context_id=forced_auth_context_id,
2660 forced_auth_type=forced_auth_type,
2661 forced_auth_level=forced_auth_level)
2662
2663 def test_ntlmssp_multi_auth_MPX_first1_firstNextNone111(self):
2664 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2665 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2666 auth_context_2nd = None
2667 expected_call_id = 4
2668 expected_context_id = 0
2669 not_executed = False
2670 conc_mpx = True
2671 forced_call_id = 4
2672 forced_context_id = 111
2673 forced_opnum = 111
2674 forced_auth_context_id = None
2675 forced_auth_type = None
2676 forced_auth_level = None
2677 return self._test_generic_auth_first_first(auth_type,
2678 expected_fault,
2679 auth_context_2nd=auth_context_2nd,
2680 expected_call_id=expected_call_id,
2681 expected_context_id=expected_context_id,
2682 not_executed=not_executed,
2683 conc_mpx=conc_mpx,
2684 forced_call_id=forced_call_id,
2685 forced_context_id=forced_context_id,
2686 forced_opnum=forced_opnum,
2687 forced_auth_context_id=forced_auth_context_id,
2688 forced_auth_type=forced_auth_type,
2689 forced_auth_level=forced_auth_level)
2690
2691 def _test_generic_auth_middle(self,
2692 auth_type,
2693 expected_fault,
2694 expected_context_id=None,
2695 not_executed=False,
2696 conc_mpx=False,
2697 forced_context_id=None,
2698 forced_opnum=None,
2699 forced_auth_context_id=None,
2700 forced_auth_type=None,
2701 forced_auth_level=None):
2702 auth_context_2nd = 1
2703 skip_first = True
2704 pfc_flags_2nd = 0
2705 expected_call_id = None
2706 forced_call_id = None
2707 return self._test_generic_auth_first_2nd(auth_type,
2708 pfc_flags_2nd,
2709 expected_fault,
2710 auth_context_2nd=auth_context_2nd,
2711 skip_first=skip_first,
2712 expected_call_id=expected_call_id,
2713 expected_context_id=expected_context_id,
2714 not_executed=not_executed,
2715 conc_mpx=conc_mpx,
2716 forced_call_id=forced_call_id,
2717 forced_context_id=forced_context_id,
2718 forced_opnum=forced_opnum,
2719 forced_auth_context_id=forced_auth_context_id,
2720 forced_auth_type=forced_auth_type,
2721 forced_auth_level=forced_auth_level)
2722
2723 def test_ntlmssp_auth_middle_alone(self):
2724 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2725 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2726 expected_context_id = 0
2727 not_executed = False
2728 conc_mpx = False
2729 forced_context_id = None
2730 forced_opnum = None
2731 forced_auth_context_id = None
2732 forced_auth_type = None
2733 forced_auth_level = None
2734 return self._test_generic_auth_middle(auth_type,
2735 expected_fault,
2736 expected_context_id=expected_context_id,
2737 not_executed=not_executed,
2738 conc_mpx=conc_mpx,
2739 forced_context_id=forced_context_id,
2740 forced_opnum=forced_opnum,
2741 forced_auth_context_id=forced_auth_context_id,
2742 forced_auth_type=forced_auth_type,
2743 forced_auth_level=forced_auth_level)
2744
2745 def test_ntlmssp_auth_MPX_middle_alone(self):
2746 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2747 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2748 expected_context_id = None
2749 not_executed = False
2750 conc_mpx = True
2751 forced_context_id = None
2752 forced_opnum = None
2753 forced_auth_context_id = None
2754 forced_auth_type = None
2755 forced_auth_level = None
2756 return self._test_generic_auth_middle(auth_type,
2757 expected_fault,
2758 expected_context_id=expected_context_id,
2759 not_executed=not_executed,
2760 conc_mpx=conc_mpx,
2761 forced_context_id=forced_context_id,
2762 forced_opnum=forced_opnum,
2763 forced_auth_context_id=forced_auth_context_id,
2764 forced_auth_type=forced_auth_type,
2765 forced_auth_level=forced_auth_level)
2766
2767 def test_ntlmssp_auth_middle_all_111(self):
2768 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2769 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2770 expected_context_id = 0
2771 not_executed = False
2772 conc_mpx = False
2773 forced_context_id = 111
2774 forced_opnum = 111
2775 forced_auth_context_id = 111
2776 forced_auth_type = 111
2777 forced_auth_level = 111
2778 return self._test_generic_auth_middle(auth_type,
2779 expected_fault,
2780 expected_context_id=expected_context_id,
2781 not_executed=not_executed,
2782 conc_mpx=conc_mpx,
2783 forced_context_id=forced_context_id,
2784 forced_opnum=forced_opnum,
2785 forced_auth_context_id=forced_auth_context_id,
2786 forced_auth_type=forced_auth_type,
2787 forced_auth_level=forced_auth_level)
2788
2789 def test_ntlmssp_auth_MPX_middle_all_111(self):
2790 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2791 expected_fault = dcerpc.DCERPC_NCA_S_UNKNOWN_IF
2792 expected_context_id = 0
2793 not_executed = True
2794 conc_mpx = True
2795 forced_context_id = 111
2796 forced_opnum = 111
2797 forced_auth_context_id = 111
2798 forced_auth_type = 111
2799 forced_auth_level = 111
2800 return self._test_generic_auth_middle(auth_type,
2801 expected_fault,
2802 expected_context_id=expected_context_id,
2803 not_executed=not_executed,
2804 conc_mpx=conc_mpx,
2805 forced_context_id=forced_context_id,
2806 forced_opnum=forced_opnum,
2807 forced_auth_context_id=forced_auth_context_id,
2808 forced_auth_type=forced_auth_type,
2809 forced_auth_level=forced_auth_level)
2810
2811 def test_ntlmssp_auth_middle_auth_all_111(self):
2812 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2813 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2814 expected_context_id = 0
2815 not_executed = False
2816 conc_mpx = False
2817 forced_context_id = None
2818 forced_opnum = 111
2819 forced_auth_context_id = 111
2820 forced_auth_type = 111
2821 forced_auth_level = 111
2822 return self._test_generic_auth_middle(auth_type,
2823 expected_fault,
2824 expected_context_id=expected_context_id,
2825 not_executed=not_executed,
2826 conc_mpx=conc_mpx,
2827 forced_context_id=forced_context_id,
2828 forced_opnum=forced_opnum,
2829 forced_auth_context_id=forced_auth_context_id,
2830 forced_auth_type=forced_auth_type,
2831 forced_auth_level=forced_auth_level)
2832
2833 def test_ntlmssp_auth_MPX_middle_auth_all_111(self):
2834 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2835 expected_fault = dcerpc.DCERPC_FAULT_ACCESS_DENIED
2836 expected_context_id = None
2837 not_executed = False
2838 conc_mpx = True
2839 forced_context_id = None
2840 forced_opnum = 111
2841 forced_auth_context_id = 111
2842 forced_auth_type = 111
2843 forced_auth_level = 111
2844 return self._test_generic_auth_middle(auth_type,
2845 expected_fault,
2846 expected_context_id=expected_context_id,
2847 not_executed=not_executed,
2848 conc_mpx=conc_mpx,
2849 forced_context_id=forced_context_id,
2850 forced_opnum=forced_opnum,
2851 forced_auth_context_id=forced_auth_context_id,
2852 forced_auth_type=forced_auth_type,
2853 forced_auth_level=forced_auth_level)
2854
2855 def test_ntlmssp_auth_middle_auth_context_111(self):
2856 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2857 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2858 expected_context_id = 0
2859 not_executed = False
2860 conc_mpx = False
2861 forced_context_id = None
2862 forced_opnum = None
2863 forced_auth_context_id = 111
2864 forced_auth_type = None
2865 forced_auth_level = None
2866 return self._test_generic_auth_middle(auth_type,
2867 expected_fault,
2868 expected_context_id=expected_context_id,
2869 not_executed=not_executed,
2870 conc_mpx=conc_mpx,
2871 forced_context_id=forced_context_id,
2872 forced_opnum=forced_opnum,
2873 forced_auth_context_id=forced_auth_context_id,
2874 forced_auth_type=forced_auth_type,
2875 forced_auth_level=forced_auth_level)
2876
2877 def test_ntlmssp_auth_MPX_middle_auth_context_111(self):
2878 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2879 expected_fault = dcerpc.DCERPC_FAULT_ACCESS_DENIED
2880 expected_context_id = None
2881 not_executed = False
2882 conc_mpx = True
2883 forced_context_id = None
2884 forced_opnum = None
2885 forced_auth_context_id = 111
2886 forced_auth_type = None
2887 forced_auth_level = None
2888 return self._test_generic_auth_middle(auth_type,
2889 expected_fault,
2890 expected_context_id=expected_context_id,
2891 not_executed=not_executed,
2892 conc_mpx=conc_mpx,
2893 forced_context_id=forced_context_id,
2894 forced_opnum=forced_opnum,
2895 forced_auth_context_id=forced_auth_context_id,
2896 forced_auth_type=forced_auth_type,
2897 forced_auth_level=forced_auth_level)
2898
2899 def test_ntlmssp_auth_middle_auth_type_111(self):
2900 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2901 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2902 expected_context_id = 0
2903 not_executed = False
2904 conc_mpx = False
2905 forced_context_id = None
2906 forced_opnum = None
2907 forced_auth_context_id = None
2908 forced_auth_type = 111
2909 forced_auth_level = None
2910 return self._test_generic_auth_middle(auth_type,
2911 expected_fault,
2912 expected_context_id=expected_context_id,
2913 not_executed=not_executed,
2914 conc_mpx=conc_mpx,
2915 forced_context_id=forced_context_id,
2916 forced_opnum=forced_opnum,
2917 forced_auth_context_id=forced_auth_context_id,
2918 forced_auth_type=forced_auth_type,
2919 forced_auth_level=forced_auth_level)
2920
2921 def test_ntlmssp_auth_MPX_middle_auth_type_111(self):
2922 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2923 expected_fault = dcerpc.DCERPC_FAULT_ACCESS_DENIED
2924 expected_context_id = None
2925 not_executed = False
2926 conc_mpx = True
2927 forced_context_id = None
2928 forced_opnum = None
2929 forced_auth_context_id = None
2930 forced_auth_type = 111
2931 forced_auth_level = None
2932 return self._test_generic_auth_middle(auth_type,
2933 expected_fault,
2934 expected_context_id=expected_context_id,
2935 not_executed=not_executed,
2936 conc_mpx=conc_mpx,
2937 forced_context_id=forced_context_id,
2938 forced_opnum=forced_opnum,
2939 forced_auth_context_id=forced_auth_context_id,
2940 forced_auth_type=forced_auth_type,
2941 forced_auth_level=forced_auth_level)
2942
2943 def test_ntlmssp_auth_middle_auth_level_111(self):
2944 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2945 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
2946 expected_context_id = 0
2947 not_executed = False
2948 conc_mpx = False
2949 forced_context_id = None
2950 forced_opnum = None
2951 forced_auth_context_id = None
2952 forced_auth_type = None
2953 forced_auth_level = 111
2954 return self._test_generic_auth_middle(auth_type,
2955 expected_fault,
2956 expected_context_id=expected_context_id,
2957 not_executed=not_executed,
2958 conc_mpx=conc_mpx,
2959 forced_context_id=forced_context_id,
2960 forced_opnum=forced_opnum,
2961 forced_auth_context_id=forced_auth_context_id,
2962 forced_auth_type=forced_auth_type,
2963 forced_auth_level=forced_auth_level)
2964
2965 def test_ntlmssp_auth_MPX_middle_auth_level_111(self):
2966 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
2967 expected_fault = dcerpc.DCERPC_FAULT_ACCESS_DENIED
2968 expected_context_id = None
2969 not_executed = False
2970 conc_mpx = True
2971 forced_context_id = None
2972 forced_opnum = None
2973 forced_auth_context_id = None
2974 forced_auth_type = None
2975 forced_auth_level = 111
2976 return self._test_generic_auth_middle(auth_type,
2977 expected_fault,
2978 expected_context_id=expected_context_id,
2979 not_executed=not_executed,
2980 conc_mpx=conc_mpx,
2981 forced_context_id=forced_context_id,
2982 forced_opnum=forced_opnum,
2983 forced_auth_context_id=forced_auth_context_id,
2984 forced_auth_type=forced_auth_type,
2985 forced_auth_level=forced_auth_level)
2986
2987 def _test_neg_xmit_check_values(self,
2988 req_xmit=None,
2989 req_recv=None,
2990 rep_both=None,
2991 transport_both=5840,
2992 alter_xmit=None,
2993 alter_recv=None):
2994 ndr32 = base.transfer_syntax_ndr()
2995
2996 tsf1_list = [ndr32]
2997 ctx1 = dcerpc.ctx_list()
2998 ctx1.context_id = 1
2999 ctx1.num_transfer_syntaxes = len(tsf1_list)
3000 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
3001 ctx1.transfer_syntaxes = tsf1_list
3002
3003 req = self.generate_bind(call_id=0,
3004 max_xmit_frag=req_xmit,
3005 max_recv_frag=req_recv,
3006 ctx_list=[ctx1])
3007 self.send_pdu(req)
3008 rep = self.recv_pdu()
3009 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
3010 auth_length=0)
3011 self.assertEqual(rep.u.max_xmit_frag, rep_both)
3012 self.assertEqual(rep.u.max_recv_frag, rep_both)
3013 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
3014 sda_str = self.secondary_address
3015 sda_len = len(sda_str) + 1
3016 mod_len = (2 + sda_len) % 4
3017 if mod_len != 0:
3018 sda_pad = 4 - mod_len
3019 else:
3020 sda_pad = 0
3021 self.assertEqual(rep.u.secondary_address_size, sda_len)
3022 self.assertEqual(rep.u.secondary_address, sda_str)
3023 self.assertPadding(rep.u._pad1, sda_pad)
3024 self.assertEqual(rep.u.num_results, 1)
3025 self.assertEqual(rep.u.ctx_list[0].result,
3026 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
3027 self.assertEqual(rep.u.ctx_list[0].reason,
3028 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
3029 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
3030 self.assertEqual(rep.u.auth_info, b'\0' * 0)
3031
3032 assoc_group_id = rep.u.assoc_group_id
3033 if alter_xmit is None:
3034 alter_xmit = rep_both - 8
3035 if alter_recv is None:
3036 alter_recv = rep_both - 8
3037
3038 # max_{xmit,recv}_frag and assoc_group_id are completely
3039 # ignored in alter_context requests
3040 req = self.generate_alter(call_id=1,
3041 max_xmit_frag=alter_xmit,
3042 max_recv_frag=alter_recv,
3043 assoc_group_id=0xffffffff - rep.u.assoc_group_id,
3044 ctx_list=[ctx1])
3045 self.send_pdu(req)
3046 rep = self.recv_pdu()
3047 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
3048 auth_length=0)
3049 self.assertEqual(rep.u.max_xmit_frag, rep_both)
3050 self.assertEqual(rep.u.max_recv_frag, rep_both)
3051 self.assertEqual(rep.u.assoc_group_id, rep.u.assoc_group_id)
3052 self.assertEqual(rep.u.secondary_address_size, 0)
3053 self.assertPadding(rep.u._pad1, 2)
3054 self.assertEqual(rep.u.num_results, 1)
3055 self.assertEqual(rep.u.ctx_list[0].result,
3056 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
3057 self.assertEqual(rep.u.ctx_list[0].reason,
3058 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
3059 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
3060 self.assertEqual(rep.u.auth_info, b'\0' * 0)
3061
3062 chunk_size = rep_both - dcerpc.DCERPC_REQUEST_LENGTH
3063 req = self.generate_request(call_id=2,
3064 context_id=ctx1.context_id,
3065 opnum=0,
3066 alloc_hint=0xffffffff,
3067 stub=b"\00" * chunk_size)
3068 self.send_pdu(req, ndr_print=True, hexdump=True)
3069 rep = self.recv_pdu(ndr_print=True, hexdump=True)
3070 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3071 auth_length=0)
3072 self.assertNotEqual(rep.u.alloc_hint, 0)
3073 self.assertEqual(rep.u.context_id, req.u.context_id)
3074 self.assertEqual(rep.u.cancel_count, 0)
3075 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3076
3077 chunk_size = transport_both - dcerpc.DCERPC_REQUEST_LENGTH
3078 req = self.generate_request(call_id=2,
3079 context_id=ctx1.context_id,
3080 opnum=0,
3081 alloc_hint=0xffffffff,
3082 stub=b"\00" * chunk_size)
3083 self.send_pdu(req)
3084 rep = self.recv_pdu()
3085 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3086 auth_length=0)
3087 self.assertNotEqual(rep.u.alloc_hint, 0)
3088 self.assertEqual(rep.u.context_id, req.u.context_id)
3089 self.assertEqual(rep.u.cancel_count, 0)
3090 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3091
3092 chunk_size += 1
3093 req = self.generate_request(call_id=3,
3094 context_id=ctx1.context_id,
3095 opnum=0,
3096 alloc_hint=0xffffffff,
3097 stub=b"\00" * chunk_size)
3098 self.send_pdu(req)
3099 rep = self.recv_pdu()
3100 # We get a fault
3101 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
3102 auth_length=0)
3103 self.assertNotEqual(rep.u.alloc_hint, 0)
3104 self.assertEqual(rep.u.context_id, 0)
3105 self.assertEqual(rep.u.cancel_count, 0)
3106 self.assertEqual(rep.u.flags, 0)
3107 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
3108 self.assertEqual(rep.u.reserved, 0)
3109 self.assertEqual(len(rep.u.error_and_verifier), 0)
3110
3111 # wait for a disconnect
3112 rep = self.recv_pdu()
3113 self.assertIsNone(rep)
3114 self.assertNotConnected()
3115
3116 def test_neg_xmit_ffff_ffff_tcp(self):
3117 return self._test_neg_xmit_check_values(req_xmit=0xffff,
3118 req_recv=0xffff,
3119 rep_both=5840)
3120
3121 def test_neg_xmit_ffff_ffff_smb(self):
3122 transport_creds = self.get_anon_creds()
3123 self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
3124 secondary_address='\\pipe\\lsass',
3125 transport_creds=transport_creds)
3126 return self._test_neg_xmit_check_values(req_xmit=0xffff,
3127 req_recv=0xffff,
3128 rep_both=4280,
3129 transport_both=4280)
3130
3131 def test_neg_xmit_0_ffff(self):
3132 return self._test_neg_xmit_check_values(req_xmit=0,
3133 req_recv=0xffff,
3134 rep_both=2048,
3135 alter_xmit=0xffff,
3136 alter_recv=0xffff)
3137
3138 def test_neg_xmit_ffff_0(self):
3139 return self._test_neg_xmit_check_values(req_xmit=0xffff,
3140 req_recv=0,
3141 rep_both=2048)
3142
3143 def test_neg_xmit_0_0(self):
3144 return self._test_neg_xmit_check_values(req_xmit=0,
3145 req_recv=0,
3146 rep_both=2048,
3147 alter_xmit=0xffff,
3148 alter_recv=0xffff)
3149
3150 def test_neg_xmit_3199_0(self):
3151 return self._test_neg_xmit_check_values(req_xmit=3199,
3152 req_recv=0,
3153 rep_both=2048)
3154
3155 def test_neg_xmit_0_3199(self):
3156 return self._test_neg_xmit_check_values(req_xmit=0,
3157 req_recv=3199,
3158 rep_both=2048)
3159
3160 def test_neg_xmit_3199_ffff(self):
3161 return self._test_neg_xmit_check_values(req_xmit=3199,
3162 req_recv=0xffff,
3163 rep_both=3192)
3164
3165 def test_neg_xmit_ffff_3199(self):
3166 return self._test_neg_xmit_check_values(req_xmit=0xffff,
3167 req_recv=3199,
3168 rep_both=3192)
3169
3170 def test_alloc_hint(self):
3171 ndr32 = base.transfer_syntax_ndr()
3172
3173 tsf1_list = [ndr32]
3174 ctx = dcerpc.ctx_list()
3175 ctx.context_id = 0
3176 ctx.num_transfer_syntaxes = len(tsf1_list)
3177 ctx.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
3178 ctx.transfer_syntaxes = tsf1_list
3179
3180 req = self.generate_bind(call_id=0,
3181 ctx_list=[ctx])
3182 self.send_pdu(req)
3183 rep = self.recv_pdu()
3184 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
3185 auth_length=0)
3186 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
3187 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
3188 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
3189 self.assertEqual(rep.u.secondary_address_size, 4)
3190 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
3191 self.assertPadding(rep.u._pad1, 2)
3192 self.assertEqual(rep.u.num_results, 1)
3193 self.assertEqual(rep.u.ctx_list[0].result,
3194 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
3195 self.assertEqual(rep.u.ctx_list[0].reason,
3196 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
3197 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
3198 self.assertEqual(rep.u.auth_info, b'\0' * 0)
3199
3200 # And now try a request without auth_info
3201 req = self.generate_request(call_id=2,
3202 context_id=ctx.context_id,
3203 opnum=0,
3204 alloc_hint=0xffffffff,
3205 stub=b"")
3206 self.send_pdu(req)
3207 rep = self.recv_pdu()
3208 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3209 auth_length=0)
3210 self.assertNotEqual(rep.u.alloc_hint, 0)
3211 self.assertEqual(rep.u.context_id, req.u.context_id)
3212 self.assertEqual(rep.u.cancel_count, 0)
3213 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3214
3215 req = self.generate_request(call_id=3,
3216 context_id=ctx.context_id,
3217 opnum=1,
3218 alloc_hint=0xffffffff,
3219 stub=b"\04\00\00\00\00\00\00\00")
3220 self.send_pdu(req)
3221 rep = self.recv_pdu()
3222 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3223 auth_length=0)
3224 self.assertNotEqual(rep.u.alloc_hint, 0)
3225 self.assertEqual(rep.u.context_id, req.u.context_id)
3226 self.assertEqual(rep.u.cancel_count, 0)
3227 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3228
3229 req = self.generate_request(call_id=4,
3230 context_id=ctx.context_id,
3231 opnum=1,
3232 alloc_hint=1,
3233 stub=b"\04\00\00\00\00\00\00\00")
3234 self.send_pdu(req)
3235 rep = self.recv_pdu()
3236 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3237 auth_length=0)
3238 self.assertNotEqual(rep.u.alloc_hint, 0)
3239 self.assertEqual(rep.u.context_id, req.u.context_id)
3240 self.assertEqual(rep.u.cancel_count, 0)
3241 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3242
3243 def _get_netlogon_ctx(self):
3244 abstract = samba.dcerpc.netlogon.abstract_syntax()
3245 ndr32 = base.transfer_syntax_ndr()
3246
3247 (ctx, ack) = self.prepare_presentation(abstract, ndr32, context_id=0,
3248 epmap=True, return_ack=True)
3249
3250 server = '\\\\' + self.target_hostname
3251 if isinstance(server, bytes):
3252 server_utf16 = server.decode('utf-8').encode('utf-16-le')
3253 else:
3254 server_utf16 = server.encode('utf-16-le')
3255 computer = 'UNKNOWNCOMPUTER'
3256 if isinstance(server, bytes):
3257 computer_utf16 = computer.decode('utf-8').encode('utf-16-le')
3258 else:
3259 computer_utf16 = computer.encode('utf-16-le')
3260
3261 real_stub = struct.pack('<IIII', 0x00200000,
3262 len(server) + 1, 0, len(server) + 1)
3263 real_stub += server_utf16 + b'\x00\x00'
3264 mod_len = len(real_stub) % 4
3265 if mod_len != 0:
3266 real_stub += b'\x00' * (4 - mod_len)
3267 real_stub += struct.pack('<III',
3268 len(computer) + 1, 0, len(computer) + 1)
3269 real_stub += computer_utf16 + b'\x00\x00'
3270 real_stub += b'\x11\x22\x33\x44\x55\x66\x77\x88'
3271
3272 return (ctx, ack, real_stub)
3273
3274 def _test_fragmented_requests(self, remaining=None, alloc_hint=None,
3275 fault_first=None, fault_last=None):
3276 (ctx, rep, real_stub) = self._get_netlogon_ctx()
3277
3278 chunk = rep.u.max_recv_frag - dcerpc.DCERPC_REQUEST_LENGTH
3279
3280 total = 0
3281 first = True
3282 while remaining > 0:
3283 thistime = min(remaining, chunk)
3284 remaining -= thistime
3285 total += thistime
3286
3287 pfc_flags = 0
3288 if first:
3289 pfc_flags |= dcerpc.DCERPC_PFC_FLAG_FIRST
3290 first = False
3291 stub = real_stub + b'\x00' * (thistime - len(real_stub))
3292 else:
3293 stub = b"\x00" * thistime
3294
3295 if remaining == 0:
3296 pfc_flags |= dcerpc.DCERPC_PFC_FLAG_LAST
3297
3298 # And now try a request without auth_info
3299 # netr_ServerReqChallenge()
3300 req = self.generate_request(call_id=0x21234,
3301 pfc_flags=pfc_flags,
3302 context_id=ctx.context_id,
3303 opnum=4,
3304 alloc_hint=alloc_hint,
3305 stub=stub)
3306 if alloc_hint >= thistime:
3307 alloc_hint -= thistime
3308 else:
3309 alloc_hint = 0
3310 self.send_pdu(req, hexdump=False)
3311 if fault_first is not None:
3312 rep = self.recv_pdu()
3313 # We get a fault back
3314 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
3315 auth_length=0)
3316 self.assertNotEqual(rep.u.alloc_hint, 0)
3317 self.assertEqual(rep.u.context_id, req.u.context_id)
3318 self.assertEqual(rep.u.cancel_count, 0)
3319 self.assertEqual(rep.u.flags, 0)
3320 self.assertEqual(rep.u.status, fault_first)
3321 self.assertEqual(rep.u.reserved, 0)
3322 self.assertEqual(len(rep.u.error_and_verifier), 0)
3323
3324 # wait for a disconnect
3325 rep = self.recv_pdu()
3326 self.assertIsNone(rep)
3327 self.assertNotConnected()
3328 return
3329 if remaining == 0:
3330 break
3331 if total >= 0x400000 and fault_last is not None:
3332 rep = self.recv_pdu()
3333 # We get a fault back
3334 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
3335 auth_length=0)
3336 self.assertNotEqual(rep.u.alloc_hint, 0)
3337 self.assertEqual(rep.u.context_id, req.u.context_id)
3338 self.assertEqual(rep.u.cancel_count, 0)
3339 self.assertEqual(rep.u.flags, 0)
3340 self.assertEqual(rep.u.status, fault_last)
3341 self.assertEqual(rep.u.reserved, 0)
3342 self.assertEqual(len(rep.u.error_and_verifier), 0)
3343
3344 # wait for a disconnect
3345 rep = self.recv_pdu()
3346 self.assertIsNone(rep)
3347 self.assertNotConnected()
3348 return
3349 rep = self.recv_pdu(timeout=0.01)
3350 self.assertIsNone(rep)
3351 self.assertIsConnected()
3352
3353 if total >= 0x400000 and fault_last is not None:
3354 rep = self.recv_pdu()
3355 # We get a fault back
3356 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
3357 auth_length=0)
3358 self.assertNotEqual(rep.u.alloc_hint, 0)
3359 self.assertEqual(rep.u.context_id, req.u.context_id)
3360 self.assertEqual(rep.u.cancel_count, 0)
3361 self.assertEqual(rep.u.flags, 0)
3362 self.assertEqual(rep.u.status, fault_last)
3363 self.assertEqual(rep.u.reserved, 0)
3364 self.assertEqual(len(rep.u.error_and_verifier), 0)
3365
3366 # wait for a disconnect
3367 rep = self.recv_pdu()
3368 self.assertIsNone(rep)
3369 self.assertNotConnected()
3370 return
3371 rep = self.recv_pdu()
3372 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3373 auth_length=0)
3374 self.assertNotEqual(rep.u.alloc_hint, 0)
3375 self.assertEqual(rep.u.context_id, req.u.context_id)
3376 self.assertEqual(rep.u.cancel_count, 0)
3377 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3378
3379 self.assertEqual(len(rep.u.stub_and_verifier), 12)
3380 status = struct.unpack_from("<I", rep.u.stub_and_verifier, len(rep.u.stub_and_verifier) - 4)
3381 self.assertEqual(status[0], 0)
3382
3383 def test_fragmented_requests01(self):
3384 return self._test_fragmented_requests(remaining=0x400000,
3385 alloc_hint=0x400000)
3386
3387 def test_fragmented_requests02(self):
3388 return self._test_fragmented_requests(remaining=0x400000,
3389 alloc_hint=0x100000)
3390
3391 def test_fragmented_requests03(self):
3392 return self._test_fragmented_requests(remaining=0x400000,
3393 alloc_hint=0)
3394
3395 def test_fragmented_requests04(self):
3396 return self._test_fragmented_requests(remaining=0x400000,
3397 alloc_hint=0x400001,
3398 fault_first=dcerpc.DCERPC_FAULT_ACCESS_DENIED)
3399
3400 def test_fragmented_requests05(self):
3401 return self._test_fragmented_requests(remaining=0x500001,
3402 alloc_hint=0,
3403 fault_last=dcerpc.DCERPC_FAULT_ACCESS_DENIED)
3404
3405 def _test_same_requests(self, pfc_flags, fault_1st=False, fault_2nd=False):
3406 (ctx, rep, real_stub) = self._get_netlogon_ctx()
3407
3408 # netr_ServerReqChallenge with given flags
3409 req = self.generate_request(call_id=2,
3410 pfc_flags=pfc_flags,
3411 context_id=ctx.context_id,
3412 opnum=4,
3413 stub=real_stub)
3414 self.send_pdu(req)
3415 if fault_1st:
3416 rep = self.recv_pdu()
3417 # We get a fault back
3418 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
3419 auth_length=0)
3420 self.assertNotEqual(rep.u.alloc_hint, 0)
3421 self.assertEqual(rep.u.context_id, 0)
3422 self.assertEqual(rep.u.cancel_count, 0)
3423 self.assertEqual(rep.u.flags, 0)
3424 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
3425 self.assertEqual(rep.u.reserved, 0)
3426 self.assertEqual(len(rep.u.error_and_verifier), 0)
3427
3428 # wait for a disconnect
3429 rep = self.recv_pdu()
3430 self.assertIsNone(rep)
3431 self.assertNotConnected()
3432 return
3433 rep = self.recv_pdu(timeout=0.1)
3434 self.assertIsNone(rep)
3435 self.assertIsConnected()
3436
3437 # netr_ServerReqChallenge without DCERPC_PFC_FLAG_LAST
3438 # with the same call_id
3439 req = self.generate_request(call_id=2,
3440 pfc_flags=pfc_flags,
3441 context_id=ctx.context_id,
3442 opnum=4,
3443 stub=real_stub)
3444 self.send_pdu(req)
3445 if fault_2nd:
3446 rep = self.recv_pdu()
3447 # We get a fault back
3448 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
3449 auth_length=0)
3450 self.assertNotEqual(rep.u.alloc_hint, 0)
3451 self.assertEqual(rep.u.context_id, req.u.context_id)
3452 self.assertEqual(rep.u.cancel_count, 0)
3453 self.assertEqual(rep.u.flags, 0)
3454 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
3455 self.assertEqual(rep.u.reserved, 0)
3456 self.assertEqual(len(rep.u.error_and_verifier), 0)
3457
3458 # wait for a disconnect
3459 rep = self.recv_pdu()
3460 self.assertIsNone(rep)
3461 self.assertNotConnected()
3462 return
3463
3464 rep = self.recv_pdu(timeout=0.1)
3465 self.assertIsNone(rep)
3466 self.assertIsConnected()
3467
3468 def test_first_only_requests(self):
3469 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3470 fault_2nd=True)
3471
3472 def test_none_only_requests(self):
3473 return self._test_same_requests(pfc_flags=0, fault_1st=True)
3474
3475 def test_last_only_requests(self):
3476 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
3477 fault_1st=True)
3478
3479 def test_first_maybe_requests(self):
3480 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
3481 dcerpc.DCERPC_PFC_FLAG_MAYBE,
3482 fault_2nd=True)
3483
3484 def test_first_didnot_requests(self):
3485 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
3486 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
3487 fault_2nd=True)
3488
3489 def test_first_cmpx_requests(self):
3490 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
3491 dcerpc.DCERPC_PFC_FLAG_CONC_MPX,
3492 fault_2nd=True)
3493
3494 def test_first_08_requests(self):
3495 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
3496 0x08,
3497 fault_2nd=True)
3498
3499 def test_first_cancel_requests(self):
3500 (ctx, rep, real_stub) = self._get_netlogon_ctx()
3501
3502 # netr_ServerReqChallenge with given flags
3503 req = self.generate_request(call_id=2,
3504 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
3505 dcerpc.DCERPC_PFC_FLAG_PENDING_CANCEL,
3506 context_id=ctx.context_id,
3507 opnum=4,
3508 stub=real_stub)
3509 self.send_pdu(req)
3510 rep = self.recv_pdu()
3511 # We get a fault back
3512 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
3513 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
3514 dcerpc.DCERPC_PFC_FLAG_LAST |
3515 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
3516 auth_length=0)
3517 self.assertNotEqual(rep.u.alloc_hint, 0)
3518 self.assertEqual(rep.u.context_id, 0)
3519 self.assertEqual(rep.u.cancel_count, 0)
3520 self.assertEqual(rep.u.flags, 0)
3521 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_NO_CALL_ACTIVE)
3522 self.assertEqual(rep.u.reserved, 0)
3523 self.assertEqual(len(rep.u.error_and_verifier), 0)
3524
3525 # wait for a disconnect
3526 rep = self.recv_pdu()
3527 self.assertIsNone(rep)
3528 self.assertNotConnected()
3529
3530 def test_2nd_cancel_requests(self):
3531 (ctx, rep, real_stub) = self._get_netlogon_ctx()
3532
3533 # netr_ServerReqChallenge with given flags
3534 req = self.generate_request(call_id=2,
3535 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3536 context_id=ctx.context_id,
3537 opnum=4,
3538 stub=real_stub)
3539 self.send_pdu(req)
3540 rep = self.recv_pdu(timeout=0.1)
3541 self.assertIsNone(rep)
3542 self.assertIsConnected()
3543
3544 # netr_ServerReqChallenge with given flags
3545 req = self.generate_request(call_id=2,
3546 pfc_flags=dcerpc.DCERPC_PFC_FLAG_PENDING_CANCEL,
3547 context_id=ctx.context_id,
3548 opnum=4,
3549 stub=real_stub)
3550 self.send_pdu(req)
3551 rep = self.recv_pdu(timeout=0.1)
3552 self.assertIsNone(rep)
3553 self.assertIsConnected()
3554
3555 # netr_ServerReqChallenge with given flags
3556 req = self.generate_request(call_id=2,
3557 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
3558 context_id=ctx.context_id,
3559 opnum=4,
3560 stub=real_stub)
3561 self.send_pdu(req)
3562 rep = self.recv_pdu()
3563 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3564 auth_length=0)
3565 self.assertNotEqual(rep.u.alloc_hint, 0)
3566 self.assertEqual(rep.u.context_id, req.u.context_id)
3567 self.assertEqual(rep.u.cancel_count, 0)
3568 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3569
3570 self.assertEqual(len(rep.u.stub_and_verifier), 12)
3571 status = struct.unpack_from("<I", rep.u.stub_and_verifier, len(rep.u.stub_and_verifier) - 4)
3572 self.assertEqual(status[0], 0)
3573
3574 def test_last_cancel_requests(self):
3575 (ctx, rep, real_stub) = self._get_netlogon_ctx()
3576
3577 # netr_ServerReqChallenge with given flags
3578 req = self.generate_request(call_id=2,
3579 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3580 context_id=ctx.context_id,
3581 opnum=4,
3582 stub=real_stub[:4])
3583 self.send_pdu(req)
3584 rep = self.recv_pdu(timeout=0.1)
3585 self.assertIsNone(rep)
3586 self.assertIsConnected()
3587
3588 # netr_ServerReqChallenge with given flags
3589 req = self.generate_request(call_id=2,
3590 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST |
3591 dcerpc.DCERPC_PFC_FLAG_PENDING_CANCEL,
3592 context_id=ctx.context_id,
3593 opnum=4,
3594 stub=real_stub[4:])
3595 self.send_pdu(req)
3596 rep = self.recv_pdu()
3597 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3598 auth_length=0)
3599 self.assertNotEqual(rep.u.alloc_hint, 0)
3600 self.assertEqual(rep.u.context_id, req.u.context_id)
3601 self.assertEqual(rep.u.cancel_count, 0)
3602 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3603
3604 self.assertEqual(len(rep.u.stub_and_verifier), 12)
3605 status = struct.unpack_from("<I", rep.u.stub_and_verifier, len(rep.u.stub_and_verifier) - 4)
3606 self.assertEqual(status[0], 0)
3607
3608 def test_mix_requests(self):
3609 (ctx, rep, real_stub) = self._get_netlogon_ctx()
3610
3611 # netr_ServerReqChallenge with given flags
3612 req = self.generate_request(call_id=50,
3613 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3614 context_id=ctx.context_id,
3615 opnum=4,
3616 stub=real_stub)
3617 self.send_pdu(req)
3618 rep = self.recv_pdu(timeout=0.1)
3619 self.assertIsNone(rep)
3620 self.assertIsConnected()
3621
3622 # netr_ServerReqChallenge with given flags
3623 req = self.generate_request(call_id=51,
3624 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3625 context_id=ctx.context_id,
3626 opnum=4,
3627 stub=real_stub)
3628 self.send_pdu(req)
3629 rep = self.recv_pdu()
3630 # We get a fault back
3631 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, 50,
3632 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
3633 dcerpc.DCERPC_PFC_FLAG_LAST,
3634 auth_length=0)
3635 self.assertNotEqual(rep.u.alloc_hint, 0)
3636 self.assertEqual(rep.u.context_id, req.u.context_id)
3637 self.assertEqual(rep.u.cancel_count, 0)
3638 self.assertEqual(rep.u.flags, 0)
3639 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
3640 self.assertEqual(rep.u.reserved, 0)
3641 self.assertEqual(len(rep.u.error_and_verifier), 0)
3642
3643 def test_co_cancel_no_request(self):
3644 ndr32 = base.transfer_syntax_ndr()
3645 abstract = samba.dcerpc.mgmt.abstract_syntax()
3646 ctx = self.prepare_presentation(abstract, ndr32, context_id=0xff)
3647
3648 req = self.generate_co_cancel(call_id=3)
3649 self.send_pdu(req)
3650 rep = self.recv_pdu(timeout=0.01)
3651 self.assertIsNone(rep)
3652 self.assertIsConnected()
3653
3654 # And now try a request
3655 req = self.generate_request(call_id=1,
3656 context_id=ctx.context_id,
3657 opnum=0,
3658 stub=b"")
3659 self.send_pdu(req)
3660 rep = self.recv_pdu()
3661 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3662 auth_length=0)
3663 self.assertNotEqual(rep.u.alloc_hint, 0)
3664 self.assertEqual(rep.u.context_id, req.u.context_id)
3665 self.assertEqual(rep.u.cancel_count, 0)
3666 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3667
3668 def test_co_cancel_request_after_first(self):
3669 ndr32 = base.transfer_syntax_ndr()
3670 abstract = samba.dcerpc.mgmt.abstract_syntax()
3671 ctx = self.prepare_presentation(abstract, ndr32, context_id=0xff)
3672
3673 req = self.generate_request(call_id=1,
3674 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3675 context_id=ctx.context_id,
3676 opnum=0,
3677 stub=b"")
3678 self.send_pdu(req)
3679 rep = self.recv_pdu(timeout=0.01)
3680 self.assertIsNone(rep)
3681 self.assertIsConnected()
3682
3683 req = self.generate_co_cancel(call_id=1)
3684 self.send_pdu(req)
3685 rep = self.recv_pdu(timeout=0.01)
3686 self.assertIsNone(rep)
3687 self.assertIsConnected()
3688
3689 req = self.generate_request(call_id=1,
3690 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
3691 context_id=ctx.context_id,
3692 opnum=0,
3693 stub=b"")
3694 self.send_pdu(req)
3695 rep = self.recv_pdu()
3696 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3697 auth_length=0)
3698 self.assertNotEqual(rep.u.alloc_hint, 0)
3699 self.assertEqual(rep.u.context_id, req.u.context_id)
3700 self.assertEqual(rep.u.cancel_count, 0)
3701 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3702
3703 # And now try a request
3704 req = self.generate_request(call_id=2,
3705 context_id=ctx.context_id,
3706 opnum=0,
3707 stub=b"")
3708 self.send_pdu(req)
3709 rep = self.recv_pdu()
3710 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3711 auth_length=0)
3712 self.assertNotEqual(rep.u.alloc_hint, 0)
3713 self.assertEqual(rep.u.context_id, req.u.context_id)
3714 self.assertEqual(rep.u.cancel_count, 0)
3715 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3716
3717 def test_orphaned_no_request(self):
3718 ndr32 = base.transfer_syntax_ndr()
3719 abstract = samba.dcerpc.mgmt.abstract_syntax()
3720 ctx = self.prepare_presentation(abstract, ndr32)
3721
3722 req = self.generate_orphaned(call_id=3)
3723 self.send_pdu(req)
3724 rep = self.recv_pdu(timeout=0.01)
3725 self.assertIsNone(rep)
3726 self.assertIsConnected()
3727
3728 # And now try a request
3729 req = self.generate_request(call_id=1,
3730 context_id=ctx.context_id,
3731 opnum=0,
3732 stub=b"")
3733 self.send_pdu(req)
3734 rep = self.recv_pdu()
3735 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3736 auth_length=0)
3737 self.assertNotEqual(rep.u.alloc_hint, 0)
3738 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
3739 self.assertEqual(rep.u.cancel_count, 0)
3740 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3741
3742 def test_orphaned_request_after_first_last(self):
3743 ndr32 = base.transfer_syntax_ndr()
3744 abstract = samba.dcerpc.mgmt.abstract_syntax()
3745 ctx = self.prepare_presentation(abstract, ndr32)
3746
3747 req = self.generate_request(call_id=1,
3748 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3749 context_id=ctx.context_id,
3750 opnum=0,
3751 stub=b"")
3752 self.send_pdu(req)
3753 rep = self.recv_pdu(timeout=0.1)
3754 self.assertIsNone(rep)
3755 self.assertIsConnected()
3756
3757 req = self.generate_orphaned(call_id=1)
3758 self.send_pdu(req)
3759 rep = self.recv_pdu(timeout=0.1)
3760 self.assertIsNone(rep)
3761 self.assertIsConnected()
3762
3763 req = self.generate_request(call_id=1,
3764 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
3765 context_id=ctx.context_id,
3766 opnum=0,
3767 stub=b"")
3768 self.send_pdu(req)
3769 rep = self.recv_pdu()
3770 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3771 auth_length=0)
3772 self.assertNotEqual(rep.u.alloc_hint, 0)
3773 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
3774 self.assertEqual(rep.u.cancel_count, 0)
3775 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3776
3777 # And now try a request
3778 req = self.generate_request(call_id=2,
3779 context_id=ctx.context_id,
3780 opnum=0,
3781 stub=b"")
3782 self.send_pdu(req)
3783 rep = self.recv_pdu()
3784 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3785 auth_length=0)
3786 self.assertNotEqual(rep.u.alloc_hint, 0)
3787 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
3788 self.assertEqual(rep.u.cancel_count, 0)
3789 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3790
3791 def test_orphaned_request_after_first_mpx_last(self):
3792 ndr32 = base.transfer_syntax_ndr()
3793 abstract = samba.dcerpc.mgmt.abstract_syntax()
3794
3795 pfc_flags = samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST
3796 pfc_flags |= samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_LAST
3797 pfc_flags |= samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_CONC_MPX
3798 ctx = self.prepare_presentation(abstract, ndr32, pfc_flags=pfc_flags)
3799
3800 req = self.generate_request(call_id=1,
3801 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3802 context_id=ctx.context_id,
3803 opnum=0,
3804 stub=b"")
3805 self.send_pdu(req)
3806 rep = self.recv_pdu(timeout=0.1)
3807 self.assertIsNone(rep)
3808 self.assertIsConnected()
3809
3810 req = self.generate_orphaned(call_id=1)
3811 self.send_pdu(req)
3812 rep = self.recv_pdu(timeout=0.1)
3813 self.assertIsNone(rep)
3814 self.assertIsConnected()
3815
3816 req = self.generate_request(call_id=1,
3817 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
3818 context_id=ctx.context_id,
3819 opnum=0,
3820 stub=b"")
3821 self.send_pdu(req)
3822 rep = self.recv_pdu()
3823 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3824 auth_length=0)
3825 self.assertNotEqual(rep.u.alloc_hint, 0)
3826 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
3827 self.assertEqual(rep.u.cancel_count, 0)
3828 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3829
3830 # And now try a request
3831 req = self.generate_request(call_id=2,
3832 context_id=ctx.context_id,
3833 opnum=0,
3834 stub=b"")
3835 self.send_pdu(req)
3836 rep = self.recv_pdu()
3837 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
3838 auth_length=0)
3839 self.assertNotEqual(rep.u.alloc_hint, 0)
3840 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
3841 self.assertEqual(rep.u.cancel_count, 0)
3842 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
3843
3844 def test_orphaned_request_after_first_no_last(self):
3845 ndr32 = base.transfer_syntax_ndr()
3846 abstract = samba.dcerpc.mgmt.abstract_syntax()
3847 ctx = self.prepare_presentation(abstract, ndr32)
3848
3849 req1 = self.generate_request(call_id=1,
3850 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3851 context_id=ctx.context_id,
3852 opnum=0,
3853 stub=b"")
3854 self.send_pdu(req1)
3855 rep = self.recv_pdu(timeout=0.1)
3856 self.assertIsNone(rep)
3857 self.assertIsConnected()
3858
3859 req = self.generate_orphaned(call_id=1)
3860 self.send_pdu(req)
3861 rep = self.recv_pdu(timeout=0.1)
3862 self.assertIsNone(rep)
3863 self.assertIsConnected()
3864
3865 # And now try a new request
3866 req2 = self.generate_request(call_id=2,
3867 context_id=ctx.context_id,
3868 opnum=0,
3869 stub=b"")
3870 self.send_pdu(req2)
3871 rep = self.recv_pdu()
3872 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req1.call_id,
3873 auth_length=0)
3874 self.assertNotEqual(rep.u.alloc_hint, 0)
3875 self.assertEqual(rep.u.context_id, req1.u.context_id)
3876 self.assertEqual(rep.u.cancel_count, 0)
3877 self.assertEqual(rep.u.flags, 0)
3878 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
3879 self.assertEqual(rep.u.reserved, 0)
3880 self.assertEqual(len(rep.u.error_and_verifier), 0)
3881
3882 # wait for a disconnect
3883 rep = self.recv_pdu()
3884 self.assertIsNone(rep)
3885 self.assertNotConnected()
3886
3887 def test_orphaned_request_after_first_mpx_no_last(self):
3888 ndr32 = base.transfer_syntax_ndr()
3889 abstract = samba.dcerpc.mgmt.abstract_syntax()
3890
3891 pfc_flags = samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST
3892 pfc_flags |= samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_LAST
3893 pfc_flags |= samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_CONC_MPX
3894 ctx = self.prepare_presentation(abstract, ndr32,
3895 pfc_flags=pfc_flags)
3896
3897 req1 = self.generate_request(call_id=1,
3898 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
3899 context_id=ctx.context_id,
3900 opnum=0,
3901 stub=b"")
3902 self.send_pdu(req1)
3903 rep = self.recv_pdu(timeout=0.1)
3904 self.assertIsNone(rep)
3905 self.assertIsConnected()
3906
3907 req = self.generate_orphaned(call_id=1)
3908 self.send_pdu(req)
3909 rep = self.recv_pdu(timeout=0.1)
3910 self.assertIsNone(rep)
3911 self.assertIsConnected()
3912
3913 # And now try a new request
3914 req2 = self.generate_request(call_id=2,
3915 context_id=ctx.context_id - 1,
3916 opnum=0,
3917 stub=b"")
3918 self.send_pdu(req2)
3919 rep = self.recv_pdu()
3920 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req2.call_id,
3921 auth_length=0)
3922 self.assertNotEqual(rep.u.alloc_hint, 0)
3923 self.assertEqual(rep.u.context_id, 0)
3924 self.assertEqual(rep.u.cancel_count, 0)
3925 self.assertEqual(rep.u.flags, 0)
3926 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
3927 self.assertEqual(rep.u.reserved, 0)
3928 self.assertEqual(len(rep.u.error_and_verifier), 0)
3929
3930 # wait for a disconnect
3931 rep = self.recv_pdu()
3932 self.assertIsNone(rep)
3933 self.assertNotConnected()
3934
3935 def _test_spnego_connect_upgrade_request(self, upgrade_auth_level):
3936 ndr32 = base.transfer_syntax_ndr()
3937
3938 tsf1_list = [ndr32]
3939 ctx1 = dcerpc.ctx_list()
3940 ctx1.context_id = 1
3941 ctx1.num_transfer_syntaxes = len(tsf1_list)
3942 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
3943 ctx1.transfer_syntaxes = tsf1_list
3944 ctx_list = [ctx1]
3945
3946 c = self.get_anon_creds()
3947 g = gensec.Security.start_client(self.settings)
3948 g.set_credentials(c)
3949 g.want_feature(gensec.FEATURE_DCE_STYLE)
3950 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
3951 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
3952 auth_context_id = 2
3953 g.start_mech_by_authtype(auth_type, auth_level)
3954 from_server = b""
3955 (finished, to_server) = g.update(from_server)
3956 self.assertFalse(finished)
3957
3958 auth_info = self.generate_auth(auth_type=auth_type,
3959 auth_level=auth_level,
3960 auth_context_id=auth_context_id,
3961 auth_blob=to_server)
3962
3963 req = self.generate_bind(call_id=0,
3964 ctx_list=ctx_list,
3965 auth_info=auth_info)
3966
3967 self.send_pdu(req)
3968 rep = self.recv_pdu()
3969 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
3970 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
3971 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
3972 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
3973 self.assertEqual(rep.u.secondary_address_size, 4)
3974 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
3975 self.assertPadding(rep.u._pad1, 2)
3976 self.assertEqual(rep.u.num_results, 1)
3977 self.assertEqual(rep.u.ctx_list[0].result,
3978 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
3979 self.assertEqual(rep.u.ctx_list[0].reason,
3980 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
3981 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
3982 self.assertNotEqual(len(rep.u.auth_info), 0)
3983 a = self.parse_auth(rep.u.auth_info)
3984
3985 from_server = a.credentials
3986 (finished, to_server) = g.update(from_server)
3987 self.assertFalse(finished)
3988
3989 auth_info = self.generate_auth(auth_type=auth_type,
3990 auth_level=auth_level,
3991 auth_context_id=auth_context_id,
3992 auth_blob=to_server)
3993
3994 req = self.generate_alter(call_id=0,
3995 ctx_list=ctx_list,
3996 assoc_group_id=rep.u.assoc_group_id,
3997 auth_info=auth_info)
3998
3999 self.send_pdu(req)
4000 rep = self.recv_pdu()
4001 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id)
4002 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4003 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4004 self.assertEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4005 self.assertEqual(rep.u.secondary_address_size, 0)
4006 self.assertPadding(rep.u._pad1, 2)
4007 self.assertEqual(rep.u.num_results, 1)
4008 self.assertEqual(rep.u.ctx_list[0].result,
4009 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4010 self.assertEqual(rep.u.ctx_list[0].reason,
4011 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4012 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4013 self.assertNotEqual(len(rep.u.auth_info), 0)
4014 a = self.parse_auth(rep.u.auth_info)
4015
4016 from_server = a.credentials
4017 (finished, to_server) = g.update(from_server)
4018 self.assertTrue(finished)
4019
4020 # And now try a request without auth_info
4021 req = self.generate_request(call_id=2,
4022 context_id=ctx1.context_id,
4023 opnum=0,
4024 stub=b"")
4025 self.send_pdu(req)
4026 rep = self.recv_pdu()
4027 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
4028 auth_length=0)
4029 self.assertNotEqual(rep.u.alloc_hint, 0)
4030 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
4031 self.assertEqual(rep.u.cancel_count, 0)
4032 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
4033
4034 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
4035 auth_info = self.generate_auth(auth_type=auth_type,
4036 auth_level=auth_level,
4037 auth_context_id=auth_context_id,
4038 auth_blob=b"\x01" +b"\x00" *15)
4039 req = self.generate_request(call_id=3,
4040 context_id=ctx1.context_id,
4041 opnum=0,
4042 stub=b"",
4043 auth_info=auth_info)
4044 self.send_pdu(req)
4045 rep = self.recv_pdu()
4046 # We don't get an auth_info back
4047 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
4048 auth_length=0)
4049 self.assertNotEqual(rep.u.alloc_hint, 0)
4050 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
4051 self.assertEqual(rep.u.cancel_count, 0)
4052 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
4053
4054 # Now a request with auth_info upgrade_auth_level
4055 auth_info = self.generate_auth(auth_type=auth_type,
4056 auth_level=upgrade_auth_level,
4057 auth_context_id=auth_context_id,
4058 auth_blob=b"\x01" + b"\x00" * 15)
4059 req = self.generate_request(call_id=4,
4060 context_id=ctx1.context_id,
4061 opnum=0,
4062 stub=b"",
4063 auth_info=auth_info)
4064 self.send_pdu(req)
4065 rep = self.recv_pdu()
4066 # We get a fault back
4067 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4068 auth_length=0)
4069 self.assertNotEqual(rep.u.alloc_hint, 0)
4070 self.assertEqual(rep.u.context_id, req.u.context_id)
4071 self.assertEqual(rep.u.cancel_count, 0)
4072 self.assertEqual(rep.u.flags, 0)
4073 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
4074 self.assertEqual(rep.u.reserved, 0)
4075 self.assertEqual(len(rep.u.error_and_verifier), 0)
4076
4077 # wait for a disconnect
4078 rep = self.recv_pdu()
4079 self.assertIsNone(rep)
4080 self.assertNotConnected()
4081
4082 def test_spnego_connect_packet_upgrade(self):
4083 return self._test_spnego_connect_upgrade_request(
4084 dcerpc.DCERPC_AUTH_LEVEL_PACKET)
4085
4086 def test_spnego_connect_integrity_upgrade(self):
4087 return self._test_spnego_connect_upgrade_request(
4088 dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
4089
4090 def _test_spnego_connect_downgrade_request(self, initial_auth_level):
4091 ndr32 = base.transfer_syntax_ndr()
4092
4093 tsf1_list = [ndr32]
4094 ctx1 = dcerpc.ctx_list()
4095 ctx1.context_id = 1
4096 ctx1.num_transfer_syntaxes = len(tsf1_list)
4097 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4098 ctx1.transfer_syntaxes = tsf1_list
4099 ctx_list = [ctx1]
4100
4101 c = self.get_anon_creds()
4102 g = gensec.Security.start_client(self.settings)
4103 g.set_credentials(c)
4104 g.want_feature(gensec.FEATURE_DCE_STYLE)
4105 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4106 auth_level = initial_auth_level
4107 auth_context_id = 2
4108 g.start_mech_by_authtype(auth_type, auth_level)
4109 from_server = b""
4110 (finished, to_server) = g.update(from_server)
4111 self.assertFalse(finished)
4112
4113 auth_info = self.generate_auth(auth_type=auth_type,
4114 auth_level=auth_level,
4115 auth_context_id=auth_context_id,
4116 auth_blob=to_server)
4117
4118 req = self.generate_bind(call_id=0,
4119 ctx_list=ctx_list,
4120 auth_info=auth_info)
4121
4122 self.send_pdu(req)
4123 rep = self.recv_pdu()
4124 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4125 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4126 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4127 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4128 self.assertEqual(rep.u.secondary_address_size, 4)
4129 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4130 self.assertPadding(rep.u._pad1, 2)
4131 self.assertEqual(rep.u.num_results, 1)
4132 self.assertEqual(rep.u.ctx_list[0].result,
4133 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4134 self.assertEqual(rep.u.ctx_list[0].reason,
4135 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4136 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4137 self.assertNotEqual(len(rep.u.auth_info), 0)
4138 a = self.parse_auth(rep.u.auth_info)
4139
4140 from_server = a.credentials
4141 (finished, to_server) = g.update(from_server)
4142 self.assertFalse(finished)
4143
4144 auth_info = self.generate_auth(auth_type=auth_type,
4145 auth_level=auth_level,
4146 auth_context_id=auth_context_id,
4147 auth_blob=to_server)
4148
4149 req = self.generate_alter(call_id=0,
4150 ctx_list=ctx_list,
4151 assoc_group_id=rep.u.assoc_group_id,
4152 auth_info=auth_info)
4153
4154 self.send_pdu(req)
4155 rep = self.recv_pdu()
4156 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id)
4157 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4158 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4159 self.assertEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4160 self.assertEqual(rep.u.secondary_address_size, 0)
4161 self.assertPadding(rep.u._pad1, 2)
4162 self.assertEqual(rep.u.num_results, 1)
4163 self.assertEqual(rep.u.ctx_list[0].result,
4164 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4165 self.assertEqual(rep.u.ctx_list[0].reason,
4166 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4167 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4168 self.assertNotEqual(len(rep.u.auth_info), 0)
4169 a = self.parse_auth(rep.u.auth_info)
4170
4171 from_server = a.credentials
4172 (finished, to_server) = g.update(from_server)
4173 self.assertTrue(finished)
4174
4175 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
4176 auth_info = self.generate_auth(auth_type=auth_type,
4177 auth_level=dcerpc.DCERPC_AUTH_LEVEL_CONNECT,
4178 auth_context_id=auth_context_id,
4179 auth_blob=b"\x01" + b"\x00" * 15)
4180 req = self.generate_request(call_id=3,
4181 context_id=ctx1.context_id,
4182 opnum=0,
4183 stub=b"",
4184 auth_info=auth_info)
4185 self.send_pdu(req)
4186 rep = self.recv_pdu()
4187 # We get a fault back
4188 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4189 auth_length=0)
4190 self.assertNotEqual(rep.u.alloc_hint, 0)
4191 self.assertEqual(rep.u.context_id, req.u.context_id)
4192 self.assertEqual(rep.u.cancel_count, 0)
4193 self.assertEqual(rep.u.flags, 0)
4194 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
4195 self.assertEqual(rep.u.reserved, 0)
4196 self.assertEqual(len(rep.u.error_and_verifier), 0)
4197
4198 # wait for a disconnect
4199 rep = self.recv_pdu()
4200 self.assertIsNone(rep)
4201 self.assertNotConnected()
4202
4203 def test_spnego_packet_downgrade_connect(self):
4204 return self._test_spnego_connect_downgrade_request(
4205 dcerpc.DCERPC_AUTH_LEVEL_PACKET)
4206
4207 def test_spnego_integrity_downgrade_connect(self):
4208 return self._test_spnego_connect_upgrade_request(
4209 dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
4210
4211 def test_spnego_unfinished_request(self):
4212 ndr32 = base.transfer_syntax_ndr()
4213
4214 tsf1_list = [ndr32]
4215 ctx1 = dcerpc.ctx_list()
4216 ctx1.context_id = 1
4217 ctx1.num_transfer_syntaxes = len(tsf1_list)
4218 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4219 ctx1.transfer_syntaxes = tsf1_list
4220 ctx_list = [ctx1]
4221
4222 c = self.get_anon_creds()
4223 g = gensec.Security.start_client(self.settings)
4224 g.set_credentials(c)
4225 g.want_feature(gensec.FEATURE_DCE_STYLE)
4226 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4227 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
4228 auth_context_id = 2
4229 g.start_mech_by_authtype(auth_type, auth_level)
4230 from_server = b""
4231 (finished, to_server) = g.update(from_server)
4232 self.assertFalse(finished)
4233
4234 auth_info = self.generate_auth(auth_type=auth_type,
4235 auth_level=auth_level,
4236 auth_context_id=auth_context_id,
4237 auth_blob=to_server)
4238
4239 req = self.generate_bind(call_id=0,
4240 ctx_list=ctx_list,
4241 auth_info=auth_info)
4242
4243 self.send_pdu(req)
4244 rep = self.recv_pdu()
4245 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4246 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4247 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4248 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4249 assoc_group_id = rep.u.assoc_group_id
4250 self.assertEqual(rep.u.secondary_address_size, 4)
4251 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4252 self.assertPadding(rep.u._pad1, 2)
4253 self.assertEqual(rep.u.num_results, 1)
4254 self.assertEqual(rep.u.ctx_list[0].result,
4255 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4256 self.assertEqual(rep.u.ctx_list[0].reason,
4257 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4258 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4259 self.assertNotEqual(len(rep.u.auth_info), 0)
4260 a = self.parse_auth(rep.u.auth_info)
4261
4262 from_server = a.credentials
4263 (finished, to_server) = g.update(from_server)
4264 self.assertFalse(finished)
4265
4266 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
4267 auth_info = self.generate_auth(auth_type=auth_type,
4268 auth_level=auth_level,
4269 auth_context_id=auth_context_id,
4270 auth_blob=b"\x01" + b"\x00" * 15)
4271 req = self.generate_request(call_id=1,
4272 context_id=ctx1.context_id,
4273 opnum=0,
4274 stub=b"",
4275 auth_info=auth_info)
4276 self.send_pdu(req)
4277 rep = self.recv_pdu()
4278 # We get a fault
4279 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4280 pfc_flags=req.pfc_flags |
4281 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
4282 auth_length=0)
4283 self.assertNotEqual(rep.u.alloc_hint, 0)
4284 self.assertEqual(rep.u.context_id, 0)
4285 self.assertEqual(rep.u.cancel_count, 0)
4286 self.assertEqual(rep.u.flags, 0)
4287 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
4288 self.assertEqual(rep.u.reserved, 0)
4289 self.assertEqual(len(rep.u.error_and_verifier), 0)
4290
4291 # wait for a disconnect
4292 rep = self.recv_pdu()
4293 self.assertIsNone(rep)
4294 self.assertNotConnected()
4295
4296 def test_spnego_auth3(self):
4297 ndr32 = base.transfer_syntax_ndr()
4298
4299 tsf1_list = [ndr32]
4300 ctx1 = dcerpc.ctx_list()
4301 ctx1.context_id = 1
4302 ctx1.num_transfer_syntaxes = len(tsf1_list)
4303 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4304 ctx1.transfer_syntaxes = tsf1_list
4305 ctx_list = [ctx1]
4306
4307 c = self.get_anon_creds()
4308 g = gensec.Security.start_client(self.settings)
4309 g.set_credentials(c)
4310 g.want_feature(gensec.FEATURE_DCE_STYLE)
4311 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4312 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
4313 auth_context_id = 2
4314 g.start_mech_by_authtype(auth_type, auth_level)
4315 from_server = b""
4316 (finished, to_server) = g.update(from_server)
4317 self.assertFalse(finished)
4318
4319 auth_info = self.generate_auth(auth_type=auth_type,
4320 auth_level=auth_level,
4321 auth_context_id=auth_context_id,
4322 auth_blob=to_server)
4323 req = self.generate_bind(call_id=0,
4324 ctx_list=ctx_list,
4325 auth_info=auth_info)
4326 self.send_pdu(req)
4327 rep = self.recv_pdu()
4328 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4329 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4330 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4331 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4332 self.assertEqual(rep.u.secondary_address_size, 4)
4333 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4334 self.assertPadding(rep.u._pad1, 2)
4335 self.assertEqual(rep.u.num_results, 1)
4336 self.assertEqual(rep.u.ctx_list[0].result,
4337 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4338 self.assertEqual(rep.u.ctx_list[0].reason,
4339 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4340 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4341 self.assertNotEqual(len(rep.u.auth_info), 0)
4342 a = self.parse_auth(rep.u.auth_info)
4343
4344 from_server = a.credentials
4345 (finished, to_server) = g.update(from_server)
4346 self.assertFalse(finished)
4347
4348 auth_info = self.generate_auth(auth_type=auth_type,
4349 auth_level=auth_level,
4350 auth_context_id=auth_context_id,
4351 auth_blob=to_server)
4352 req = self.generate_auth3(call_id=0,
4353 auth_info=auth_info)
4354 self.send_pdu(req)
4355 rep = self.recv_pdu(timeout=0.01)
4356 self.assertIsNone(rep)
4357 self.assertIsConnected()
4358
4359 # And now try a request without auth_info
4360 req = self.generate_request(call_id=2,
4361 context_id=ctx1.context_id,
4362 opnum=0,
4363 stub=b"")
4364 self.send_pdu(req)
4365 rep = self.recv_pdu()
4366 # We get a fault back
4367 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4368 auth_length=0)
4369 self.assertNotEqual(rep.u.alloc_hint, 0)
4370 self.assertEqual(rep.u.context_id, req.u.context_id)
4371 self.assertEqual(rep.u.cancel_count, 0)
4372 self.assertEqual(rep.u.flags, 0)
4373 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
4374 self.assertEqual(rep.u.reserved, 0)
4375 self.assertEqual(len(rep.u.error_and_verifier), 0)
4376
4377 # wait for a disconnect
4378 rep = self.recv_pdu()
4379 self.assertIsNone(rep)
4380 self.assertNotConnected()
4381
4382 def test_spnego_connect_reauth_alter(self):
4383 ndr32 = base.transfer_syntax_ndr()
4384 ndr64 = base.transfer_syntax_ndr64()
4385
4386 tsf1_list = [ndr32]
4387 ctx1 = dcerpc.ctx_list()
4388 ctx1.context_id = 1
4389 ctx1.num_transfer_syntaxes = len(tsf1_list)
4390 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4391 ctx1.transfer_syntaxes = tsf1_list
4392 ctx_list = [ctx1]
4393
4394 c = self.get_anon_creds()
4395 g = gensec.Security.start_client(self.settings)
4396 g.set_credentials(c)
4397 g.want_feature(gensec.FEATURE_DCE_STYLE)
4398 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4399 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
4400 auth_context_id = 2
4401 g.start_mech_by_authtype(auth_type, auth_level)
4402 from_server = b""
4403 (finished, to_server) = g.update(from_server)
4404 self.assertFalse(finished)
4405
4406 auth_info = self.generate_auth(auth_type=auth_type,
4407 auth_level=auth_level,
4408 auth_context_id=auth_context_id,
4409 auth_blob=to_server)
4410
4411 req = self.generate_bind(call_id=0,
4412 ctx_list=ctx_list,
4413 auth_info=auth_info)
4414
4415 self.send_pdu(req)
4416 rep = self.recv_pdu()
4417 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4418 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4419 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4420 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4421 self.assertEqual(rep.u.secondary_address_size, 4)
4422 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4423 self.assertPadding(rep.u._pad1, 2)
4424 self.assertEqual(rep.u.num_results, 1)
4425 self.assertEqual(rep.u.ctx_list[0].result,
4426 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4427 self.assertEqual(rep.u.ctx_list[0].reason,
4428 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4429 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4430 self.assertNotEqual(len(rep.u.auth_info), 0)
4431 a = self.parse_auth(rep.u.auth_info)
4432
4433 from_server = a.credentials
4434 (finished, to_server) = g.update(from_server)
4435 self.assertFalse(finished)
4436
4437 auth_info = self.generate_auth(auth_type=auth_type,
4438 auth_level=auth_level,
4439 auth_context_id=auth_context_id,
4440 auth_blob=to_server)
4441 req = self.generate_alter(call_id=0,
4442 ctx_list=[ctx1],
4443 assoc_group_id=rep.u.assoc_group_id,
4444 auth_info=auth_info)
4445 self.send_pdu(req)
4446 rep = self.recv_pdu()
4447 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id)
4448 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4449 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4450 self.assertEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4451 self.assertEqual(rep.u.secondary_address_size, 0)
4452 self.assertPadding(rep.u._pad1, 2)
4453 self.assertEqual(rep.u.num_results, 1)
4454 self.assertEqual(rep.u.ctx_list[0].result,
4455 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4456 self.assertEqual(rep.u.ctx_list[0].reason,
4457 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4458 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4459 self.assertNotEqual(len(rep.u.auth_info), 0)
4460 a = self.parse_auth(rep.u.auth_info)
4461
4462 from_server = a.credentials
4463 (finished, to_server) = g.update(from_server)
4464 self.assertTrue(finished)
4465
4466 # And now try a request without auth_info
4467 req = self.generate_request(call_id=2,
4468 context_id=ctx1.context_id,
4469 opnum=0,
4470 stub=b"")
4471 self.send_pdu(req)
4472 rep = self.recv_pdu()
4473 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
4474 auth_length=0)
4475 self.assertNotEqual(rep.u.alloc_hint, 0)
4476 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
4477 self.assertEqual(rep.u.cancel_count, 0)
4478 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
4479
4480 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
4481 auth_info = self.generate_auth(auth_type=auth_type,
4482 auth_level=auth_level,
4483 auth_context_id=auth_context_id,
4484 auth_blob=b"\x01" + b"\x00" * 15)
4485 req = self.generate_request(call_id=3,
4486 context_id=ctx1.context_id,
4487 opnum=0,
4488 stub=b"",
4489 auth_info=auth_info)
4490 self.send_pdu(req)
4491 rep = self.recv_pdu()
4492 # We don't get an auth_info back
4493 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
4494 auth_length=0)
4495 self.assertNotEqual(rep.u.alloc_hint, 0)
4496 self.assertEqual(rep.u.context_id, req.u.context_id)
4497 self.assertEqual(rep.u.cancel_count, 0)
4498 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
4499
4500 # Now a reauth
4501
4502 g = gensec.Security.start_client(self.settings)
4503 g.set_credentials(c)
4504 g.want_feature(gensec.FEATURE_DCE_STYLE)
4505 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4506 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
4507 auth_context_id = 2
4508 g.start_mech_by_authtype(auth_type, auth_level)
4509 from_server = b""
4510 (finished, to_server) = g.update(from_server)
4511 self.assertFalse(finished)
4512
4513 auth_info = self.generate_auth(auth_type=auth_type,
4514 auth_level=auth_level,
4515 auth_context_id=auth_context_id,
4516 auth_blob=to_server)
4517 req = self.generate_alter(call_id=0,
4518 ctx_list=ctx_list,
4519 auth_info=auth_info)
4520 self.send_pdu(req)
4521 rep = self.recv_pdu()
4522 # We get a fault
4523 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4524 pfc_flags=req.pfc_flags |
4525 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
4526 auth_length=0)
4527 self.assertNotEqual(rep.u.alloc_hint, 0)
4528 self.assertEqual(rep.u.context_id, 0)
4529 self.assertEqual(rep.u.cancel_count, 0)
4530 self.assertEqual(rep.u.flags, 0)
4531 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
4532 self.assertEqual(rep.u.reserved, 0)
4533 self.assertEqual(len(rep.u.error_and_verifier), 0)
4534
4535 # wait for a disconnect
4536 rep = self.recv_pdu()
4537 self.assertIsNone(rep)
4538 self.assertNotConnected()
4539
4540 def test_spnego_connect_reauth_auth3(self):
4541 ndr32 = base.transfer_syntax_ndr()
4542 ndr64 = base.transfer_syntax_ndr64()
4543
4544 tsf1_list = [ndr32]
4545 ctx1 = dcerpc.ctx_list()
4546 ctx1.context_id = 1
4547 ctx1.num_transfer_syntaxes = len(tsf1_list)
4548 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4549 ctx1.transfer_syntaxes = tsf1_list
4550 ctx_list = [ctx1]
4551
4552 c = self.get_anon_creds()
4553 g = gensec.Security.start_client(self.settings)
4554 g.set_credentials(c)
4555 g.want_feature(gensec.FEATURE_DCE_STYLE)
4556 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4557 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
4558 auth_context_id = 2
4559 g.start_mech_by_authtype(auth_type, auth_level)
4560 from_server = b""
4561 (finished, to_server) = g.update(from_server)
4562 self.assertFalse(finished)
4563
4564 auth_info = self.generate_auth(auth_type=auth_type,
4565 auth_level=auth_level,
4566 auth_context_id=auth_context_id,
4567 auth_blob=to_server)
4568
4569 req = self.generate_bind(call_id=0,
4570 ctx_list=ctx_list,
4571 auth_info=auth_info)
4572
4573 self.send_pdu(req)
4574 rep = self.recv_pdu()
4575 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4576 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4577 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4578 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4579 self.assertEqual(rep.u.secondary_address_size, 4)
4580 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4581 self.assertPadding(rep.u._pad1, 2)
4582 self.assertEqual(rep.u.num_results, 1)
4583 self.assertEqual(rep.u.ctx_list[0].result,
4584 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4585 self.assertEqual(rep.u.ctx_list[0].reason,
4586 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4587 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4588 self.assertNotEqual(len(rep.u.auth_info), 0)
4589 a = self.parse_auth(rep.u.auth_info)
4590
4591 from_server = a.credentials
4592 (finished, to_server) = g.update(from_server)
4593 self.assertFalse(finished)
4594
4595 auth_info = self.generate_auth(auth_type=auth_type,
4596 auth_level=auth_level,
4597 auth_context_id=auth_context_id,
4598 auth_blob=to_server)
4599 req = self.generate_alter(call_id=0,
4600 ctx_list=[ctx1],
4601 assoc_group_id=rep.u.assoc_group_id,
4602 auth_info=auth_info)
4603 self.send_pdu(req)
4604 rep = self.recv_pdu()
4605 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id)
4606 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4607 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4608 self.assertEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4609 self.assertEqual(rep.u.secondary_address_size, 0)
4610 self.assertPadding(rep.u._pad1, 2)
4611 self.assertEqual(rep.u.num_results, 1)
4612 self.assertEqual(rep.u.ctx_list[0].result,
4613 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4614 self.assertEqual(rep.u.ctx_list[0].reason,
4615 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4616 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4617 self.assertNotEqual(len(rep.u.auth_info), 0)
4618 a = self.parse_auth(rep.u.auth_info)
4619
4620 from_server = a.credentials
4621 (finished, to_server) = g.update(from_server)
4622 self.assertTrue(finished)
4623
4624 # And now try a request without auth_info
4625 req = self.generate_request(call_id=2,
4626 context_id=ctx1.context_id,
4627 opnum=0,
4628 stub=b"")
4629 self.send_pdu(req)
4630 rep = self.recv_pdu()
4631 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
4632 auth_length=0)
4633 self.assertNotEqual(rep.u.alloc_hint, 0)
4634 self.assertEqual(rep.u.context_id, req.u.context_id)
4635 self.assertEqual(rep.u.cancel_count, 0)
4636 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
4637
4638 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
4639 auth_info = self.generate_auth(auth_type=auth_type,
4640 auth_level=auth_level,
4641 auth_context_id=auth_context_id,
4642 auth_blob=b"\x01" + b"\x00" * 15)
4643 req = self.generate_request(call_id=3,
4644 context_id=ctx1.context_id,
4645 opnum=0,
4646 stub=b"",
4647 auth_info=auth_info)
4648 self.send_pdu(req)
4649 rep = self.recv_pdu()
4650 # We don't get an auth_info back
4651 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
4652 auth_length=0)
4653 self.assertNotEqual(rep.u.alloc_hint, 0)
4654 self.assertEqual(rep.u.context_id, req.u.context_id)
4655 self.assertEqual(rep.u.cancel_count, 0)
4656 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
4657
4658 # Now a reauth
4659
4660 g = gensec.Security.start_client(self.settings)
4661 g.set_credentials(c)
4662 g.want_feature(gensec.FEATURE_DCE_STYLE)
4663 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4664 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
4665 auth_context_id = 2
4666 g.start_mech_by_authtype(auth_type, auth_level)
4667 from_server = b""
4668 (finished, to_server) = g.update(from_server)
4669 self.assertFalse(finished)
4670
4671 auth_info = self.generate_auth(auth_type=auth_type,
4672 auth_level=auth_level,
4673 auth_context_id=auth_context_id,
4674 auth_blob=to_server)
4675 req = self.generate_auth3(call_id=0,
4676 auth_info=auth_info)
4677 self.send_pdu(req)
4678 rep = self.recv_pdu()
4679 # We get a fault
4680 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4681 pfc_flags=req.pfc_flags |
4682 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
4683 auth_length=0)
4684 self.assertNotEqual(rep.u.alloc_hint, 0)
4685 self.assertEqual(rep.u.context_id, 0)
4686 self.assertEqual(rep.u.cancel_count, 0)
4687 self.assertEqual(rep.u.flags, 0)
4688 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
4689 self.assertEqual(rep.u.reserved, 0)
4690 self.assertEqual(len(rep.u.error_and_verifier), 0)
4691
4692 # wait for a disconnect
4693 rep = self.recv_pdu()
4694 self.assertIsNone(rep)
4695 self.assertNotConnected()
4696
4697 def test_spnego_change_auth_level(self):
4698 ndr32 = base.transfer_syntax_ndr()
4699
4700 tsf1_list = [ndr32]
4701 ctx1 = dcerpc.ctx_list()
4702 ctx1.context_id = 1
4703 ctx1.num_transfer_syntaxes = len(tsf1_list)
4704 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4705 ctx1.transfer_syntaxes = tsf1_list
4706
4707 c = self.get_anon_creds()
4708 g = gensec.Security.start_client(self.settings)
4709 g.set_credentials(c)
4710 g.want_feature(gensec.FEATURE_DCE_STYLE)
4711 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4712 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
4713 auth_context_id = 2
4714 g.start_mech_by_authtype(auth_type, auth_level)
4715 from_server = b""
4716 (finished, to_server) = g.update(from_server)
4717 self.assertFalse(finished)
4718
4719 auth_info = self.generate_auth(auth_type=auth_type,
4720 auth_level=auth_level,
4721 auth_context_id=auth_context_id,
4722 auth_blob=to_server)
4723 req = self.generate_bind(call_id=0,
4724 ctx_list=[ctx1],
4725 auth_info=auth_info)
4726 self.send_pdu(req)
4727 rep = self.recv_pdu()
4728 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4729 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4730 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4731 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4732 self.assertEqual(rep.u.secondary_address_size, 4)
4733 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4734 self.assertPadding(rep.u._pad1, 2)
4735 self.assertEqual(rep.u.num_results, 1)
4736 self.assertEqual(rep.u.ctx_list[0].result,
4737 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4738 self.assertEqual(rep.u.ctx_list[0].reason,
4739 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4740 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4741 self.assertNotEqual(len(rep.u.auth_info), 0)
4742 a = self.parse_auth(rep.u.auth_info)
4743
4744 from_server = a.credentials
4745 (finished, to_server) = g.update(from_server)
4746 self.assertFalse(finished)
4747
4748 auth_info = self.generate_auth(auth_type=auth_type,
4749 auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
4750 auth_context_id=auth_context_id,
4751 auth_blob=to_server)
4752 req = self.generate_alter(call_id=0,
4753 ctx_list=[ctx1],
4754 assoc_group_id=rep.u.assoc_group_id,
4755 auth_info=auth_info)
4756 self.send_pdu(req)
4757 rep = self.recv_pdu()
4758 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4759 pfc_flags=req.pfc_flags |
4760 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
4761 auth_length=0)
4762 self.assertNotEqual(rep.u.alloc_hint, 0)
4763 self.assertEqual(rep.u.context_id, 0)
4764 self.assertEqual(rep.u.cancel_count, 0)
4765 self.assertEqual(rep.u.flags, 0)
4766 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
4767 self.assertEqual(rep.u.reserved, 0)
4768 self.assertEqual(len(rep.u.error_and_verifier), 0)
4769
4770 # wait for a disconnect
4771 rep = self.recv_pdu()
4772 self.assertIsNone(rep)
4773 self.assertNotConnected()
4774
4775 def test_spnego_change_abstract(self):
4776 ndr32 = base.transfer_syntax_ndr()
4777
4778 tsf1_list = [ndr32]
4779 ctx1 = dcerpc.ctx_list()
4780 ctx1.context_id = 1
4781 ctx1.num_transfer_syntaxes = len(tsf1_list)
4782 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4783 ctx1.transfer_syntaxes = tsf1_list
4784
4785 ctx1b = dcerpc.ctx_list()
4786 ctx1b.context_id = 1
4787 ctx1b.num_transfer_syntaxes = len(tsf1_list)
4788 ctx1b.abstract_syntax = samba.dcerpc.epmapper.abstract_syntax()
4789 ctx1b.transfer_syntaxes = tsf1_list
4790
4791 c = self.get_anon_creds()
4792 g = gensec.Security.start_client(self.settings)
4793 g.set_credentials(c)
4794 g.want_feature(gensec.FEATURE_DCE_STYLE)
4795 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4796 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
4797 auth_context_id = 2
4798 g.start_mech_by_authtype(auth_type, auth_level)
4799 from_server = b""
4800 (finished, to_server) = g.update(from_server)
4801 self.assertFalse(finished)
4802
4803 auth_info = self.generate_auth(auth_type=auth_type,
4804 auth_level=auth_level,
4805 auth_context_id=auth_context_id,
4806 auth_blob=to_server)
4807 req = self.generate_bind(call_id=0,
4808 ctx_list=[ctx1],
4809 auth_info=auth_info)
4810 self.send_pdu(req)
4811 rep = self.recv_pdu()
4812 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4813 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4814 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4815 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4816 self.assertEqual(rep.u.secondary_address_size, 4)
4817 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4818 self.assertPadding(rep.u._pad1, 2)
4819 self.assertEqual(rep.u.num_results, 1)
4820 self.assertEqual(rep.u.ctx_list[0].result,
4821 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4822 self.assertEqual(rep.u.ctx_list[0].reason,
4823 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4824 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4825 self.assertNotEqual(len(rep.u.auth_info), 0)
4826 a = self.parse_auth(rep.u.auth_info)
4827
4828 from_server = a.credentials
4829 (finished, to_server) = g.update(from_server)
4830 self.assertFalse(finished)
4831
4832 auth_info = self.generate_auth(auth_type=auth_type,
4833 auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
4834 auth_context_id=auth_context_id,
4835 auth_blob=to_server)
4836 req = self.generate_alter(call_id=0,
4837 ctx_list=[ctx1b],
4838 assoc_group_id=rep.u.assoc_group_id,
4839 auth_info=auth_info)
4840 self.send_pdu(req)
4841 rep = self.recv_pdu()
4842 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4843 pfc_flags=req.pfc_flags |
4844 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
4845 auth_length=0)
4846 self.assertNotEqual(rep.u.alloc_hint, 0)
4847 self.assertEqual(rep.u.context_id, 0)
4848 self.assertEqual(rep.u.cancel_count, 0)
4849 self.assertEqual(rep.u.flags, 0)
4850 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
4851 self.assertEqual(rep.u.reserved, 0)
4852 self.assertEqual(len(rep.u.error_and_verifier), 0)
4853
4854 # wait for a disconnect
4855 rep = self.recv_pdu()
4856 self.assertIsNone(rep)
4857 self.assertNotConnected()
4858
4859 def test_spnego_change_transfer(self):
4860 ndr32 = base.transfer_syntax_ndr()
4861 ndr64 = base.transfer_syntax_ndr64()
4862
4863 tsf1_list = [ndr32]
4864 ctx1 = dcerpc.ctx_list()
4865 ctx1.context_id = 1
4866 ctx1.num_transfer_syntaxes = len(tsf1_list)
4867 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4868 ctx1.transfer_syntaxes = tsf1_list
4869
4870 tsf1b_list = [ndr32, ndr64]
4871 ctx1b = dcerpc.ctx_list()
4872 ctx1b.context_id = 1
4873 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
4874 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4875 ctx1b.transfer_syntaxes = tsf1b_list
4876
4877 c = self.get_anon_creds()
4878 g = gensec.Security.start_client(self.settings)
4879 g.set_credentials(c)
4880 g.want_feature(gensec.FEATURE_DCE_STYLE)
4881 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4882 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
4883 auth_context_id = 2
4884 g.start_mech_by_authtype(auth_type, auth_level)
4885 from_server = b""
4886 (finished, to_server) = g.update(from_server)
4887 self.assertFalse(finished)
4888
4889 auth_info = self.generate_auth(auth_type=auth_type,
4890 auth_level=auth_level,
4891 auth_context_id=auth_context_id,
4892 auth_blob=to_server)
4893 req = self.generate_bind(call_id=0,
4894 ctx_list=[ctx1],
4895 auth_info=auth_info)
4896 self.send_pdu(req)
4897 rep = self.recv_pdu()
4898 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4899 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4900 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4901 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4902 self.assertEqual(rep.u.secondary_address_size, 4)
4903 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4904 self.assertPadding(rep.u._pad1, 2)
4905 self.assertEqual(rep.u.num_results, 1)
4906 self.assertEqual(rep.u.ctx_list[0].result,
4907 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4908 self.assertEqual(rep.u.ctx_list[0].reason,
4909 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4910 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4911 self.assertNotEqual(len(rep.u.auth_info), 0)
4912 a = self.parse_auth(rep.u.auth_info)
4913
4914 from_server = a.credentials
4915 (finished, to_server) = g.update(from_server)
4916 self.assertFalse(finished)
4917
4918 # We change ctx_list and auth_level
4919 auth_info = self.generate_auth(auth_type=auth_type,
4920 auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
4921 auth_context_id=auth_context_id,
4922 auth_blob=to_server)
4923 req = self.generate_alter(call_id=0,
4924 ctx_list=[ctx1b],
4925 assoc_group_id=rep.u.assoc_group_id,
4926 auth_info=auth_info)
4927 self.send_pdu(req)
4928 rep = self.recv_pdu()
4929 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
4930 pfc_flags=req.pfc_flags |
4931 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
4932 auth_length=0)
4933 self.assertNotEqual(rep.u.alloc_hint, 0)
4934 self.assertEqual(rep.u.context_id, 0)
4935 self.assertEqual(rep.u.cancel_count, 0)
4936 self.assertEqual(rep.u.flags, 0)
4937 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
4938 self.assertEqual(rep.u.reserved, 0)
4939 self.assertEqual(len(rep.u.error_and_verifier), 0)
4940
4941 # wait for a disconnect
4942 rep = self.recv_pdu()
4943 self.assertIsNone(rep)
4944 self.assertNotConnected()
4945
4946 def test_spnego_change_auth_type1(self):
4947 ndr32 = base.transfer_syntax_ndr()
4948 ndr64 = base.transfer_syntax_ndr64()
4949
4950 tsf1_list = [ndr32]
4951 ctx1 = dcerpc.ctx_list()
4952 ctx1.context_id = 1
4953 ctx1.num_transfer_syntaxes = len(tsf1_list)
4954 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
4955 ctx1.transfer_syntaxes = tsf1_list
4956
4957 c = self.get_anon_creds()
4958 g = gensec.Security.start_client(self.settings)
4959 g.set_credentials(c)
4960 g.want_feature(gensec.FEATURE_DCE_STYLE)
4961 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
4962 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
4963 auth_context_id = 2
4964 g.start_mech_by_authtype(auth_type, auth_level)
4965 from_server = b""
4966 (finished, to_server) = g.update(from_server)
4967 self.assertFalse(finished)
4968
4969 auth_info = self.generate_auth(auth_type=auth_type,
4970 auth_level=auth_level,
4971 auth_context_id=auth_context_id,
4972 auth_blob=to_server)
4973 req = self.generate_bind(call_id=0,
4974 ctx_list=[ctx1],
4975 auth_info=auth_info)
4976 self.send_pdu(req)
4977 rep = self.recv_pdu()
4978 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
4979 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
4980 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
4981 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
4982 self.assertEqual(rep.u.secondary_address_size, 4)
4983 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
4984 self.assertPadding(rep.u._pad1, 2)
4985 self.assertEqual(rep.u.num_results, 1)
4986 self.assertEqual(rep.u.ctx_list[0].result,
4987 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
4988 self.assertEqual(rep.u.ctx_list[0].reason,
4989 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
4990 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
4991 self.assertNotEqual(len(rep.u.auth_info), 0)
4992 a = self.parse_auth(rep.u.auth_info)
4993
4994 from_server = a.credentials
4995 (finished, to_server) = g.update(from_server)
4996 self.assertFalse(finished)
4997
4998 # We only change auth_type
4999 auth_info = self.generate_auth(auth_type=dcerpc.DCERPC_AUTH_TYPE_KRB5,
5000 auth_level=auth_level,
5001 auth_context_id=auth_context_id,
5002 auth_blob=to_server)
5003 req = self.generate_alter(call_id=0,
5004 ctx_list=[ctx1],
5005 assoc_group_id=rep.u.assoc_group_id,
5006 auth_info=auth_info)
5007 self.send_pdu(req)
5008 rep = self.recv_pdu()
5009 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
5010 pfc_flags=req.pfc_flags |
5011 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
5012 auth_length=0)
5013 self.assertNotEqual(rep.u.alloc_hint, 0)
5014 self.assertEqual(rep.u.context_id, 0)
5015 self.assertEqual(rep.u.cancel_count, 0)
5016 self.assertEqual(rep.u.flags, 0)
5017 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_SEC_PKG_ERROR)
5018 self.assertEqual(rep.u.reserved, 0)
5019 self.assertEqual(len(rep.u.error_and_verifier), 0)
5020
5021 # wait for a disconnect
5022 rep = self.recv_pdu()
5023 self.assertIsNone(rep)
5024 self.assertNotConnected()
5025
5026 def test_spnego_change_auth_type2(self):
5027 ndr32 = base.transfer_syntax_ndr()
5028 ndr64 = base.transfer_syntax_ndr64()
5029
5030 tsf1_list = [ndr32]
5031 ctx1 = dcerpc.ctx_list()
5032 ctx1.context_id = 1
5033 ctx1.num_transfer_syntaxes = len(tsf1_list)
5034 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
5035 ctx1.transfer_syntaxes = tsf1_list
5036
5037 tsf1b_list = [ndr32, ndr64]
5038 ctx1b = dcerpc.ctx_list()
5039 ctx1b.context_id = 1
5040 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
5041 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
5042 ctx1b.transfer_syntaxes = tsf1b_list
5043
5044 c = self.get_anon_creds()
5045 g = gensec.Security.start_client(self.settings)
5046 g.set_credentials(c)
5047 g.want_feature(gensec.FEATURE_DCE_STYLE)
5048 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
5049 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
5050 auth_context_id = 2
5051 g.start_mech_by_authtype(auth_type, auth_level)
5052 from_server = b""
5053 (finished, to_server) = g.update(from_server)
5054 self.assertFalse(finished)
5055
5056 auth_info = self.generate_auth(auth_type=auth_type,
5057 auth_level=auth_level,
5058 auth_context_id=auth_context_id,
5059 auth_blob=to_server)
5060 req = self.generate_bind(call_id=0,
5061 ctx_list=[ctx1],
5062 auth_info=auth_info)
5063 self.send_pdu(req)
5064 rep = self.recv_pdu()
5065 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
5066 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
5067 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
5068 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
5069 self.assertEqual(rep.u.secondary_address_size, 4)
5070 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
5071 self.assertPadding(rep.u._pad1, 2)
5072 self.assertEqual(rep.u.num_results, 1)
5073 self.assertEqual(rep.u.ctx_list[0].result,
5074 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
5075 self.assertEqual(rep.u.ctx_list[0].reason,
5076 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
5077 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
5078 self.assertNotEqual(len(rep.u.auth_info), 0)
5079 a = self.parse_auth(rep.u.auth_info)
5080
5081 from_server = a.credentials
5082 (finished, to_server) = g.update(from_server)
5083 self.assertFalse(finished)
5084
5085 # We change ctx_list and auth_level
5086 auth_info = self.generate_auth(auth_type=dcerpc.DCERPC_AUTH_TYPE_KRB5,
5087 auth_level=auth_level,
5088 auth_context_id=auth_context_id,
5089 auth_blob=to_server)
5090 req = self.generate_alter(call_id=0,
5091 ctx_list=[ctx1b],
5092 assoc_group_id=rep.u.assoc_group_id,
5093 auth_info=auth_info)
5094 self.send_pdu(req)
5095 rep = self.recv_pdu()
5096 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
5097 pfc_flags=req.pfc_flags |
5098 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
5099 auth_length=0)
5100 self.assertNotEqual(rep.u.alloc_hint, 0)
5101 self.assertEqual(rep.u.context_id, 0)
5102 self.assertEqual(rep.u.cancel_count, 0)
5103 self.assertEqual(rep.u.flags, 0)
5104 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
5105 self.assertEqual(rep.u.reserved, 0)
5106 self.assertEqual(len(rep.u.error_and_verifier), 0)
5107
5108 # wait for a disconnect
5109 rep = self.recv_pdu()
5110 self.assertIsNone(rep)
5111 self.assertNotConnected()
5112
5113 def test_spnego_change_auth_type3(self):
5114 ndr32 = base.transfer_syntax_ndr()
5115 ndr64 = base.transfer_syntax_ndr64()
5116
5117 tsf1_list = [ndr32]
5118 ctx1 = dcerpc.ctx_list()
5119 ctx1.context_id = 1
5120 ctx1.num_transfer_syntaxes = len(tsf1_list)
5121 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
5122 ctx1.transfer_syntaxes = tsf1_list
5123
5124 tsf1b_list = [ndr32, ndr64]
5125 ctx1b = dcerpc.ctx_list()
5126 ctx1b.context_id = 1
5127 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
5128 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
5129 ctx1b.transfer_syntaxes = tsf1b_list
5130
5131 c = self.get_anon_creds()
5132 g = gensec.Security.start_client(self.settings)
5133 g.set_credentials(c)
5134 g.want_feature(gensec.FEATURE_DCE_STYLE)
5135 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
5136 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
5137 auth_context_id = 2
5138 g.start_mech_by_authtype(auth_type, auth_level)
5139 from_server = b""
5140 (finished, to_server) = g.update(from_server)
5141 self.assertFalse(finished)
5142
5143 auth_info = self.generate_auth(auth_type=auth_type,
5144 auth_level=auth_level,
5145 auth_context_id=auth_context_id,
5146 auth_blob=to_server)
5147 req = self.generate_bind(call_id=0,
5148 ctx_list=[ctx1],
5149 auth_info=auth_info)
5150 self.send_pdu(req)
5151 rep = self.recv_pdu()
5152 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
5153 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
5154 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
5155 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
5156 self.assertEqual(rep.u.secondary_address_size, 4)
5157 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
5158 self.assertPadding(rep.u._pad1, 2)
5159 self.assertEqual(rep.u.num_results, 1)
5160 self.assertEqual(rep.u.ctx_list[0].result,
5161 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
5162 self.assertEqual(rep.u.ctx_list[0].reason,
5163 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
5164 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
5165 self.assertNotEqual(len(rep.u.auth_info), 0)
5166 a = self.parse_auth(rep.u.auth_info)
5167
5168 from_server = a.credentials
5169 (finished, to_server) = g.update(from_server)
5170 self.assertFalse(finished)
5171
5172 # We change ctx_list and auth_level
5173 auth_info = self.generate_auth(auth_type=dcerpc.DCERPC_AUTH_TYPE_NONE,
5174 auth_level=auth_level,
5175 auth_context_id=auth_context_id,
5176 auth_blob=to_server)
5177 req = self.generate_alter(call_id=0,
5178 ctx_list=[ctx1b],
5179 assoc_group_id=rep.u.assoc_group_id,
5180 auth_info=auth_info)
5181 self.send_pdu(req)
5182 rep = self.recv_pdu()
5183 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
5184 pfc_flags=req.pfc_flags |
5185 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
5186 auth_length=0)
5187 self.assertNotEqual(rep.u.alloc_hint, 0)
5188 self.assertEqual(rep.u.context_id, 0)
5189 self.assertEqual(rep.u.cancel_count, 0)
5190 self.assertEqual(rep.u.flags, 0)
5191 self.assertEqual(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
5192 self.assertEqual(rep.u.reserved, 0)
5193 self.assertEqual(len(rep.u.error_and_verifier), 0)
5194
5195 # wait for a disconnect
5196 rep = self.recv_pdu()
5197 self.assertIsNone(rep)
5198 self.assertNotConnected()
5199
5200 def _prepare_pdu_auth_padding(self, req, before=b"", behind=b"", max_xmit_frag=None):
5201 if max_xmit_frag is None:
5202 max_xmit_frag = self.max_xmit_frag
5203 max_pad_length = max_xmit_frag - req.frag_length
5204 total_pad_length = len(before) + len(behind)
5205 self.assertLessEqual(total_pad_length, max_pad_length)
5206
5207 req_pdu_tmp = self.prepare_pdu(req)
5208
5209 auth_length = dcerpc.DCERPC_AUTH_TRAILER_LENGTH + req.auth_length
5210 auth_offset = req.frag_length - auth_length
5211 auth_length = dcerpc.DCERPC_AUTH_TRAILER_LENGTH + req.auth_length + len(behind)
5212 new_len_fields = struct.pack('<HH',
5213 req.frag_length + total_pad_length,
5214 req.auth_length + len(behind))
5215 auth_blob = req_pdu_tmp[auth_offset:]
5216
5217 req_pdu = req_pdu_tmp[0:dcerpc.DCERPC_FRAG_LEN_OFFSET]
5218 req_pdu += new_len_fields
5219 req_pdu += req_pdu_tmp[dcerpc.DCERPC_AUTH_LEN_OFFSET+2:auth_offset]
5220 req_pdu += before
5221 req_pdu += auth_blob
5222 req_pdu += behind
5223
5224 return req_pdu
5225
5226 def _add_auth_padding(self, req,
5227 mid_padding=False,
5228 tail_padding=False,
5229 auth_offset_diff=0,
5230 max_auth_length=0xffff,
5231 max_xmit_frag=None):
5232 if max_xmit_frag is None:
5233 max_xmit_frag = self.max_xmit_frag
5234 auth_length = dcerpc.DCERPC_AUTH_TRAILER_LENGTH + req.auth_length
5235 auth_offset = req.frag_length - auth_length
5236 max_padding = max_xmit_frag - req.frag_length
5237 max_auth_offset = (max_xmit_frag - auth_length) & 0xfffC
5238 before_len = max_auth_offset - auth_offset
5239 if mid_padding and tail_padding:
5240 behind_len = max_padding - before_len
5241 elif mid_padding:
5242 behind_len = 0
5243 elif tail_padding:
5244 before_len = 0
5245 behind_len = max_padding
5246 else:
5247 before_len = 0
5248 behind_len = 0
5249 before_len += auth_offset_diff
5250 self.assertGreaterEqual(before_len, 0)
5251 if max_auth_length > req.auth_length:
5252 max_behind_len = max_auth_length - req.auth_length
5253 else:
5254 max_behind_len = 0
5255 if behind_len > max_behind_len:
5256 behind_len = max_behind_len
5257 req_pdu = self._prepare_pdu_auth_padding(req,
5258 before=b'\xfb' * before_len,
5259 behind=b'\xfa' * behind_len,
5260 max_xmit_frag=max_xmit_frag)
5261 return req_pdu
5262
5263 def _get_pdu_auth_len(self, req_pdu):
5264 al = req_pdu[dcerpc.DCERPC_AUTH_LEN_OFFSET:dcerpc.DCERPC_AUTH_LEN_OFFSET+2]
5265 l = struct.unpack('<H', al)
5266 return l[0]
5267
5268 def _test_auth_pad_raw(self,
5269 auth_type=None,
5270 dcerpc_creds=None,
5271 use_auth3=None,
5272 use_smb=None,
5273 transport_creds=None,
5274 bind_mid_padding=False,
5275 bind_tail_padding=False,
5276 bind_auth_offset_diff=0,
5277 bind_max_auth_length=0xffff,
5278 third_mid_padding=False,
5279 third_tail_padding=False,
5280 third_auth_offset_diff=0,
5281 third_max_auth_length=0xffff):
5282
5283 if dcerpc_creds is None:
5284 dcerpc_creds = self.get_anon_creds()
5285 if transport_creds is None:
5286 transport_creds = self.get_anon_creds()
5287
5288 if use_smb:
5289 self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
5290 secondary_address='\\pipe\\lsass',
5291 transport_creds=transport_creds)
5292
5293 ndr32 = base.transfer_syntax_ndr()
5294
5295 tsf1_list = [ndr32]
5296 ctx1 = dcerpc.ctx_list()
5297 ctx1.context_id = 1
5298 ctx1.num_transfer_syntaxes = len(tsf1_list)
5299 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
5300 ctx1.transfer_syntaxes = tsf1_list
5301 ctx_list = [ctx1]
5302
5303 bind_nak_reason = None
5304 third_fault_status = None
5305 third_fault_flags = 0
5306 first_req_fault_status = None
5307 first_req_fault_flags = 0
5308 max_auth_length = 0xffff
5309 if auth_type == dcerpc.DCERPC_AUTH_TYPE_KRB5:
5310 expect_3legs = True
5311 elif auth_type == dcerpc.DCERPC_AUTH_TYPE_NTLMSSP:
5312 expect_3legs = True
5313 max_auth_length = 2888
5314 elif auth_type == dcerpc.DCERPC_AUTH_TYPE_SPNEGO:
5315 expect_3legs = False
5316 if third_mid_padding and third_tail_padding:
5317 if not use_auth3:
5318 third_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
5319 third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
5320 else:
5321 first_req_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
5322 elif third_mid_padding:
5323 if use_auth3:
5324 first_req_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
5325 elif third_tail_padding:
5326 if not use_auth3:
5327 third_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
5328 third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
5329 else:
5330 third_fault_status = dcerpc.DCERPC_NCA_S_PROTO_ERROR
5331 third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
5332 else:
5333 expect_3legs = False
5334
5335 g = gensec.Security.start_client(self.settings)
5336 g.set_credentials(dcerpc_creds)
5337 g.want_feature(gensec.FEATURE_DCE_STYLE)
5338 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
5339 auth_context_id = 2
5340 g.start_mech_by_authtype(auth_type, auth_level)
5341 from_server = b""
5342 (finished, to_server) = g.update(from_server)
5343 self.assertFalse(finished)
5344
5345 auth_info = self.generate_auth(auth_type=auth_type,
5346 auth_level=auth_level,
5347 auth_context_id=auth_context_id,
5348 auth_blob=to_server)
5349 req = self.generate_bind(call_id=1,
5350 ctx_list=ctx_list,
5351 auth_info=auth_info)
5352 req_pdu = self._add_auth_padding(req,
5353 mid_padding=bind_mid_padding,
5354 tail_padding=bind_tail_padding,
5355 auth_offset_diff=bind_auth_offset_diff,
5356 max_auth_length=bind_max_auth_length,
5357 max_xmit_frag=0xffff)
5358 auth_length = self._get_pdu_auth_len(req_pdu)
5359 if bind_auth_offset_diff != 0:
5360 bind_nak_reason = dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED
5361 elif auth_length > max_auth_length:
5362 bind_nak_reason = dcerpc.DCERPC_BIND_NAK_REASON_INVALID_CHECKSUM
5363 self.send_pdu_blob(req_pdu)
5364 rep = self.recv_pdu()
5365 if bind_nak_reason is not None:
5366 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
5367 auth_length=0)
5368 self.assertEqual(rep.u.reject_reason, bind_nak_reason)
5369 self.assertEqual(rep.u.num_versions, 1)
5370 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
5371 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
5372 self.assertPadding(rep.u._pad, 3)
5373
5374 # wait for a disconnect
5375 rep = self.recv_pdu()
5376 self.assertIsNone(rep)
5377 self.assertNotConnected()
5378 return
5379 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
5380 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
5381 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
5382 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
5383 sda_str = self.secondary_address
5384 sda_len = len(sda_str) + 1
5385 mod_len = (2 + sda_len) % 4
5386 if mod_len != 0:
5387 sda_pad = 4 - mod_len
5388 else:
5389 sda_pad = 0
5390 self.assertEqual(rep.u.secondary_address_size, sda_len)
5391 self.assertEqual(rep.u.secondary_address, sda_str)
5392 self.assertPadding(rep.u._pad1, sda_pad)
5393 self.assertEqual(rep.u.num_results, 1)
5394 self.assertEqual(rep.u.ctx_list[0].result,
5395 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
5396 self.assertEqual(rep.u.ctx_list[0].reason,
5397 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
5398 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
5399 self.assertNotEqual(len(rep.u.auth_info), 0)
5400 a = self.parse_auth(rep.u.auth_info)
5401
5402 from_server = a.credentials
5403 (finished, to_server) = g.update(from_server)
5404
5405 auth_info = self.generate_auth(auth_type=auth_type,
5406 auth_level=auth_level,
5407 auth_context_id=auth_context_id,
5408 auth_blob=to_server)
5409 if expect_3legs:
5410 self.assertTrue(finished)
5411 else:
5412 self.assertFalse(finished)
5413 if not use_auth3:
5414 req = self.generate_alter(call_id=2,
5415 ctx_list=ctx_list,
5416 assoc_group_id=rep.u.assoc_group_id,
5417 auth_info=auth_info)
5418 req_pdu = self._add_auth_padding(req,
5419 mid_padding=third_mid_padding,
5420 tail_padding=third_tail_padding,
5421 auth_offset_diff=third_auth_offset_diff,
5422 max_auth_length=third_max_auth_length,
5423 max_xmit_frag=0xffff)
5424 auth_length = self._get_pdu_auth_len(req_pdu)
5425 if third_auth_offset_diff != 0:
5426 third_fault_status = dcerpc.DCERPC_NCA_S_PROTO_ERROR
5427 third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
5428 if auth_length > max_auth_length:
5429 third_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
5430 third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
5431 self.send_pdu_blob(req_pdu)
5432 rep = self.recv_pdu()
5433 if third_fault_status is not None:
5434 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
5435 pfc_flags=req.pfc_flags | third_fault_flags,
5436 auth_length=0)
5437 self.assertNotEqual(rep.u.alloc_hint, 0)
5438 self.assertEqual(rep.u.context_id, 0)
5439 self.assertEqual(rep.u.cancel_count, 0)
5440 self.assertEqual(rep.u.flags, 0)
5441 self.assertEqual(rep.u.status, third_fault_status)
5442 self.assertEqual(rep.u.reserved, 0)
5443 self.assertEqual(len(rep.u.error_and_verifier), 0)
5444
5445 # wait for a disconnect
5446 rep = self.recv_pdu()
5447 self.assertIsNone(rep)
5448 self.assertNotConnected()
5449 return
5450 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
5451 pfc_flags=req.pfc_flags)
5452 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
5453 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
5454 self.assertEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
5455 self.assertEqual(rep.u.secondary_address_size, 0)
5456 self.assertEqual(rep.u.secondary_address, "")
5457 self.assertPadding(rep.u._pad1, 2)
5458 self.assertEqual(rep.u.num_results, 1)
5459 self.assertEqual(rep.u.ctx_list[0].result,
5460 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
5461 self.assertEqual(rep.u.ctx_list[0].reason,
5462 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
5463 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
5464 if finished:
5465 self.assertEqual(rep.auth_length, 0)
5466 else:
5467 self.assertNotEqual(rep.auth_length, 0)
5468 self.assertGreater(len(rep.u.auth_info), dcerpc.DCERPC_AUTH_TRAILER_LENGTH)
5469 self.assertEqual(rep.auth_length, len(rep.u.auth_info) - dcerpc.DCERPC_AUTH_TRAILER_LENGTH)
5470 else:
5471 req = self.generate_auth3(call_id=2,
5472 auth_info=auth_info)
5473 req_pdu = self._add_auth_padding(req,
5474 mid_padding=third_mid_padding,
5475 tail_padding=third_tail_padding,
5476 auth_offset_diff=third_auth_offset_diff,
5477 max_auth_length=third_max_auth_length)
5478 auth_length = self._get_pdu_auth_len(req_pdu)
5479 if third_auth_offset_diff != 0:
5480 third_fault_status = dcerpc.DCERPC_NCA_S_PROTO_ERROR
5481 third_fault_flags = dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE
5482 elif not expect_3legs:
5483 pass
5484 elif auth_length > max_auth_length:
5485 first_req_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
5486 self.send_pdu_blob(req_pdu)
5487 if third_fault_status is not None:
5488 rep = self.recv_pdu()
5489 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
5490 pfc_flags=req.pfc_flags | third_fault_flags,
5491 auth_length=0)
5492 self.assertNotEqual(rep.u.alloc_hint, 0)
5493 self.assertEqual(rep.u.context_id, 0)
5494 self.assertEqual(rep.u.cancel_count, 0)
5495 self.assertEqual(rep.u.flags, 0)
5496 self.assertEqual(rep.u.status, third_fault_status)
5497 self.assertEqual(rep.u.reserved, 0)
5498 self.assertEqual(len(rep.u.error_and_verifier), 0)
5499
5500 # wait for a disconnect
5501 rep = self.recv_pdu()
5502 self.assertIsNone(rep)
5503 self.assertNotConnected()
5504 return
5505 if self.transport_impersonation is None:
5506 rep = self.recv_pdu(timeout=0.01)
5507 self.assertIsNone(rep)
5508 self.assertIsConnected()
5509
5510 # And now try a request without auth_info
5511 req = self.generate_request(call_id=3,
5512 context_id=ctx1.context_id,
5513 opnum=0,
5514 stub=b"")
5515 self.send_pdu(req)
5516 rep = self.recv_pdu()
5517 if first_req_fault_status is not None:
5518 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
5519 pfc_flags=req.pfc_flags | first_req_fault_flags,
5520 auth_length=0)
5521 self.assertNotEqual(rep.u.alloc_hint, 0)
5522 self.assertEqual(rep.u.context_id, req.u.context_id)
5523 self.assertEqual(rep.u.cancel_count, 0)
5524 self.assertEqual(rep.u.flags, 0)
5525 self.assertEqual(rep.u.status, first_req_fault_status)
5526 self.assertEqual(rep.u.reserved, 0)
5527 self.assertEqual(len(rep.u.error_and_verifier), 0)
5528
5529 if first_req_fault_flags & dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE:
5530 return
5531
5532 # wait for a disconnect
5533 rep = self.recv_pdu()
5534 self.assertIsNone(rep)
5535 self.assertNotConnected()
5536 return
5537 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
5538 auth_length=0)
5539 self.assertNotEqual(rep.u.alloc_hint, 0)
5540 self.assertEqual(rep.u.context_id, req.u.context_id)
5541 self.assertEqual(rep.u.cancel_count, 0)
5542 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
5543
5544 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
5545 auth_info = self.generate_auth(auth_type=auth_type,
5546 auth_level=auth_level,
5547 auth_context_id=auth_context_id,
5548 auth_blob=b"\x01" + b"\x00" * 15)
5549 req = self.generate_request(call_id=4,
5550 context_id=ctx1.context_id,
5551 opnum=0,
5552 stub=b"",
5553 auth_info=auth_info)
5554 self.send_pdu(req)
5555 rep = self.recv_pdu()
5556 # We don't get an auth_info back
5557 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
5558 auth_length=0)
5559 self.assertNotEqual(rep.u.alloc_hint, 0)
5560 self.assertEqual(rep.u.context_id, req.u.context_id)
5561 self.assertEqual(rep.u.cancel_count, 0)
5562 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
5563
5564 self._disconnect("disconnect")
5565 self.assertNotConnected()
5566
5567 def _test_auth_mid_pad_with_args(self,
5568 auth_type,
5569 use_auth3,
5570 use_smb):
5571 return self._test_auth_pad_raw(auth_type=auth_type,
5572 use_auth3=use_auth3,
5573 use_smb=use_smb,
5574 bind_mid_padding=True,
5575 third_mid_padding=True)
5576
5577 def _test_auth_full_pad_with_args(self,
5578 auth_type,
5579 use_auth3,
5580 use_smb):
5581 return self._test_auth_pad_raw(auth_type=auth_type,
5582 use_auth3=use_auth3,
5583 use_smb=use_smb,
5584 bind_mid_padding=True,
5585 third_mid_padding=True,
5586 bind_tail_padding=True,
5587 third_tail_padding=True)
5588
5589 def _test_auth_tail_pad_with_args(self,
5590 auth_type,
5591 use_auth3,
5592 use_smb):
5593 return self._test_auth_pad_raw(auth_type=auth_type,
5594 use_auth3=use_auth3,
5595 use_smb=use_smb,
5596 bind_tail_padding=True,
5597 third_tail_padding=True)
5598
5599 def _test_auth_pad_bind_align2_with_args(self,
5600 auth_type,
5601 use_smb):
5602 return self._test_auth_pad_raw(auth_type=auth_type,
5603 use_smb=use_smb,
5604 bind_auth_offset_diff=2)
5605
5606 def _test_auth_pad_alter_align2_with_args(self,
5607 auth_type,
5608 use_smb):
5609 return self._test_auth_pad_raw(auth_type=auth_type,
5610 use_smb=use_smb,
5611 third_auth_offset_diff=2)
5612
5613 def _test_auth_pad_auth3_align2_with_args(self,
5614 auth_type,
5615 use_smb):
5616 return self._test_auth_pad_raw(auth_type=auth_type,
5617 use_smb=use_smb,
5618 use_auth3=True,
5619 third_auth_offset_diff=2)
5620
5621 def _test_auth_pad_ntlm_2888_with_args(self,
5622 use_auth3,
5623 use_smb):
5624 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
5625 return self._test_auth_pad_raw(auth_type=auth_type,
5626 use_smb=use_smb,
5627 use_auth3=use_auth3,
5628 bind_tail_padding=True,
5629 bind_max_auth_length=2888,
5630 third_tail_padding=True,
5631 third_max_auth_length=2888)
5632
5633 def _test_auth_pad_ntlm_2889_with_args(self,
5634 use_auth3,
5635 use_smb):
5636 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
5637 return self._test_auth_pad_raw(auth_type=auth_type,
5638 use_smb=use_smb,
5639 use_auth3=use_auth3,
5640 third_tail_padding=True,
5641 third_max_auth_length=2889)
5642
5643 def _test_auth_pad_ntlm_2889_bind_with_args(self,
5644 use_smb):
5645 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
5646 return self._test_auth_pad_raw(auth_type=auth_type,
5647 use_smb=use_smb,
5648 bind_tail_padding=True,
5649 bind_max_auth_length=2889)
5650
5651 @classmethod
5652 def _setup_auth_pad_ignored(cls):
5653 auth_types = {
5654 "spnego": dcerpc.DCERPC_AUTH_TYPE_SPNEGO,
5655 "ntlm": dcerpc.DCERPC_AUTH_TYPE_NTLMSSP,
5656 }
5657 third_methods = {
5658 "alter": False,
5659 "auth3": True,
5660 }
5661 transports = {
5662 "tcp": False,
5663 "smb": True,
5664 }
5665
5666 for auth_type in auth_types.keys():
5667 for third_method in third_methods.keys():
5668 for transport in transports.keys():
5669 tname = "%s_%s_%s" % (
5670 auth_type,
5671 third_method,
5672 transport
5673 )
5674 targs = (
5675 auth_types[auth_type],
5676 third_methods[third_method],
5677 transports[transport],
5678 )
5679 cls.generate_dynamic_test("test_auth_mid_pad",
5680 tname, *targs)
5681 cls.generate_dynamic_test("test_auth_full_pad",
5682 tname, *targs)
5683 cls.generate_dynamic_test("test_auth_tail_pad",
5684 tname, *targs)
5685
5686 for auth_type in auth_types.keys():
5687 for transport in transports.keys():
5688 tname = "%s_%s" % (
5689 auth_type,
5690 transport
5691 )
5692 targs = (
5693 auth_types[auth_type],
5694 transports[transport],
5695 )
5696 cls.generate_dynamic_test("test_auth_pad_bind_align2",
5697 tname, *targs)
5698 cls.generate_dynamic_test("test_auth_pad_alter_align2",
5699 tname, *targs)
5700 cls.generate_dynamic_test("test_auth_pad_auth3_align2",
5701 tname, *targs)
5702
5703 for third_method in third_methods.keys():
5704 for transport in transports.keys():
5705 tname = "%s_%s" % (
5706 third_method,
5707 transport
5708 )
5709 targs = (
5710 third_methods[third_method],
5711 transports[transport],
5712 )
5713 cls.generate_dynamic_test("test_auth_pad_ntlm_2888",
5714 tname, *targs)
5715 cls.generate_dynamic_test("test_auth_pad_ntlm_2889",
5716 tname, *targs)
5717
5718 for transport in transports.keys():
5719 tname = "%s" % (
5720 transport
5721 )
5722 targs = (
5723 transports[transport],
5724 )
5725 cls.generate_dynamic_test("test_auth_pad_ntlm_2889_bind",
5726 tname, *targs)
5727
5728 return
5729
5730 def test_spnego_auth_pad_ok_bind_legacy(self):
5731 ndr32 = base.transfer_syntax_ndr()
5732
5733 tsf1_list = [ndr32]
5734 ctx1 = dcerpc.ctx_list()
5735 ctx1.context_id = 1
5736 ctx1.num_transfer_syntaxes = len(tsf1_list)
5737 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
5738 ctx1.transfer_syntaxes = tsf1_list
5739 ctx_list = [ctx1]
5740
5741 c = self.get_anon_creds()
5742 g = gensec.Security.start_client(self.settings)
5743 g.set_credentials(c)
5744 g.want_feature(gensec.FEATURE_DCE_STYLE)
5745 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
5746 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
5747 auth_context_id = 2
5748 g.start_mech_by_authtype(auth_type, auth_level)
5749 from_server = b""
5750 (finished, to_server) = g.update(from_server)
5751 self.assertFalse(finished)
5752
5753 auth_info = self.generate_auth(auth_type=auth_type,
5754 auth_level=auth_level,
5755 auth_context_id=auth_context_id,
5756 auth_blob=to_server)
5757
5758 req = self.generate_bind(call_id=0,
5759 ctx_list=ctx_list,
5760 auth_info=auth_info)
5761 req_pdu = samba.ndr.ndr_pack(req)
5762
5763 auth_pad_ok = len(req_pdu)
5764 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
5765 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
5766 auth_pad_ok -= len(to_server)
5767
5768 auth_info = self.generate_auth(auth_type=auth_type,
5769 auth_level=auth_level,
5770 auth_context_id=auth_context_id,
5771 auth_pad_length=auth_pad_ok,
5772 auth_blob=to_server)
5773
5774 req = self.generate_bind(call_id=0,
5775 ctx_list=ctx_list,
5776 auth_info=auth_info)
5777 self.send_pdu(req)
5778 rep = self.recv_pdu()
5779 if not self.allow_bind_auth_pad:
5780 # modern server (e.g. 2022)
5781 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
5782 auth_length=0)
5783 self.assertEqual(rep.u.reject_reason,
5784 dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED)
5785 self.assertEqual(rep.u.num_versions, 1)
5786 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
5787 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
5788 self.assertPadding(rep.u._pad, 3)
5789 # wait for a disconnect
5790 rep = self.recv_pdu()
5791 self.assertIsNone(rep)
5792 self.assertNotConnected()
5793 return
5794 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
5795 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
5796 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
5797 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
5798 self.assertEqual(rep.u.secondary_address_size, 4)
5799 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
5800 self.assertPadding(rep.u._pad1, 2)
5801 self.assertEqual(rep.u.num_results, 1)
5802 self.assertEqual(rep.u.ctx_list[0].result,
5803 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
5804 self.assertEqual(rep.u.ctx_list[0].reason,
5805 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
5806 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
5807 self.assertNotEqual(len(rep.u.auth_info), 0)
5808 a = self.parse_auth(rep.u.auth_info)
5809
5810 from_server = a.credentials
5811 (finished, to_server) = g.update(from_server)
5812 self.assertFalse(finished)
5813
5814 auth_info = self.generate_auth(auth_type=auth_type,
5815 auth_level=auth_level,
5816 auth_context_id=auth_context_id,
5817 auth_blob=to_server)
5818 req = self.generate_alter(call_id=0,
5819 ctx_list=ctx_list,
5820 assoc_group_id=rep.u.assoc_group_id,
5821 auth_info=auth_info)
5822 req_pdu = samba.ndr.ndr_pack(req)
5823
5824 auth_pad_ok = len(req_pdu)
5825 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
5826 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
5827 auth_pad_ok -= len(to_server)
5828 auth_info = self.generate_auth(auth_type=auth_type,
5829 auth_level=auth_level,
5830 auth_context_id=auth_context_id,
5831 auth_pad_length=auth_pad_ok,
5832 auth_blob=to_server)
5833 req = self.generate_alter(call_id=0,
5834 ctx_list=ctx_list,
5835 assoc_group_id=rep.u.assoc_group_id,
5836 auth_info=auth_info)
5837 self.send_pdu(req)
5838 rep = self.recv_pdu()
5839 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id)
5840 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
5841 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
5842 self.assertEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
5843 self.assertEqual(rep.u.secondary_address_size, 0)
5844 self.assertPadding(rep.u._pad1, 2)
5845 self.assertEqual(rep.u.num_results, 1)
5846 self.assertEqual(rep.u.ctx_list[0].result,
5847 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
5848 self.assertEqual(rep.u.ctx_list[0].reason,
5849 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
5850 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
5851 self.assertNotEqual(len(rep.u.auth_info), 0)
5852 a = self.parse_auth(rep.u.auth_info)
5853
5854 from_server = a.credentials
5855 (finished, to_server) = g.update(from_server)
5856 self.assertTrue(finished)
5857
5858 # And now try a request without auth_info
5859 req = self.generate_request(call_id=2,
5860 context_id=ctx1.context_id,
5861 opnum=0,
5862 stub=b"")
5863 self.send_pdu(req)
5864 rep = self.recv_pdu()
5865 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
5866 auth_length=0)
5867 self.assertNotEqual(rep.u.alloc_hint, 0)
5868 self.assertEqual(rep.u.context_id, req.u.context_id)
5869 self.assertEqual(rep.u.cancel_count, 0)
5870 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
5871
5872 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
5873 auth_info = self.generate_auth(auth_type=auth_type,
5874 auth_level=auth_level,
5875 auth_context_id=auth_context_id,
5876 auth_blob=b"\x01" + b"\x00" * 15)
5877 req = self.generate_request(call_id=3,
5878 context_id=ctx1.context_id,
5879 opnum=0,
5880 stub=b"",
5881 auth_info=auth_info)
5882 self.send_pdu(req)
5883 rep = self.recv_pdu()
5884 # We don't get an auth_info back
5885 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
5886 auth_length=0)
5887 self.assertNotEqual(rep.u.alloc_hint, 0)
5888 self.assertEqual(rep.u.context_id, req.u.context_id)
5889 self.assertEqual(rep.u.cancel_count, 0)
5890 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
5891
5892 self._disconnect("disconnect")
5893 self.assertNotConnected()
5894
5895 def test_spnego_auth_pad_ok_alter_legacy(self):
5896 ndr32 = base.transfer_syntax_ndr()
5897
5898 tsf1_list = [ndr32]
5899 ctx1 = dcerpc.ctx_list()
5900 ctx1.context_id = 1
5901 ctx1.num_transfer_syntaxes = len(tsf1_list)
5902 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
5903 ctx1.transfer_syntaxes = tsf1_list
5904 ctx_list = [ctx1]
5905
5906 c = self.get_anon_creds()
5907 g = gensec.Security.start_client(self.settings)
5908 g.set_credentials(c)
5909 g.want_feature(gensec.FEATURE_DCE_STYLE)
5910 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
5911 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
5912 auth_context_id = 2
5913 g.start_mech_by_authtype(auth_type, auth_level)
5914 from_server = b""
5915 (finished, to_server) = g.update(from_server)
5916 self.assertFalse(finished)
5917
5918 auth_info = self.generate_auth(auth_type=auth_type,
5919 auth_level=auth_level,
5920 auth_context_id=auth_context_id,
5921 auth_blob=to_server)
5922
5923 req = self.generate_bind(call_id=0,
5924 ctx_list=ctx_list,
5925 auth_info=auth_info)
5926 req_pdu = samba.ndr.ndr_pack(req)
5927
5928 auth_info = self.generate_auth(auth_type=auth_type,
5929 auth_level=auth_level,
5930 auth_context_id=auth_context_id,
5931 auth_pad_length=0,
5932 auth_blob=to_server)
5933
5934 req = self.generate_bind(call_id=0,
5935 ctx_list=ctx_list,
5936 auth_info=auth_info)
5937 self.send_pdu(req)
5938 rep = self.recv_pdu()
5939 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
5940 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
5941 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
5942 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
5943 self.assertEqual(rep.u.secondary_address_size, 4)
5944 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
5945 self.assertPadding(rep.u._pad1, 2)
5946 self.assertEqual(rep.u.num_results, 1)
5947 self.assertEqual(rep.u.ctx_list[0].result,
5948 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
5949 self.assertEqual(rep.u.ctx_list[0].reason,
5950 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
5951 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
5952 self.assertNotEqual(len(rep.u.auth_info), 0)
5953 a = self.parse_auth(rep.u.auth_info)
5954
5955 from_server = a.credentials
5956 (finished, to_server) = g.update(from_server)
5957 self.assertFalse(finished)
5958
5959 auth_info = self.generate_auth(auth_type=auth_type,
5960 auth_level=auth_level,
5961 auth_context_id=auth_context_id,
5962 auth_blob=to_server)
5963 req = self.generate_alter(call_id=0,
5964 ctx_list=ctx_list,
5965 assoc_group_id=rep.u.assoc_group_id,
5966 auth_info=auth_info)
5967 req_pdu = samba.ndr.ndr_pack(req)
5968
5969 auth_pad_ok = len(req_pdu)
5970 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
5971 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
5972 auth_pad_ok -= len(to_server)
5973 auth_info = self.generate_auth(auth_type=auth_type,
5974 auth_level=auth_level,
5975 auth_context_id=auth_context_id,
5976 auth_pad_length=auth_pad_ok,
5977 auth_blob=to_server)
5978 req = self.generate_alter(call_id=0,
5979 ctx_list=ctx_list,
5980 assoc_group_id=rep.u.assoc_group_id,
5981 auth_info=auth_info)
5982 self.send_pdu(req)
5983 rep = self.recv_pdu()
5984 if not self.allow_bind_auth_pad:
5985 # modern server (e.g. 2022)
5986 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
5987 pfc_flags=req.pfc_flags |
5988 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
5989 auth_length=0)
5990 self.assertNotEqual(rep.u.alloc_hint, 0)
5991 self.assertEqual(rep.u.context_id, 0)
5992 self.assertEqual(rep.u.cancel_count, 0)
5993 self.assertEqual(rep.u.flags, 0)
5994 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
5995 self.assertEqual(rep.u.reserved, 0)
5996 self.assertEqual(len(rep.u.error_and_verifier), 0)
5997
5998 # wait for a disconnect
5999 rep = self.recv_pdu()
6000 self.assertIsNone(rep)
6001 self.assertNotConnected()
6002 return
6003 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id)
6004 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
6005 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
6006 self.assertEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
6007 self.assertEqual(rep.u.secondary_address_size, 0)
6008 self.assertPadding(rep.u._pad1, 2)
6009 self.assertEqual(rep.u.num_results, 1)
6010 self.assertEqual(rep.u.ctx_list[0].result,
6011 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
6012 self.assertEqual(rep.u.ctx_list[0].reason,
6013 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
6014 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
6015 self.assertNotEqual(len(rep.u.auth_info), 0)
6016 a = self.parse_auth(rep.u.auth_info)
6017
6018 from_server = a.credentials
6019 (finished, to_server) = g.update(from_server)
6020 self.assertTrue(finished)
6021
6022 # And now try a request without auth_info
6023 req = self.generate_request(call_id=2,
6024 context_id=ctx1.context_id,
6025 opnum=0,
6026 stub=b"")
6027 self.send_pdu(req)
6028 rep = self.recv_pdu()
6029 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
6030 auth_length=0)
6031 self.assertNotEqual(rep.u.alloc_hint, 0)
6032 self.assertEqual(rep.u.context_id, req.u.context_id)
6033 self.assertEqual(rep.u.cancel_count, 0)
6034 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
6035
6036 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
6037 auth_info = self.generate_auth(auth_type=auth_type,
6038 auth_level=auth_level,
6039 auth_context_id=auth_context_id,
6040 auth_blob=b"\x01" + b"\x00" * 15)
6041 req = self.generate_request(call_id=3,
6042 context_id=ctx1.context_id,
6043 opnum=0,
6044 stub=b"",
6045 auth_info=auth_info)
6046 self.send_pdu(req)
6047 rep = self.recv_pdu()
6048 # We don't get an auth_info back
6049 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
6050 auth_length=0)
6051 self.assertNotEqual(rep.u.alloc_hint, 0)
6052 self.assertEqual(rep.u.context_id, req.u.context_id)
6053 self.assertEqual(rep.u.cancel_count, 0)
6054 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
6055
6056 self._disconnect("disconnect")
6057 self.assertNotConnected()
6058
6059 def test_spnego_auth_pad_fail_bind_legacy(self):
6060 ndr32 = base.transfer_syntax_ndr()
6061
6062 tsf1_list = [ndr32]
6063 ctx1 = dcerpc.ctx_list()
6064 ctx1.context_id = 1
6065 ctx1.num_transfer_syntaxes = len(tsf1_list)
6066 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
6067 ctx1.transfer_syntaxes = tsf1_list
6068 ctx_list = [ctx1]
6069
6070 c = self.get_anon_creds()
6071 g = gensec.Security.start_client(self.settings)
6072 g.set_credentials(c)
6073 g.want_feature(gensec.FEATURE_DCE_STYLE)
6074 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
6075 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
6076 auth_context_id = 2
6077 g.start_mech_by_authtype(auth_type, auth_level)
6078 from_server = b""
6079 (finished, to_server) = g.update(from_server)
6080 self.assertFalse(finished)
6081
6082 auth_info = self.generate_auth(auth_type=auth_type,
6083 auth_level=auth_level,
6084 auth_context_id=auth_context_id,
6085 auth_blob=to_server)
6086
6087 req = self.generate_bind(call_id=0,
6088 ctx_list=ctx_list,
6089 auth_info=auth_info)
6090 req_pdu = samba.ndr.ndr_pack(req)
6091
6092 auth_pad_ok = len(req_pdu)
6093 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
6094 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6095 auth_pad_ok -= len(to_server)
6096 auth_pad_bad = auth_pad_ok + 1
6097 auth_info = self.generate_auth(auth_type=auth_type,
6098 auth_level=auth_level,
6099 auth_context_id=auth_context_id,
6100 auth_pad_length=auth_pad_bad,
6101 auth_blob=to_server)
6102
6103 req = self.generate_bind(call_id=0,
6104 ctx_list=ctx_list,
6105 auth_info=auth_info)
6106 self.send_pdu(req)
6107 rep = self.recv_pdu()
6108 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
6109 auth_length=0)
6110 self.assertEqual(rep.u.reject_reason,
6111 dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED)
6112 self.assertEqual(rep.u.num_versions, 1)
6113 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
6114 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
6115 self.assertEqual(len(rep.u._pad), 3)
6116 self.assertEqual(rep.u._pad, b'\0' * 3)
6117
6118 # wait for a disconnect
6119 rep = self.recv_pdu()
6120 self.assertIsNone(rep)
6121 self.assertNotConnected()
6122
6123 def test_spnego_auth_pad_fail_alter(self):
6124 ndr32 = base.transfer_syntax_ndr()
6125
6126 tsf1_list = [ndr32]
6127 ctx1 = dcerpc.ctx_list()
6128 ctx1.context_id = 1
6129 ctx1.num_transfer_syntaxes = len(tsf1_list)
6130 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
6131 ctx1.transfer_syntaxes = tsf1_list
6132 ctx_list = [ctx1]
6133
6134 c = self.get_anon_creds()
6135 g = gensec.Security.start_client(self.settings)
6136 g.set_credentials(c)
6137 g.want_feature(gensec.FEATURE_DCE_STYLE)
6138 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
6139 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
6140 auth_context_id = 2
6141 g.start_mech_by_authtype(auth_type, auth_level)
6142 from_server = b""
6143 (finished, to_server) = g.update(from_server)
6144 self.assertFalse(finished)
6145
6146 auth_info = self.generate_auth(auth_type=auth_type,
6147 auth_level=auth_level,
6148 auth_context_id=auth_context_id,
6149 auth_blob=to_server)
6150
6151 req = self.generate_bind(call_id=0,
6152 ctx_list=ctx_list,
6153 auth_info=auth_info)
6154 req_pdu = samba.ndr.ndr_pack(req)
6155
6156 auth_pad_ok = len(req_pdu)
6157 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
6158 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6159 auth_pad_ok -= len(to_server)
6160
6161 auth_info = self.generate_auth(auth_type=auth_type,
6162 auth_level=auth_level,
6163 auth_context_id=auth_context_id,
6164 auth_pad_length=auth_pad_ok,
6165 auth_blob=to_server)
6166
6167 req = self.generate_bind(call_id=0,
6168 ctx_list=ctx_list,
6169 auth_info=auth_info)
6170 self.send_pdu(req)
6171 rep = self.recv_pdu()
6172 if not self.allow_bind_auth_pad:
6173 # modern server (e.g. 2022)
6174 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
6175 auth_length=0)
6176 self.assertEqual(rep.u.reject_reason,
6177 dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED)
6178 self.assertEqual(rep.u.num_versions, 1)
6179 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
6180 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
6181 self.assertPadding(rep.u._pad, 3)
6182 # wait for a disconnect
6183 rep = self.recv_pdu()
6184 self.assertIsNone(rep)
6185 self.assertNotConnected()
6186 return
6187 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
6188 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
6189 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
6190 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
6191 self.assertEqual(rep.u.secondary_address_size, 4)
6192 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
6193 self.assertPadding(rep.u._pad1, 2)
6194 self.assertEqual(rep.u.num_results, 1)
6195 self.assertEqual(rep.u.ctx_list[0].result,
6196 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
6197 self.assertEqual(rep.u.ctx_list[0].reason,
6198 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
6199 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
6200 self.assertNotEqual(len(rep.u.auth_info), 0)
6201 a = self.parse_auth(rep.u.auth_info)
6202
6203 from_server = a.credentials
6204 (finished, to_server) = g.update(from_server)
6205 self.assertFalse(finished)
6206
6207 auth_info = self.generate_auth(auth_type=auth_type,
6208 auth_level=auth_level,
6209 auth_context_id=auth_context_id,
6210 auth_blob=to_server)
6211 req = self.generate_alter(call_id=0,
6212 ctx_list=ctx_list,
6213 assoc_group_id=rep.u.assoc_group_id,
6214 auth_info=auth_info)
6215 req_pdu = samba.ndr.ndr_pack(req)
6216
6217 auth_pad_ok = len(req_pdu)
6218 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
6219 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6220 auth_pad_ok -= len(to_server)
6221 auth_pad_bad = auth_pad_ok + 1
6222 auth_info = self.generate_auth(auth_type=auth_type,
6223 auth_level=auth_level,
6224 auth_context_id=auth_context_id,
6225 auth_pad_length=auth_pad_bad,
6226 auth_blob=to_server)
6227 req = self.generate_alter(call_id=0,
6228 ctx_list=ctx_list,
6229 assoc_group_id=rep.u.assoc_group_id,
6230 auth_info=auth_info)
6231 self.send_pdu(req)
6232 rep = self.recv_pdu()
6233 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
6234 pfc_flags=req.pfc_flags |
6235 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
6236 auth_length=0)
6237 self.assertNotEqual(rep.u.alloc_hint, 0)
6238 self.assertEqual(rep.u.context_id, 0)
6239 self.assertEqual(rep.u.cancel_count, 0)
6240 self.assertEqual(rep.u.flags, 0)
6241 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
6242 self.assertEqual(rep.u.reserved, 0)
6243 self.assertEqual(len(rep.u.error_and_verifier), 0)
6244
6245 # wait for a disconnect
6246 rep = self.recv_pdu()
6247 self.assertIsNone(rep)
6248 self.assertNotConnected()
6249
6250 def test_ntlmssp_auth_pad_ok_auth3(self):
6251 ndr32 = base.transfer_syntax_ndr()
6252
6253 tsf1_list = [ndr32]
6254 ctx1 = dcerpc.ctx_list()
6255 ctx1.context_id = 1
6256 ctx1.num_transfer_syntaxes = len(tsf1_list)
6257 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
6258 ctx1.transfer_syntaxes = tsf1_list
6259 ctx_list = [ctx1]
6260
6261 c = self.get_anon_creds()
6262 g = gensec.Security.start_client(self.settings)
6263 g.set_credentials(c)
6264 g.want_feature(gensec.FEATURE_DCE_STYLE)
6265 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
6266 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
6267 auth_context_id = 2
6268 g.start_mech_by_authtype(auth_type, auth_level)
6269 from_server = b""
6270 (finished, to_server) = g.update(from_server)
6271 self.assertFalse(finished)
6272
6273 auth_info = self.generate_auth(auth_type=auth_type,
6274 auth_level=auth_level,
6275 auth_context_id=auth_context_id,
6276 auth_blob=to_server)
6277
6278 req = self.generate_bind(call_id=0,
6279 ctx_list=ctx_list,
6280 auth_info=auth_info)
6281 req_pdu = samba.ndr.ndr_pack(req)
6282
6283 auth_pad_ok = len(req_pdu)
6284 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
6285 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6286 auth_pad_ok -= len(to_server)
6287
6288 auth_info = self.generate_auth(auth_type=auth_type,
6289 auth_level=auth_level,
6290 auth_context_id=auth_context_id,
6291 auth_pad_length=auth_pad_ok,
6292 auth_blob=to_server)
6293
6294 req = self.generate_bind(call_id=0,
6295 ctx_list=ctx_list,
6296 auth_info=auth_info)
6297 self.send_pdu(req)
6298 rep = self.recv_pdu()
6299 if not self.allow_bind_auth_pad:
6300 # modern server (e.g. 2022)
6301 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
6302 auth_length=0)
6303 self.assertEqual(rep.u.reject_reason,
6304 dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED)
6305 self.assertEqual(rep.u.num_versions, 1)
6306 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
6307 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
6308 self.assertPadding(rep.u._pad, 3)
6309 # wait for a disconnect
6310 rep = self.recv_pdu()
6311 self.assertIsNone(rep)
6312 self.assertNotConnected()
6313 return
6314 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
6315 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
6316 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
6317 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
6318 self.assertEqual(rep.u.secondary_address_size, 4)
6319 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
6320 self.assertPadding(rep.u._pad1, 2)
6321 self.assertEqual(rep.u.num_results, 1)
6322 self.assertEqual(rep.u.ctx_list[0].result,
6323 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
6324 self.assertEqual(rep.u.ctx_list[0].reason,
6325 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
6326 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
6327 self.assertNotEqual(len(rep.u.auth_info), 0)
6328 a = self.parse_auth(rep.u.auth_info)
6329
6330 from_server = a.credentials
6331 (finished, to_server) = g.update(from_server)
6332 self.assertTrue(finished)
6333
6334 auth_pad_ok = 0
6335 auth_info = self.generate_auth(auth_type=auth_type,
6336 auth_level=auth_level,
6337 auth_context_id=auth_context_id,
6338 auth_pad_length=auth_pad_ok,
6339 auth_blob=to_server)
6340 req = self.generate_auth3(call_id=0,
6341 auth_info=auth_info)
6342 self.send_pdu(req)
6343 rep = self.recv_pdu(timeout=0.01)
6344 self.assertIsNone(rep)
6345 self.assertIsConnected()
6346
6347 # And now try a request without auth_info
6348 req = self.generate_request(call_id=2,
6349 context_id=ctx1.context_id,
6350 opnum=0,
6351 stub=b"")
6352 self.send_pdu(req)
6353 rep = self.recv_pdu()
6354 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
6355 auth_length=0)
6356 self.assertNotEqual(rep.u.alloc_hint, 0)
6357 self.assertEqual(rep.u.context_id, req.u.context_id)
6358 self.assertEqual(rep.u.cancel_count, 0)
6359 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
6360
6361 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
6362 auth_info = self.generate_auth(auth_type=auth_type,
6363 auth_level=auth_level,
6364 auth_context_id=auth_context_id,
6365 auth_blob=b"\x01" + b"\x00" * 15)
6366 req = self.generate_request(call_id=3,
6367 context_id=ctx1.context_id,
6368 opnum=0,
6369 stub=b"",
6370 auth_info=auth_info)
6371 self.send_pdu(req)
6372 rep = self.recv_pdu()
6373 # We don't get an auth_info back
6374 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
6375 auth_length=0)
6376 self.assertNotEqual(rep.u.alloc_hint, 0)
6377 self.assertEqual(rep.u.context_id, req.u.context_id)
6378 self.assertEqual(rep.u.cancel_count, 0)
6379 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
6380
6381 self._disconnect("disconnect")
6382 self.assertNotConnected()
6383
6384 def test_ntlmssp_auth_pad_fail_auth3(self):
6385 ndr32 = base.transfer_syntax_ndr()
6386
6387 tsf1_list = [ndr32]
6388 ctx1 = dcerpc.ctx_list()
6389 ctx1.context_id = 1
6390 ctx1.num_transfer_syntaxes = len(tsf1_list)
6391 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
6392 ctx1.transfer_syntaxes = tsf1_list
6393 ctx_list = [ctx1]
6394
6395 c = self.get_anon_creds()
6396 g = gensec.Security.start_client(self.settings)
6397 g.set_credentials(c)
6398 g.want_feature(gensec.FEATURE_DCE_STYLE)
6399 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
6400 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
6401 auth_context_id = 2
6402 g.start_mech_by_authtype(auth_type, auth_level)
6403 from_server = b""
6404 (finished, to_server) = g.update(from_server)
6405 self.assertFalse(finished)
6406
6407 auth_info = self.generate_auth(auth_type=auth_type,
6408 auth_level=auth_level,
6409 auth_context_id=auth_context_id,
6410 auth_blob=to_server)
6411
6412 req = self.generate_bind(call_id=0,
6413 ctx_list=ctx_list,
6414 auth_info=auth_info)
6415 req_pdu = samba.ndr.ndr_pack(req)
6416
6417 auth_info = self.generate_auth(auth_type=auth_type,
6418 auth_level=auth_level,
6419 auth_context_id=auth_context_id,
6420 auth_pad_length=0,
6421 auth_blob=to_server)
6422
6423 req = self.generate_bind(call_id=0,
6424 ctx_list=ctx_list,
6425 auth_info=auth_info)
6426 self.send_pdu(req)
6427 rep = self.recv_pdu()
6428 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
6429 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
6430 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
6431 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
6432 self.assertEqual(rep.u.secondary_address_size, 4)
6433 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
6434 self.assertPadding(rep.u._pad1, 2)
6435 self.assertEqual(rep.u.num_results, 1)
6436 self.assertEqual(rep.u.ctx_list[0].result,
6437 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
6438 self.assertEqual(rep.u.ctx_list[0].reason,
6439 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
6440 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
6441 self.assertNotEqual(len(rep.u.auth_info), 0)
6442 a = self.parse_auth(rep.u.auth_info)
6443
6444 from_server = a.credentials
6445 (finished, to_server) = g.update(from_server)
6446 self.assertTrue(finished)
6447
6448 auth_pad_bad = 1
6449 auth_info = self.generate_auth(auth_type=auth_type,
6450 auth_level=auth_level,
6451 auth_context_id=auth_context_id,
6452 auth_pad_length=auth_pad_bad,
6453 auth_blob=to_server)
6454 req = self.generate_auth3(call_id=0,
6455 auth_info=auth_info)
6456 self.send_pdu(req)
6457 rep = self.recv_pdu()
6458 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
6459 pfc_flags=req.pfc_flags |
6460 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
6461 auth_length=0)
6462 self.assertNotEqual(rep.u.alloc_hint, 0)
6463 self.assertEqual(rep.u.context_id, 0)
6464 self.assertEqual(rep.u.cancel_count, 0)
6465 self.assertEqual(rep.u.flags, 0)
6466 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_FAULT_REMOTE_NO_MEMORY)
6467 self.assertEqual(rep.u.reserved, 0)
6468 self.assertEqual(len(rep.u.error_and_verifier), 0)
6469
6470 # wait for a disconnect
6471 rep = self.recv_pdu()
6472 self.assertIsNone(rep)
6473 self.assertNotConnected()
6474
6475 def test_ntlmssp_auth_pad_fail_bind_legacy(self):
6476 ndr32 = base.transfer_syntax_ndr()
6477
6478 tsf1_list = [ndr32]
6479 ctx1 = dcerpc.ctx_list()
6480 ctx1.context_id = 1
6481 ctx1.num_transfer_syntaxes = len(tsf1_list)
6482 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
6483 ctx1.transfer_syntaxes = tsf1_list
6484 ctx_list = [ctx1]
6485
6486 c = self.get_anon_creds()
6487 g = gensec.Security.start_client(self.settings)
6488 g.set_credentials(c)
6489 g.want_feature(gensec.FEATURE_DCE_STYLE)
6490 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
6491 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
6492 auth_context_id = 2
6493 g.start_mech_by_authtype(auth_type, auth_level)
6494 from_server = b""
6495 (finished, to_server) = g.update(from_server)
6496 self.assertFalse(finished)
6497
6498 auth_info = self.generate_auth(auth_type=auth_type,
6499 auth_level=auth_level,
6500 auth_context_id=auth_context_id,
6501 auth_blob=to_server)
6502
6503 req = self.generate_bind(call_id=0,
6504 ctx_list=ctx_list,
6505 auth_info=auth_info)
6506 req_pdu = samba.ndr.ndr_pack(req)
6507
6508 auth_pad_ok = len(req_pdu)
6509 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
6510 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6511 auth_pad_ok -= len(to_server)
6512
6513 auth_info = self.generate_auth(auth_type=auth_type,
6514 auth_level=auth_level,
6515 auth_context_id=auth_context_id,
6516 auth_pad_length=auth_pad_ok,
6517 auth_blob=to_server)
6518
6519 req = self.generate_bind(call_id=0,
6520 ctx_list=ctx_list,
6521 auth_info=auth_info)
6522 self.send_pdu(req)
6523 rep = self.recv_pdu()
6524 if not self.allow_bind_auth_pad:
6525 # modern server (e.g. 2022)
6526 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
6527 auth_length=0)
6528 self.assertEqual(rep.u.reject_reason,
6529 dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED)
6530 self.assertEqual(rep.u.num_versions, 1)
6531 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
6532 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
6533 self.assertPadding(rep.u._pad, 3)
6534 # wait for a disconnect
6535 rep = self.recv_pdu()
6536 self.assertIsNone(rep)
6537 self.assertNotConnected()
6538 return
6539 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
6540 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
6541 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
6542 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
6543 self.assertEqual(rep.u.secondary_address_size, 4)
6544 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
6545 self.assertPadding(rep.u._pad1, 2)
6546 self.assertEqual(rep.u.num_results, 1)
6547 self.assertEqual(rep.u.ctx_list[0].result,
6548 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
6549 self.assertEqual(rep.u.ctx_list[0].reason,
6550 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
6551 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
6552 self.assertNotEqual(len(rep.u.auth_info), 0)
6553 a = self.parse_auth(rep.u.auth_info)
6554
6555 from_server = a.credentials
6556 (finished, to_server) = g.update(from_server)
6557 self.assertTrue(finished)
6558
6559 auth_pad_bad = 1
6560 auth_info = self.generate_auth(auth_type=auth_type,
6561 auth_level=auth_level,
6562 auth_context_id=auth_context_id,
6563 auth_pad_length=auth_pad_bad,
6564 auth_blob=to_server)
6565 req = self.generate_auth3(call_id=0,
6566 auth_info=auth_info)
6567 self.send_pdu(req)
6568 rep = self.recv_pdu()
6569 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
6570 pfc_flags=req.pfc_flags |
6571 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
6572 auth_length=0)
6573 self.assertNotEqual(rep.u.alloc_hint, 0)
6574 self.assertEqual(rep.u.context_id, 0)
6575 self.assertEqual(rep.u.cancel_count, 0)
6576 self.assertEqual(rep.u.flags, 0)
6577 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_FAULT_REMOTE_NO_MEMORY)
6578 self.assertEqual(rep.u.reserved, 0)
6579 self.assertEqual(len(rep.u.error_and_verifier), 0)
6580
6581 # wait for a disconnect
6582 rep = self.recv_pdu()
6583 self.assertIsNone(rep)
6584 self.assertNotConnected()
6585
6586 def test_ntlmssp_auth_pad_fail_auth3_lagacy(self):
6587 ndr32 = base.transfer_syntax_ndr()
6588
6589 tsf1_list = [ndr32]
6590 ctx1 = dcerpc.ctx_list()
6591 ctx1.context_id = 1
6592 ctx1.num_transfer_syntaxes = len(tsf1_list)
6593 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
6594 ctx1.transfer_syntaxes = tsf1_list
6595 ctx_list = [ctx1]
6596
6597 c = self.get_anon_creds()
6598 g = gensec.Security.start_client(self.settings)
6599 g.set_credentials(c)
6600 g.want_feature(gensec.FEATURE_DCE_STYLE)
6601 auth_type = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
6602 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
6603 auth_context_id = 2
6604 g.start_mech_by_authtype(auth_type, auth_level)
6605 from_server = b""
6606 (finished, to_server) = g.update(from_server)
6607 self.assertFalse(finished)
6608
6609 auth_info = self.generate_auth(auth_type=auth_type,
6610 auth_level=auth_level,
6611 auth_context_id=auth_context_id,
6612 auth_blob=to_server)
6613
6614 req = self.generate_bind(call_id=0,
6615 ctx_list=ctx_list,
6616 auth_info=auth_info)
6617 req_pdu = samba.ndr.ndr_pack(req)
6618
6619 auth_pad_ok = len(req_pdu)
6620 auth_pad_ok -= dcerpc.DCERPC_REQUEST_LENGTH
6621 auth_pad_ok -= dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6622 auth_pad_ok -= len(to_server)
6623
6624 auth_info = self.generate_auth(auth_type=auth_type,
6625 auth_level=auth_level,
6626 auth_context_id=auth_context_id,
6627 auth_pad_length=auth_pad_ok,
6628 auth_blob=to_server)
6629
6630 req = self.generate_bind(call_id=0,
6631 ctx_list=ctx_list,
6632 auth_info=auth_info)
6633 self.send_pdu(req)
6634 rep = self.recv_pdu()
6635 if not self.allow_bind_auth_pad:
6636 # modern server (e.g. 2022)
6637 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
6638 auth_length=0)
6639 self.assertEqual(rep.u.reject_reason,
6640 dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED)
6641 self.assertEqual(rep.u.num_versions, 1)
6642 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
6643 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
6644 self.assertPadding(rep.u._pad, 3)
6645 # wait for a disconnect
6646 rep = self.recv_pdu()
6647 self.assertIsNone(rep)
6648 self.assertNotConnected()
6649 return
6650 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
6651 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
6652 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
6653 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
6654 self.assertEqual(rep.u.secondary_address_size, 4)
6655 self.assertEqual(rep.u.secondary_address, "%d" % self.tcp_port)
6656 self.assertPadding(rep.u._pad1, 2)
6657 self.assertEqual(rep.u.num_results, 1)
6658 self.assertEqual(rep.u.ctx_list[0].result,
6659 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
6660 self.assertEqual(rep.u.ctx_list[0].reason,
6661 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
6662 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
6663 self.assertNotEqual(len(rep.u.auth_info), 0)
6664 a = self.parse_auth(rep.u.auth_info)
6665
6666 from_server = a.credentials
6667 (finished, to_server) = g.update(from_server)
6668 self.assertTrue(finished)
6669
6670 auth_pad_bad = 1
6671 auth_info = self.generate_auth(auth_type=auth_type,
6672 auth_level=auth_level,
6673 auth_context_id=auth_context_id,
6674 auth_pad_length=auth_pad_bad,
6675 auth_blob=to_server)
6676 req = self.generate_auth3(call_id=0,
6677 auth_info=auth_info)
6678 self.send_pdu(req)
6679 rep = self.recv_pdu()
6680 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
6681 pfc_flags=req.pfc_flags |
6682 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
6683 auth_length=0)
6684 self.assertNotEqual(rep.u.alloc_hint, 0)
6685 self.assertEqual(rep.u.context_id, 0)
6686 self.assertEqual(rep.u.cancel_count, 0)
6687 self.assertEqual(rep.u.flags, 0)
6688 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_FAULT_REMOTE_NO_MEMORY)
6689 self.assertEqual(rep.u.reserved, 0)
6690 self.assertEqual(len(rep.u.error_and_verifier), 0)
6691
6692 # wait for a disconnect
6693 rep = self.recv_pdu()
6694 self.assertIsNone(rep)
6695 self.assertNotConnected()
6696
6697 def _test_auth_bind_auth_level(self, auth_type, auth_level, auth_context_id, ctx,
6698 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6699 hdr_signing=False,
6700 alter_fault=None):
6701 creds = self.get_user_creds()
6702 auth_context = self.get_auth_context_creds(creds=creds,
6703 auth_type=auth_type,
6704 auth_level=auth_level,
6705 auth_context_id=auth_context_id,
6706 g_auth_level=g_auth_level,
6707 hdr_signing=hdr_signing)
6708 if auth_context is None:
6709 return None
6710 ack = self.do_generic_bind(ctx=ctx,
6711 auth_context=auth_context,
6712 alter_fault=alter_fault)
6713 if ack is None:
6714 return None
6715 return auth_context
6716
6717 def _test_spnego_level_bind_nak(self, auth_level,
6718 reason=dcerpc.DCERPC_BIND_NAK_REASON_INVALID_CHECKSUM):
6719 c = self.get_user_creds()
6720 return self._test_auth_type_level_bind_nak(auth_type=dcerpc.DCERPC_AUTH_TYPE_SPNEGO,
6721 auth_level=auth_level, creds=c, reason=reason)
6722
6723 def _test_spnego_level_bind(self, auth_level,
6724 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6725 auth_pad_alignment=dcerpc.DCERPC_AUTH_PAD_ALIGNMENT,
6726 alter_fault=None,
6727 request_fault=None,
6728 response_fault_flags=0):
6729 ndr32 = base.transfer_syntax_ndr()
6730
6731 tsf1_list = [ndr32]
6732 ctx1 = dcerpc.ctx_list()
6733 ctx1.context_id = 0x1001
6734 ctx1.num_transfer_syntaxes = len(tsf1_list)
6735 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
6736 ctx1.transfer_syntaxes = tsf1_list
6737
6738 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
6739 auth_context_id = 2
6740
6741 auth_context = self._test_auth_bind_auth_level(auth_type=auth_type,
6742 auth_level=auth_level,
6743 auth_context_id=auth_context_id,
6744 ctx=ctx1,
6745 g_auth_level=g_auth_level,
6746 alter_fault=alter_fault)
6747 if request_fault is None:
6748 return
6749
6750 self.assertIsNotNone(auth_context)
6751 g = auth_context["gensec"]
6752 self.assertIsNotNone(g)
6753
6754 stub_bin = b'\x00' * 17
6755 mod_len = len(stub_bin) % auth_pad_alignment
6756 auth_pad_length = 0
6757 if mod_len > 0:
6758 auth_pad_length = auth_pad_alignment - mod_len
6759 stub_bin += b'\x00' * auth_pad_length
6760
6761 if g_auth_level >= dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY:
6762 sig_size = g.sig_size(len(stub_bin))
6763 else:
6764 sig_size = 16
6765 zero_sig = b"\x00" * sig_size
6766
6767 auth_info = self.generate_auth(auth_type=auth_type,
6768 auth_level=auth_level,
6769 auth_pad_length=auth_pad_length,
6770 auth_context_id=auth_context_id,
6771 auth_blob=zero_sig)
6772 req = self.generate_request(call_id=4,
6773 context_id=ctx1.context_id,
6774 opnum=0xffff,
6775 stub=stub_bin,
6776 auth_info=auth_info)
6777 if g_auth_level >= dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY:
6778 req_blob = samba.ndr.ndr_pack(req)
6779 ofs_stub = dcerpc.DCERPC_REQUEST_LENGTH
6780 ofs_sig = len(req_blob) - req.auth_length
6781 ofs_trailer = ofs_sig - dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6782 req_data = req_blob[ofs_stub:ofs_trailer]
6783 req_whole = req_blob[0:ofs_sig]
6784 sig = g.sign_packet(req_data, req_whole)
6785 auth_info = self.generate_auth(auth_type=auth_type,
6786 auth_level=auth_level,
6787 auth_pad_length=auth_pad_length,
6788 auth_context_id=auth_context_id,
6789 auth_blob=sig)
6790 req = self.generate_request(call_id=4,
6791 context_id=ctx1.context_id,
6792 opnum=0xffff,
6793 stub=stub_bin,
6794 auth_info=auth_info)
6795 self.send_pdu(req)
6796 rep = self.recv_pdu()
6797 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
6798 pfc_flags=req.pfc_flags | response_fault_flags,
6799 auth_length=0)
6800 self.assertNotEqual(rep.u.alloc_hint, 0)
6801 self.assertEqual(rep.u.context_id, ctx1.context_id)
6802 self.assertEqual(rep.u.cancel_count, 0)
6803 self.assertEqual(rep.u.flags, 0)
6804 self.assertEqual(rep.u.status, request_fault)
6805 self.assertEqual(rep.u.reserved, 0)
6806 self.assertEqual(len(rep.u.error_and_verifier), 0)
6807
6808 if response_fault_flags & dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE:
6809 return
6810
6811 # wait for a disconnect
6812 rep = self.recv_pdu()
6813 self.assertIsNone(rep)
6814 self.assertNotConnected()
6815
6816 def test_spnego_none_bind(self):
6817 return self._test_spnego_level_bind_nak(dcerpc.DCERPC_AUTH_LEVEL_NONE,
6818 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
6819
6820 def test_spnego_call_bind(self):
6821 return self._test_spnego_level_bind_nak(dcerpc.DCERPC_AUTH_LEVEL_CALL,
6822 reason=dcerpc.DCERPC_BIND_NAK_REASON_INVALID_CHECKSUM)
6823
6824 def test_spnego_0_bind(self):
6825 return self._test_spnego_level_bind_nak(0,
6826 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
6827
6828 def test_spnego_7_bind(self):
6829 return self._test_spnego_level_bind_nak(7,
6830 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
6831
6832 def test_spnego_255_bind(self):
6833 return self._test_spnego_level_bind_nak(255,
6834 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
6835
6836 def test_spnego_connect_bind_none(self):
6837 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_CONNECT,
6838 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_CONNECT)
6839
6840 def test_spnego_connect_bind_sign(self):
6841 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_CONNECT,
6842 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
6843
6844 def test_spnego_connect_bind_seal(self):
6845 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_CONNECT,
6846 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY)
6847
6848 def test_spnego_packet_bind_none(self):
6849 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
6850 # DCERPC_AUTH_LEVEL_INTEGRITY
6851 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_PACKET,
6852 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_CONNECT,
6853 request_fault=dcerpc.DCERPC_FAULT_SEC_PKG_ERROR)
6854
6855 def test_spnego_packet_bind_sign(self):
6856 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
6857 # DCERPC_AUTH_LEVEL_INTEGRITY
6858 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_PACKET,
6859 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6860 request_fault=dcerpc.DCERPC_NCA_S_OP_RNG_ERROR,
6861 response_fault_flags=dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE)
6862
6863 def test_spnego_packet_bind_seal(self):
6864 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
6865 # DCERPC_AUTH_LEVEL_INTEGRITY
6866 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_PACKET,
6867 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
6868 request_fault=dcerpc.DCERPC_NCA_S_OP_RNG_ERROR,
6869 response_fault_flags=dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE)
6870
6871 def test_spnego_integrity_bind_none(self):
6872 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6873 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_CONNECT,
6874 request_fault=dcerpc.DCERPC_FAULT_SEC_PKG_ERROR)
6875
6876 def test_spnego_integrity_bind_sign(self):
6877 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6878 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6879 request_fault=dcerpc.DCERPC_NCA_S_OP_RNG_ERROR,
6880 response_fault_flags=dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE)
6881
6882 def test_spnego_integrity_bind_seal(self):
6883 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6884 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
6885 request_fault=dcerpc.DCERPC_NCA_S_OP_RNG_ERROR,
6886 response_fault_flags=dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE)
6887
6888 def test_spnego_integrity_bind_auth_align4(self):
6889 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6890 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6891 auth_pad_alignment=4,
6892 request_fault=dcerpc.DCERPC_NCA_S_OP_RNG_ERROR,
6893 response_fault_flags=dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE)
6894
6895 def test_spnego_integrity_bind_auth_align2(self):
6896 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6897 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6898 auth_pad_alignment=2,
6899 request_fault=dcerpc.DCERPC_NCA_S_PROTO_ERROR,
6900 response_fault_flags=0)
6901
6902 def test_spnego_privacy_bind_none(self):
6903 # This fails...
6904 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
6905 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_CONNECT,
6906 alter_fault=dcerpc.DCERPC_FAULT_SEC_PKG_ERROR)
6907
6908 def test_spnego_privacy_bind_sign(self):
6909 # This fails...
6910 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
6911 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
6912 alter_fault=dcerpc.DCERPC_FAULT_SEC_PKG_ERROR)
6913
6914 def test_spnego_privacy_bind_seal(self):
6915 return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
6916 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY)
6917
6918 def _test_auth_signing_auth_level_request(self, auth_type, auth_level, hdr_sign=False):
6919 ndr32 = base.transfer_syntax_ndr()
6920
6921 tsf1_list = [ndr32]
6922 ctx1 = dcerpc.ctx_list()
6923 ctx1.context_id = 0x1001
6924 ctx1.num_transfer_syntaxes = len(tsf1_list)
6925 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
6926 ctx1.transfer_syntaxes = tsf1_list
6927 ctx_list = [ctx1]
6928
6929 auth_context_id = 2
6930
6931 auth_context = self._test_auth_bind_auth_level(auth_type=auth_type,
6932 auth_level=auth_level,
6933 auth_context_id=auth_context_id,
6934 hdr_signing=hdr_sign,
6935 ctx=ctx1)
6936 self.assertIsNotNone(auth_context)
6937 g = auth_context["gensec"]
6938 self.assertIsNotNone(g)
6939
6940 stub_bin = b'\x00' * 0
6941 mod_len = len(stub_bin) % dcerpc.DCERPC_AUTH_PAD_ALIGNMENT
6942 auth_pad_length = 0
6943 if mod_len > 0:
6944 auth_pad_length = dcerpc.DCERPC_AUTH_PAD_ALIGNMENT - mod_len
6945 stub_bin += b'\x00' * auth_pad_length
6946
6947 sig_size = g.sig_size(len(stub_bin))
6948 zero_sig = b"\x00" * sig_size
6949
6950 auth_info = self.generate_auth(auth_type=auth_type,
6951 auth_level=auth_level,
6952 auth_pad_length=auth_pad_length,
6953 auth_context_id=auth_context_id,
6954 auth_blob=zero_sig)
6955 req = self.generate_request(call_id=3,
6956 context_id=ctx1.context_id,
6957 opnum=0,
6958 stub=stub_bin,
6959 auth_info=auth_info)
6960 req_blob = samba.ndr.ndr_pack(req)
6961 ofs_stub = dcerpc.DCERPC_REQUEST_LENGTH
6962 ofs_sig = len(req_blob) - req.auth_length
6963 ofs_trailer = ofs_sig - dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6964 req_data = req_blob[ofs_stub:ofs_trailer]
6965 req_whole = req_blob[0:ofs_sig]
6966 sig = g.sign_packet(req_data, req_whole)
6967 auth_info = self.generate_auth(auth_type=auth_type,
6968 auth_level=auth_level,
6969 auth_pad_length=auth_pad_length,
6970 auth_context_id=auth_context_id,
6971 auth_blob=sig)
6972 req = self.generate_request(call_id=3,
6973 context_id=ctx1.context_id,
6974 opnum=0,
6975 stub=stub_bin,
6976 auth_info=auth_info)
6977 self.send_pdu(req)
6978 (rep, rep_blob) = self.recv_pdu_raw()
6979 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
6980 auth_length=sig_size)
6981 self.assertNotEqual(rep.u.alloc_hint, 0)
6982 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
6983 self.assertEqual(rep.u.cancel_count, 0)
6984 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
6985 self.assertEqual(rep.auth_length, sig_size)
6986
6987 ofs_stub = dcerpc.DCERPC_REQUEST_LENGTH
6988 ofs_sig = rep.frag_length - rep.auth_length
6989 ofs_trailer = ofs_sig - dcerpc.DCERPC_AUTH_TRAILER_LENGTH
6990 rep_data = rep_blob[ofs_stub:ofs_trailer]
6991 rep_whole = rep_blob[0:ofs_sig]
6992 rep_sig = rep_blob[ofs_sig:]
6993 rep_auth_info_blob = rep_blob[ofs_trailer:]
6994
6995 rep_auth_info = self.parse_auth(rep_auth_info_blob)
6996 self.assertEqual(rep_auth_info.auth_type, auth_type)
6997 self.assertEqual(rep_auth_info.auth_level, auth_level)
6998 # mgmt_inq_if_ids() returns no fixed size results
6999 #self.assertEqual(rep_auth_info.auth_pad_length, 0)
7000 self.assertEqual(rep_auth_info.auth_reserved, 0)
7001 self.assertEqual(rep_auth_info.auth_context_id, auth_context_id)
7002 self.assertEqual(rep_auth_info.credentials, rep_sig)
7003
7004 g.check_packet(rep_data, rep_whole, rep_sig)
7005
7006 stub_bin = b'\x00' * 17
7007 mod_len = len(stub_bin) % dcerpc.DCERPC_AUTH_PAD_ALIGNMENT
7008 auth_pad_length = 0
7009 if mod_len > 0:
7010 auth_pad_length = dcerpc.DCERPC_AUTH_PAD_ALIGNMENT - mod_len
7011 stub_bin += b'\x00' * auth_pad_length
7012
7013 sig_size = g.sig_size(len(stub_bin))
7014 zero_sig = b"\x00" * sig_size
7015
7016 auth_info = self.generate_auth(auth_type=auth_type,
7017 auth_level=auth_level,
7018 auth_pad_length=auth_pad_length,
7019 auth_context_id=auth_context_id,
7020 auth_blob=zero_sig)
7021 req = self.generate_request(call_id=4,
7022 context_id=ctx1.context_id,
7023 opnum=0xffff,
7024 stub=stub_bin,
7025 auth_info=auth_info)
7026 req_blob = samba.ndr.ndr_pack(req)
7027 ofs_stub = dcerpc.DCERPC_REQUEST_LENGTH
7028 ofs_sig = len(req_blob) - req.auth_length
7029 ofs_trailer = ofs_sig - dcerpc.DCERPC_AUTH_TRAILER_LENGTH
7030 req_data = req_blob[ofs_stub:ofs_trailer]
7031 req_whole = req_blob[0:ofs_sig]
7032 sig = g.sign_packet(req_data, req_whole)
7033 auth_info = self.generate_auth(auth_type=auth_type,
7034 auth_level=auth_level,
7035 auth_pad_length=auth_pad_length,
7036 auth_context_id=auth_context_id,
7037 auth_blob=sig)
7038 req = self.generate_request(call_id=4,
7039 context_id=ctx1.context_id,
7040 opnum=0xffff,
7041 stub=stub_bin,
7042 auth_info=auth_info)
7043 self.send_pdu(req)
7044 rep = self.recv_pdu()
7045 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
7046 pfc_flags=req.pfc_flags |
7047 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
7048 auth_length=0)
7049 self.assertNotEqual(rep.u.alloc_hint, 0)
7050 self.assertEqual(rep.u.context_id, ctx1.context_id)
7051 self.assertEqual(rep.u.cancel_count, 0)
7052 self.assertEqual(rep.u.flags, 0)
7053 self.assertEqual(rep.u.status, dcerpc.DCERPC_NCA_S_OP_RNG_ERROR)
7054 self.assertEqual(rep.u.reserved, 0)
7055 self.assertEqual(len(rep.u.error_and_verifier), 0)
7056
7057 stub_bin = b'\x00' * 8
7058 mod_len = len(stub_bin) % dcerpc.DCERPC_AUTH_PAD_ALIGNMENT
7059 auth_pad_length = 0
7060 if mod_len > 0:
7061 auth_pad_length = dcerpc.DCERPC_AUTH_PAD_ALIGNMENT - mod_len
7062 stub_bin += b'\x00' * auth_pad_length
7063
7064 sig_size = g.sig_size(len(stub_bin))
7065 zero_sig = b"\x00" * sig_size
7066
7067 auth_info = self.generate_auth(auth_type=auth_type,
7068 auth_level=auth_level,
7069 auth_pad_length=auth_pad_length,
7070 auth_context_id=auth_context_id,
7071 auth_blob=zero_sig)
7072 req = self.generate_request(call_id=5,
7073 context_id=ctx1.context_id,
7074 opnum=1,
7075 stub=stub_bin,
7076 auth_info=auth_info)
7077 req_blob = samba.ndr.ndr_pack(req)
7078 ofs_stub = dcerpc.DCERPC_REQUEST_LENGTH
7079 ofs_sig = len(req_blob) - req.auth_length
7080 ofs_trailer = ofs_sig - dcerpc.DCERPC_AUTH_TRAILER_LENGTH
7081 req_data = req_blob[ofs_stub:ofs_trailer]
7082 req_whole = req_blob[0:ofs_sig]
7083 sig = g.sign_packet(req_data, req_whole)
7084 auth_info = self.generate_auth(auth_type=auth_type,
7085 auth_level=auth_level,
7086 auth_pad_length=auth_pad_length,
7087 auth_context_id=auth_context_id,
7088 auth_blob=sig)
7089 req = self.generate_request(call_id=5,
7090 context_id=ctx1.context_id,
7091 opnum=1,
7092 stub=stub_bin,
7093 auth_info=auth_info)
7094 self.send_pdu(req)
7095 (rep, rep_blob) = self.recv_pdu_raw()
7096 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
7097 auth_length=sig_size)
7098 self.assertNotEqual(rep.u.alloc_hint, 0)
7099 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
7100 self.assertEqual(rep.u.cancel_count, 0)
7101 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
7102 self.assertEqual(rep.auth_length, sig_size)
7103
7104 ofs_stub = dcerpc.DCERPC_REQUEST_LENGTH
7105 ofs_sig = rep.frag_length - rep.auth_length
7106 ofs_trailer = ofs_sig - dcerpc.DCERPC_AUTH_TRAILER_LENGTH
7107 rep_data = rep_blob[ofs_stub:ofs_trailer]
7108 rep_whole = rep_blob[0:ofs_sig]
7109 rep_sig = rep_blob[ofs_sig:]
7110 rep_auth_info_blob = rep_blob[ofs_trailer:]
7111
7112 rep_auth_info = self.parse_auth(rep_auth_info_blob)
7113 self.assertEqual(rep_auth_info.auth_type, auth_type)
7114 self.assertEqual(rep_auth_info.auth_level, auth_level)
7115 self.assertEqual(rep_auth_info.auth_pad_length, 4)
7116 self.assertEqual(rep_auth_info.auth_reserved, 0)
7117 self.assertEqual(rep_auth_info.auth_context_id, auth_context_id)
7118 self.assertEqual(rep_auth_info.credentials, rep_sig)
7119
7120 g.check_packet(rep_data, rep_whole, rep_sig)
7121
7122 stub_bin = b'\x00' * 8
7123 mod_len = len(stub_bin) % dcerpc.DCERPC_AUTH_PAD_ALIGNMENT
7124 auth_pad_length = 0
7125 if mod_len > 0:
7126 auth_pad_length = dcerpc.DCERPC_AUTH_PAD_ALIGNMENT - mod_len
7127 stub_bin += b'\x00' * auth_pad_length
7128
7129 sig_size = g.sig_size(len(stub_bin))
7130 zero_sig = b"\x00" * sig_size
7131
7132 auth_info = self.generate_auth(auth_type=auth_type,
7133 auth_level=auth_level,
7134 auth_pad_length=auth_pad_length,
7135 auth_context_id=auth_context_id,
7136 auth_blob=zero_sig)
7137 req = self.generate_request(call_id=6,
7138 context_id=ctx1.context_id,
7139 opnum=3,
7140 stub=stub_bin,
7141 auth_info=auth_info)
7142 req_blob = samba.ndr.ndr_pack(req)
7143 ofs_stub = dcerpc.DCERPC_REQUEST_LENGTH
7144 ofs_sig = len(req_blob) - req.auth_length
7145 ofs_trailer = ofs_sig - dcerpc.DCERPC_AUTH_TRAILER_LENGTH
7146 req_data = req_blob[ofs_stub:ofs_trailer]
7147 req_whole = req_blob[0:ofs_sig]
7148 sig = g.sign_packet(req_data, req_whole)
7149 auth_info = self.generate_auth(auth_type=auth_type,
7150 auth_level=auth_level,
7151 auth_pad_length=auth_pad_length,
7152 auth_context_id=auth_context_id,
7153 auth_blob=sig)
7154 req = self.generate_request(call_id=6,
7155 context_id=ctx1.context_id,
7156 opnum=3,
7157 stub=stub_bin,
7158 auth_info=auth_info)
7159 self.send_pdu(req)
7160 (rep, rep_blob) = self.recv_pdu_raw()
7161 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
7162 auth_length=sig_size)
7163 self.assertNotEqual(rep.u.alloc_hint, 0)
7164 self.assertEqual(rep.u.context_id, req.u.context_id & 0xff)
7165 self.assertEqual(rep.u.cancel_count, 0)
7166 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
7167 self.assertEqual(rep.auth_length, sig_size)
7168
7169 ofs_stub = dcerpc.DCERPC_REQUEST_LENGTH
7170 ofs_sig = rep.frag_length - rep.auth_length
7171 ofs_trailer = ofs_sig - dcerpc.DCERPC_AUTH_TRAILER_LENGTH
7172 rep_data = rep_blob[ofs_stub:ofs_trailer]
7173 rep_whole = rep_blob[0:ofs_sig]
7174 rep_sig = rep_blob[ofs_sig:]
7175 rep_auth_info_blob = rep_blob[ofs_trailer:]
7176
7177 rep_auth_info = self.parse_auth(rep_auth_info_blob)
7178 self.assertEqual(rep_auth_info.auth_type, auth_type)
7179 self.assertEqual(rep_auth_info.auth_level, auth_level)
7180 self.assertEqual(rep_auth_info.auth_pad_length, 12)
7181 self.assertEqual(rep_auth_info.auth_reserved, 0)
7182 self.assertEqual(rep_auth_info.auth_context_id, auth_context_id)
7183 self.assertEqual(rep_auth_info.credentials, rep_sig)
7184
7185 g.check_packet(rep_data, rep_whole, rep_sig)
7186
7187 def test_spnego_signing_packet(self):
7188 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
7189 # DCERPC_AUTH_LEVEL_INTEGRITY
7190 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_SPNEGO,
7191 dcerpc.DCERPC_AUTH_LEVEL_PACKET)
7192
7193 def test_spnego_hdr_signing_packet(self):
7194 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
7195 # DCERPC_AUTH_LEVEL_INTEGRITY
7196 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_SPNEGO,
7197 dcerpc.DCERPC_AUTH_LEVEL_PACKET,
7198 hdr_sign=True)
7199
7200 def test_spnego_signing_integrity(self):
7201 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_SPNEGO,
7202 dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
7203
7204 def test_spnego_hdr_signing_integrity(self):
7205 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_SPNEGO,
7206 dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
7207 hdr_sign=True)
7208
7209 def test_ntlm_signing_packet(self):
7210 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
7211 # DCERPC_AUTH_LEVEL_INTEGRITY
7212 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_NTLMSSP,
7213 dcerpc.DCERPC_AUTH_LEVEL_PACKET)
7214
7215 def test_ntlm_hdr_signing_packet(self):
7216 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
7217 # DCERPC_AUTH_LEVEL_INTEGRITY
7218 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_NTLMSSP,
7219 dcerpc.DCERPC_AUTH_LEVEL_PACKET,
7220 hdr_sign=True)
7221
7222 def test_ntlm_signing_integrity(self):
7223 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_NTLMSSP,
7224 dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
7225
7226 def test_ntlm_hdr_signing_integrity(self):
7227 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_NTLMSSP,
7228 dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
7229 hdr_sign=True)
7230
7231 def test_krb5_signing_packet(self):
7232 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
7233 # DCERPC_AUTH_LEVEL_INTEGRITY
7234 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_KRB5,
7235 dcerpc.DCERPC_AUTH_LEVEL_PACKET)
7236
7237 def test_krb5_hdr_signing_packet(self):
7238 # DCERPC_AUTH_LEVEL_PACKET is handled as alias of
7239 # DCERPC_AUTH_LEVEL_INTEGRITY
7240 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_KRB5,
7241 dcerpc.DCERPC_AUTH_LEVEL_PACKET,
7242 hdr_sign=True)
7243
7244 def test_krb5_signing_integrity(self):
7245 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_KRB5,
7246 dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
7247
7248 def test_krb5_hdr_signing_integrity(self):
7249 return self._test_auth_signing_auth_level_request(dcerpc.DCERPC_AUTH_TYPE_KRB5,
7250 dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
7251 hdr_sign=True)
7252
7253 def test_assoc_group_fail1(self):
7254 abstract = samba.dcerpc.mgmt.abstract_syntax()
7255 transfer = base.transfer_syntax_ndr()
7256
7257 tsf1_list = [transfer]
7258 ctx = samba.dcerpc.dcerpc.ctx_list()
7259 ctx.context_id = 1
7260 ctx.num_transfer_syntaxes = len(tsf1_list)
7261 ctx.abstract_syntax = abstract
7262 ctx.transfer_syntaxes = tsf1_list
7263
7264 ack = self.do_generic_bind(ctx=ctx, assoc_group_id=1,
7265 nak_reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
7266 return
7267
7268 def test_assoc_group_fail2(self):
7269 abstract = samba.dcerpc.mgmt.abstract_syntax()
7270 transfer = base.transfer_syntax_ndr()
7271
7272 tsf1_list = [transfer]
7273 ctx = samba.dcerpc.dcerpc.ctx_list()
7274 ctx.context_id = 1
7275 ctx.num_transfer_syntaxes = len(tsf1_list)
7276 ctx.abstract_syntax = abstract
7277 ctx.transfer_syntaxes = tsf1_list
7278
7279 ack = self.do_generic_bind(ctx=ctx)
7280
7281 self._disconnect("test_assoc_group_fail2")
7282 self.assertNotConnected()
7283 time.sleep(0.5)
7284 self.connect()
7285
7286 ack2 = self.do_generic_bind(ctx=ctx, assoc_group_id=ack.u.assoc_group_id,
7287 nak_reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
7288 return
7289
7290 def test_assoc_group_diff1(self):
7291 abstract = samba.dcerpc.mgmt.abstract_syntax()
7292 transfer = base.transfer_syntax_ndr()
7293
7294 (ctx1, ack1) = self.prepare_presentation(abstract, transfer,
7295 context_id=1, return_ack=True)
7296
7297 conn2 = self.second_connection()
7298 (ctx2, ack2) = conn2.prepare_presentation(abstract, transfer,
7299 context_id=2, return_ack=True)
7300 self.assertNotEqual(ack2.u.assoc_group_id, ack1.u.assoc_group_id)
7301
7302 conn2._disconnect("End of Test")
7303 return
7304
7305 def test_assoc_group_ok1(self):
7306 abstract = samba.dcerpc.mgmt.abstract_syntax()
7307 transfer = base.transfer_syntax_ndr()
7308
7309 (ctx1, ack1) = self.prepare_presentation(abstract, transfer,
7310 context_id=1, return_ack=True)
7311
7312 conn2 = self.second_connection()
7313 (ctx2, ack2) = conn2.prepare_presentation(abstract, transfer,
7314 assoc_group_id=ack1.u.assoc_group_id,
7315 context_id=2, return_ack=True)
7316
7317 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
7318 self.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids)
7319 conn2.do_single_request(call_id=1, ctx=ctx2, io=inq_if_ids)
7320
7321 conn2.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids,
7322 fault_pfc_flags=(
7323 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST |
7324 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_LAST |
7325 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE),
7326 fault_status=dcerpc.DCERPC_NCA_S_UNKNOWN_IF,
7327 fault_context_id=0)
7328
7329 self.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids)
7330 conn2.do_single_request(call_id=1, ctx=ctx2, io=inq_if_ids)
7331 conn2._disconnect("End of Test")
7332 return
7333
7334 def test_assoc_group_ok2(self):
7335 abstract = samba.dcerpc.mgmt.abstract_syntax()
7336 transfer = base.transfer_syntax_ndr()
7337
7338 self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
7339 secondary_address='\\pipe\\lsass',
7340 transport_creds=self.get_user_creds())
7341 (ctx1, ack1) = self.prepare_presentation(abstract, transfer,
7342 context_id=1, return_ack=True)
7343
7344 conn2 = self.second_connection()
7345 (ctx2, ack2) = conn2.prepare_presentation(abstract, transfer,
7346 assoc_group_id=ack1.u.assoc_group_id,
7347 context_id=2, return_ack=True)
7348
7349 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
7350 self.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids)
7351 conn2.do_single_request(call_id=1, ctx=ctx2, io=inq_if_ids)
7352
7353 conn2.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids,
7354 fault_pfc_flags=(
7355 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST |
7356 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_LAST |
7357 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE),
7358 fault_status=dcerpc.DCERPC_NCA_S_UNKNOWN_IF,
7359 fault_context_id=0)
7360
7361 self.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids)
7362 conn2.do_single_request(call_id=1, ctx=ctx2, io=inq_if_ids)
7363 conn2._disconnect("End of Test")
7364 return
7365
7366 def test_assoc_group_fail3(self):
7367 abstract = samba.dcerpc.mgmt.abstract_syntax()
7368 transfer = base.transfer_syntax_ndr()
7369
7370 (ctx1, ack1) = self.prepare_presentation(abstract, transfer,
7371 context_id=1, return_ack=True)
7372
7373 # assoc groups are per transport
7374 connF = self.second_connection(primary_address="\\pipe\\lsarpc",
7375 secondary_address="\\pipe\\lsass",
7376 transport_creds=self.get_user_creds())
7377 tsfF_list = [transfer]
7378 ctxF = samba.dcerpc.dcerpc.ctx_list()
7379 ctxF.context_id = 0xF
7380 ctxF.num_transfer_syntaxes = len(tsfF_list)
7381 ctxF.abstract_syntax = abstract
7382 ctxF.transfer_syntaxes = tsfF_list
7383 ack = connF.do_generic_bind(ctx=ctxF, assoc_group_id=ack1.u.assoc_group_id,
7384 nak_reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
7385 # wait for a disconnect
7386 rep = connF.recv_pdu()
7387 self.assertIsNone(rep)
7388 connF.assertNotConnected()
7389
7390 conn2 = self.second_connection()
7391 (ctx2, ack2) = conn2.prepare_presentation(abstract, transfer,
7392 assoc_group_id=ack1.u.assoc_group_id,
7393 context_id=2, return_ack=True)
7394
7395 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
7396 self.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids)
7397 conn2.do_single_request(call_id=1, ctx=ctx2, io=inq_if_ids)
7398
7399 conn2.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids,
7400 fault_pfc_flags=(
7401 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST |
7402 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_LAST |
7403 samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE),
7404 fault_status=dcerpc.DCERPC_NCA_S_UNKNOWN_IF,
7405 fault_context_id=0)
7406
7407 self.do_single_request(call_id=1, ctx=ctx1, io=inq_if_ids)
7408 conn2.do_single_request(call_id=1, ctx=ctx2, io=inq_if_ids)
7409 conn2._disconnect("End of Test")
7410 return
7411
7412 def _test_krb5_hdr_sign_delayed1(self, do_upgrade):
7413 auth_type = dcerpc.DCERPC_AUTH_TYPE_KRB5
7414 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
7415 auth_context_id = 1
7416
7417 creds = self.get_user_creds()
7418
7419 abstract = samba.dcerpc.mgmt.abstract_syntax()
7420 transfer = base.transfer_syntax_ndr()
7421
7422 tsf1_list = [transfer]
7423 ctx = samba.dcerpc.dcerpc.ctx_list()
7424 ctx.context_id = 1
7425 ctx.num_transfer_syntaxes = len(tsf1_list)
7426 ctx.abstract_syntax = abstract
7427 ctx.transfer_syntaxes = tsf1_list
7428
7429 auth_context = self.get_auth_context_creds(creds=creds,
7430 auth_type=auth_type,
7431 auth_level=auth_level,
7432 auth_context_id=auth_context_id,
7433 hdr_signing=False)
7434
7435 ack = self.do_generic_bind(call_id=1,
7436 ctx=ctx,
7437 auth_context=auth_context)
7438
7439 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
7440 self.do_single_request(call_id=2, ctx=ctx, io=inq_if_ids,
7441 auth_context=auth_context)
7442
7443 #
7444 # This is just an alter context without authentication
7445 # But it can turn on header signing for the whole connection
7446 #
7447 ack2 = self.do_generic_bind(call_id=3, ctx=ctx,
7448 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
7449 dcerpc.DCERPC_PFC_FLAG_LAST |
7450 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN,
7451 assoc_group_id = ack.u.assoc_group_id,
7452 start_with_alter=True)
7453
7454 self.assertFalse(auth_context['hdr_signing'])
7455 if do_upgrade:
7456 auth_context['hdr_signing'] = True
7457 auth_context["gensec"].want_feature(gensec.FEATURE_SIGN_PKT_HEADER)
7458 fault_status=None
7459 else:
7460 fault_status=dcerpc.DCERPC_FAULT_SEC_PKG_ERROR
7461
7462 self.do_single_request(call_id=4, ctx=ctx, io=inq_if_ids,
7463 auth_context=auth_context,
7464 fault_status=fault_status)
7465
7466 if fault_status is not None:
7467 # wait for a disconnect
7468 rep = self.recv_pdu()
7469 self.assertIsNone(rep)
7470 self.assertNotConnected()
7471 return
7472
7473 self.do_single_request(call_id=5, ctx=ctx, io=inq_if_ids,
7474 auth_context=auth_context)
7475 return
7476
7477 def test_krb5_hdr_sign_delayed1_ok1(self):
7478 return self._test_krb5_hdr_sign_delayed1(do_upgrade=True)
7479
7480 def test_krb5_hdr_sign_delayed1_fail1(self):
7481 return self._test_krb5_hdr_sign_delayed1(do_upgrade=False)
7482
7483 def _test_krb5_hdr_sign_delayed2(self, do_upgrade):
7484 auth_type = dcerpc.DCERPC_AUTH_TYPE_KRB5
7485 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
7486 auth_context_id = 1
7487
7488 creds = self.get_user_creds()
7489
7490 abstract = samba.dcerpc.mgmt.abstract_syntax()
7491 transfer = base.transfer_syntax_ndr()
7492
7493 tsf1_list = [transfer]
7494 ctx = samba.dcerpc.dcerpc.ctx_list()
7495 ctx.context_id = 1
7496 ctx.num_transfer_syntaxes = len(tsf1_list)
7497 ctx.abstract_syntax = abstract
7498 ctx.transfer_syntaxes = tsf1_list
7499
7500 auth_context = self.get_auth_context_creds(creds=creds,
7501 auth_type=auth_type,
7502 auth_level=auth_level,
7503 auth_context_id=auth_context_id,
7504 hdr_signing=False)
7505
7506 #
7507 # SUPPORT_HEADER_SIGN on alter context activates header signing
7508 #
7509 ack = self.do_generic_bind(call_id=1,
7510 ctx=ctx,
7511 auth_context=auth_context,
7512 pfc_flags_2nd=dcerpc.DCERPC_PFC_FLAG_FIRST |
7513 dcerpc.DCERPC_PFC_FLAG_LAST |
7514 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
7515
7516 self.assertFalse(auth_context['hdr_signing'])
7517 if do_upgrade:
7518 auth_context['hdr_signing'] = True
7519 auth_context["gensec"].want_feature(gensec.FEATURE_SIGN_PKT_HEADER)
7520 fault_status=None
7521 else:
7522 fault_status=dcerpc.DCERPC_FAULT_SEC_PKG_ERROR
7523
7524 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
7525 self.do_single_request(call_id=4, ctx=ctx, io=inq_if_ids,
7526 auth_context=auth_context,
7527 fault_status=fault_status)
7528
7529 if fault_status is not None:
7530 # wait for a disconnect
7531 rep = self.recv_pdu()
7532 self.assertIsNone(rep)
7533 self.assertNotConnected()
7534 return
7535
7536 self.do_single_request(call_id=5, ctx=ctx, io=inq_if_ids,
7537 auth_context=auth_context)
7538 return
7539
7540 def test_krb5_hdr_sign_delayed2_ok1(self):
7541 return self._test_krb5_hdr_sign_delayed2(do_upgrade=True)
7542
7543 def test_krb5_hdr_sign_delayed2_fail1(self):
7544 return self._test_krb5_hdr_sign_delayed2(do_upgrade=False)
7545
7546 def test_krb5_hdr_sign_delayed3_fail1(self):
7547 auth_type = dcerpc.DCERPC_AUTH_TYPE_KRB5
7548 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
7549 auth_context_id = 1
7550
7551 creds = self.get_user_creds()
7552
7553 abstract = samba.dcerpc.mgmt.abstract_syntax()
7554 transfer = base.transfer_syntax_ndr()
7555
7556 tsf1_list = [transfer]
7557 ctx = samba.dcerpc.dcerpc.ctx_list()
7558 ctx.context_id = 1
7559 ctx.num_transfer_syntaxes = len(tsf1_list)
7560 ctx.abstract_syntax = abstract
7561 ctx.transfer_syntaxes = tsf1_list
7562
7563 auth_context = self.get_auth_context_creds(creds=creds,
7564 auth_type=auth_type,
7565 auth_level=auth_level,
7566 auth_context_id=auth_context_id,
7567 hdr_signing=False)
7568
7569 #
7570 # SUPPORT_HEADER_SIGN on auth3 doesn't activate header signing
7571 #
7572 ack = self.do_generic_bind(call_id=1,
7573 ctx=ctx,
7574 auth_context=auth_context,
7575 pfc_flags_2nd=dcerpc.DCERPC_PFC_FLAG_FIRST |
7576 dcerpc.DCERPC_PFC_FLAG_LAST |
7577 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN,
7578 use_auth3=True)
7579
7580 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
7581 self.do_single_request(call_id=2, ctx=ctx, io=inq_if_ids,
7582 auth_context=auth_context)
7583
7584 self.assertFalse(auth_context['hdr_signing'])
7585 auth_context['hdr_signing'] = True
7586 auth_context["gensec"].want_feature(gensec.FEATURE_SIGN_PKT_HEADER)
7587 fault_status=dcerpc.DCERPC_FAULT_SEC_PKG_ERROR
7588
7589 self.do_single_request(call_id=4, ctx=ctx, io=inq_if_ids,
7590 auth_context=auth_context,
7591 fault_status=fault_status)
7592
7593 # wait for a disconnect
7594 rep = self.recv_pdu()
7595 self.assertIsNone(rep)
7596 self.assertNotConnected()
7597 return
7598
7599 def _test_lsa_multi_auth_connect1(self, smb_creds,
7600 account_name0, authority_name0):
7601 creds1 = self.get_anon_creds()
7602 account_name1 = "ANONYMOUS LOGON"
7603 authority_name1 = "NT AUTHORITY"
7604 auth_type1 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
7605 auth_level1 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
7606 auth_context_id1 = 1
7607
7608 creds2 = self.get_user_creds()
7609 account_name2 = creds2.get_username()
7610 authority_name2 = creds2.get_domain()
7611 auth_type2 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
7612 auth_level2 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
7613 auth_context_id2 = 2
7614
7615 abstract = samba.dcerpc.lsa.abstract_syntax()
7616 transfer = base.transfer_syntax_ndr()
7617
7618 self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
7619 secondary_address='\\pipe\\lsass',
7620 transport_creds=smb_creds)
7621 self.assertIsConnected()
7622
7623 tsf1_list = [transfer]
7624 ctx1 = samba.dcerpc.dcerpc.ctx_list()
7625 ctx1.context_id = 1
7626 ctx1.num_transfer_syntaxes = len(tsf1_list)
7627 ctx1.abstract_syntax = abstract
7628 ctx1.transfer_syntaxes = tsf1_list
7629
7630 auth_context1 = self.get_auth_context_creds(creds=creds1,
7631 auth_type=auth_type1,
7632 auth_level=auth_level1,
7633 auth_context_id=auth_context_id1,
7634 hdr_signing=False)
7635 auth_context2 = self.get_auth_context_creds(creds=creds2,
7636 auth_type=auth_type2,
7637 auth_level=auth_level2,
7638 auth_context_id=auth_context_id2,
7639 hdr_signing=False)
7640
7641 get_user_name = samba.dcerpc.lsa.GetUserName()
7642 get_user_name.in_system_name = self.target_hostname
7643 get_user_name.in_account_name = None
7644 get_user_name.in_authority_name = base.ndr_pointer(None)
7645
7646 ack1 = self.do_generic_bind(call_id=0,
7647 ctx=ctx1,
7648 auth_context=auth_context1)
7649
7650 #
7651 # Note modern servers don't allow
7652 # DCERPC_AUTH_LEVEL_CONNECT for lsa anymore
7653 #
7654 if self.auth_level_connect_lsa:
7655 expected_fault_status = None
7656 else:
7657 expected_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
7658
7659 #
7660 # With just one explicit auth context and that
7661 # uses AUTH_LEVEL_CONNECT context.
7662 #
7663 # We always get that by default instead of the one default one
7664 # inherited from the transport
7665 #
7666 self.do_single_request(call_id=1, ctx=ctx1, io=get_user_name,
7667 fault_status=expected_fault_status)
7668 if not self.auth_level_connect_lsa:
7669 # wait for a disconnect
7670 rep = self.recv_pdu()
7671 self.assertIsNone(rep)
7672 self.assertNotConnected()
7673 return
7674 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7675 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7676 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7677
7678 self.do_single_request(call_id=2, ctx=ctx1, io=get_user_name,
7679 auth_context=auth_context1)
7680 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7681 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7682 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7683
7684 ack2 = self.do_generic_bind(call_id=3,
7685 ctx=ctx1,
7686 auth_context=auth_context2,
7687 assoc_group_id = ack1.u.assoc_group_id,
7688 start_with_alter=True)
7689
7690 #
7691 # Now we have two explicit auth contexts
7692 #
7693 # If we don't specify one of them we get the default one
7694 # inherited from the transport
7695 #
7696 self.do_single_request(call_id=4, ctx=ctx1, io=get_user_name)
7697 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7698 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
7699 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
7700
7701 self.do_single_request(call_id=5, ctx=ctx1, io=get_user_name,
7702 auth_context=auth_context1)
7703 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7704 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7705 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7706
7707 self.do_single_request(call_id=6, ctx=ctx1, io=get_user_name,
7708 auth_context=auth_context2)
7709 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7710 self.assertEqualsStrLower(get_user_name.out_account_name, account_name2)
7711 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name2)
7712
7713 self.do_single_request(call_id=7, ctx=ctx1, io=get_user_name)
7714 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7715 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
7716 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
7717
7718 return
7719
7720 def test_lsa_multi_auth_connect1u(self):
7721 smb_auth_creds = self.get_user_creds()
7722 account_name0 = smb_auth_creds.get_username()
7723 authority_name0 = smb_auth_creds.get_domain()
7724 return self._test_lsa_multi_auth_connect1(smb_auth_creds,
7725 account_name0,
7726 authority_name0)
7727
7728 def test_lsa_multi_auth_connect1a(self):
7729 smb_auth_creds = self.get_anon_creds()
7730 account_name0 = "ANONYMOUS LOGON"
7731 authority_name0 = "NT AUTHORITY"
7732 return self._test_lsa_multi_auth_connect1(smb_auth_creds,
7733 account_name0,
7734 authority_name0)
7735
7736 def _test_lsa_multi_auth_connect2(self, smb_creds,
7737 account_name0, authority_name0):
7738 creds1 = self.get_anon_creds()
7739 account_name1 = "ANONYMOUS LOGON"
7740 authority_name1 = "NT AUTHORITY"
7741 auth_type1 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
7742 auth_level1 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
7743 auth_context_id1 = 1
7744
7745 creds2 = self.get_user_creds()
7746 account_name2 = creds2.get_username()
7747 authority_name2 = creds2.get_domain()
7748 auth_type2 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
7749 auth_level2 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
7750 auth_context_id2 = 2
7751
7752 abstract = samba.dcerpc.lsa.abstract_syntax()
7753 transfer = base.transfer_syntax_ndr()
7754
7755 self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
7756 secondary_address='\\pipe\\lsass',
7757 transport_creds=smb_creds)
7758 self.assertIsConnected()
7759
7760 tsf1_list = [transfer]
7761 ctx1 = samba.dcerpc.dcerpc.ctx_list()
7762 ctx1.context_id = 1
7763 ctx1.num_transfer_syntaxes = len(tsf1_list)
7764 ctx1.abstract_syntax = abstract
7765 ctx1.transfer_syntaxes = tsf1_list
7766
7767 auth_context1 = self.get_auth_context_creds(creds=creds1,
7768 auth_type=auth_type1,
7769 auth_level=auth_level1,
7770 auth_context_id=auth_context_id1,
7771 hdr_signing=False)
7772 auth_context2 = self.get_auth_context_creds(creds=creds2,
7773 auth_type=auth_type2,
7774 auth_level=auth_level2,
7775 auth_context_id=auth_context_id2,
7776 hdr_signing=False)
7777
7778 get_user_name = samba.dcerpc.lsa.GetUserName()
7779 get_user_name.in_system_name = self.target_hostname
7780 get_user_name.in_account_name = None
7781 get_user_name.in_authority_name = base.ndr_pointer(None)
7782
7783 ack0 = self.do_generic_bind(call_id=0, ctx=ctx1)
7784
7785 #
7786 # We use the default auth context
7787 # inherited from the transport
7788 #
7789 self.do_single_request(call_id=1, ctx=ctx1, io=get_user_name)
7790 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7791 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
7792 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
7793
7794 ack1 = self.do_generic_bind(call_id=2,
7795 ctx=ctx1,
7796 auth_context=auth_context1,
7797 assoc_group_id = ack0.u.assoc_group_id,
7798 start_with_alter=True)
7799
7800 #
7801 # Note modern servers don't allow
7802 # DCERPC_AUTH_LEVEL_CONNECT for lsa anymore
7803 #
7804 if self.auth_level_connect_lsa:
7805 expected_fault_status = None
7806 else:
7807 expected_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
7808
7809 #
7810 # With just one explicit auth context and that
7811 # uses AUTH_LEVEL_CONNECT context.
7812 #
7813 # We always get that by default instead of the one default one
7814 # inherited from the transport
7815 #
7816 self.do_single_request(call_id=3, ctx=ctx1, io=get_user_name,
7817 fault_status=expected_fault_status)
7818 if not self.auth_level_connect_lsa:
7819 # wait for a disconnect
7820 rep = self.recv_pdu()
7821 self.assertIsNone(rep)
7822 self.assertNotConnected()
7823 return
7824 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7825 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7826 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7827
7828 self.do_single_request(call_id=4, ctx=ctx1, io=get_user_name,
7829 auth_context=auth_context1)
7830 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7831 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7832 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7833
7834 ack2 = self.do_generic_bind(call_id=5,
7835 ctx=ctx1,
7836 auth_context=auth_context2,
7837 assoc_group_id = ack0.u.assoc_group_id,
7838 start_with_alter=True)
7839
7840 #
7841 # Now we have two explicit auth contexts
7842 #
7843 # If we don't specify one of them we get the default one
7844 # inherited from the transport (again)
7845 #
7846 self.do_single_request(call_id=6, ctx=ctx1, io=get_user_name)
7847 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7848 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
7849 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
7850
7851 self.do_single_request(call_id=7, ctx=ctx1, io=get_user_name,
7852 auth_context=auth_context1)
7853 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7854 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7855 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7856
7857 self.do_single_request(call_id=8, ctx=ctx1, io=get_user_name,
7858 auth_context=auth_context2)
7859 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7860 self.assertEqualsStrLower(get_user_name.out_account_name, account_name2)
7861 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name2)
7862
7863 self.do_single_request(call_id=9, ctx=ctx1, io=get_user_name)
7864 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7865 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
7866 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
7867
7868 return
7869
7870 def test_lsa_multi_auth_connect2u(self):
7871 smb_auth_creds = self.get_user_creds()
7872 account_name0 = smb_auth_creds.get_username()
7873 authority_name0 = smb_auth_creds.get_domain()
7874 return self._test_lsa_multi_auth_connect2(smb_auth_creds,
7875 account_name0,
7876 authority_name0)
7877
7878 def test_lsa_multi_auth_connect2a(self):
7879 smb_auth_creds = self.get_anon_creds()
7880 account_name0 = "ANONYMOUS LOGON"
7881 authority_name0 = "NT AUTHORITY"
7882 return self._test_lsa_multi_auth_connect2(smb_auth_creds,
7883 account_name0,
7884 authority_name0)
7885
7886 def _test_lsa_multi_auth_connect3(self, smb_creds,
7887 account_name0, authority_name0):
7888 creds1 = self.get_anon_creds()
7889 account_name1 = "ANONYMOUS LOGON"
7890 authority_name1 = "NT AUTHORITY"
7891 auth_type1 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
7892 auth_level1 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
7893 auth_context_id1 = 1
7894
7895 creds2 = self.get_user_creds()
7896 account_name2 = creds2.get_username()
7897 authority_name2 = creds2.get_domain()
7898 auth_type2 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
7899 auth_level2 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
7900 auth_context_id2 = 2
7901
7902 abstract = samba.dcerpc.lsa.abstract_syntax()
7903 transfer = base.transfer_syntax_ndr()
7904
7905 self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
7906 secondary_address='\\pipe\\lsass',
7907 transport_creds=smb_creds)
7908 self.assertIsConnected()
7909
7910 tsf1_list = [transfer]
7911 ctx1 = samba.dcerpc.dcerpc.ctx_list()
7912 ctx1.context_id = 1
7913 ctx1.num_transfer_syntaxes = len(tsf1_list)
7914 ctx1.abstract_syntax = abstract
7915 ctx1.transfer_syntaxes = tsf1_list
7916
7917 auth_context1 = self.get_auth_context_creds(creds=creds1,
7918 auth_type=auth_type1,
7919 auth_level=auth_level1,
7920 auth_context_id=auth_context_id1,
7921 hdr_signing=False)
7922 auth_context2 = self.get_auth_context_creds(creds=creds2,
7923 auth_type=auth_type2,
7924 auth_level=auth_level2,
7925 auth_context_id=auth_context_id2,
7926 hdr_signing=False)
7927
7928 get_user_name = samba.dcerpc.lsa.GetUserName()
7929 get_user_name.in_system_name = self.target_hostname
7930 get_user_name.in_account_name = None
7931 get_user_name.in_authority_name = base.ndr_pointer(None)
7932
7933 ack0 = self.do_generic_bind(call_id=0, ctx=ctx1)
7934
7935 #
7936 # We use the default auth context
7937 # inherited from the transport
7938 #
7939 self.do_single_request(call_id=1, ctx=ctx1, io=get_user_name)
7940 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7941 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
7942 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
7943
7944 ack1 = self.do_generic_bind(call_id=2,
7945 ctx=ctx1,
7946 auth_context=auth_context1,
7947 assoc_group_id = ack0.u.assoc_group_id,
7948 start_with_alter=True)
7949
7950 #
7951 # Note modern servers don't allow
7952 # DCERPC_AUTH_LEVEL_CONNECT for lsa anymore
7953 #
7954 if self.auth_level_connect_lsa:
7955 expected_fault_status = None
7956 else:
7957 expected_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
7958
7959 #
7960 # With just one explicit auth context and that
7961 # uses AUTH_LEVEL_CONNECT context.
7962 #
7963 # We always get that by default instead of the one default one
7964 # inherited from the transport
7965 #
7966 # Until an explicit usage resets that mode
7967 #
7968 self.do_single_request(call_id=3, ctx=ctx1, io=get_user_name,
7969 fault_status=expected_fault_status)
7970 if not self.auth_level_connect_lsa:
7971 # wait for a disconnect
7972 rep = self.recv_pdu()
7973 self.assertIsNone(rep)
7974 self.assertNotConnected()
7975 return
7976 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7977 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7978 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7979
7980 self.do_single_request(call_id=4, ctx=ctx1, io=get_user_name)
7981 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7982 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7983 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7984
7985 self.do_single_request(call_id=5, ctx=ctx1, io=get_user_name,
7986 auth_context=auth_context1)
7987 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7988 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
7989 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
7990
7991 self.do_single_request(call_id=6, ctx=ctx1, io=get_user_name)
7992 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
7993 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
7994 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
7995
7996 ack2 = self.do_generic_bind(call_id=7,
7997 ctx=ctx1,
7998 auth_context=auth_context2,
7999 assoc_group_id = ack0.u.assoc_group_id,
8000 start_with_alter=True)
8001 #
8002 # A new auth context won't change that mode again.
8003 #
8004 self.do_single_request(call_id=8, ctx=ctx1, io=get_user_name)
8005 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8006 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8007 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8008
8009 self.do_single_request(call_id=9, ctx=ctx1, io=get_user_name,
8010 auth_context=auth_context1)
8011 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8012 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
8013 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
8014
8015 self.do_single_request(call_id=10, ctx=ctx1, io=get_user_name,
8016 auth_context=auth_context2)
8017 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8018 self.assertEqualsStrLower(get_user_name.out_account_name, account_name2)
8019 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name2)
8020
8021 self.do_single_request(call_id=11, ctx=ctx1, io=get_user_name)
8022 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8023 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8024 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8025
8026 return
8027
8028 def test_lsa_multi_auth_connect3u(self):
8029 smb_auth_creds = self.get_user_creds()
8030 account_name0 = smb_auth_creds.get_username()
8031 authority_name0 = smb_auth_creds.get_domain()
8032 return self._test_lsa_multi_auth_connect3(smb_auth_creds,
8033 account_name0,
8034 authority_name0)
8035
8036 def test_lsa_multi_auth_connect3a(self):
8037 smb_auth_creds = self.get_anon_creds()
8038 account_name0 = "ANONYMOUS LOGON"
8039 authority_name0 = "NT AUTHORITY"
8040 return self._test_lsa_multi_auth_connect3(smb_auth_creds,
8041 account_name0,
8042 authority_name0)
8043
8044 def _test_lsa_multi_auth_connect4(self, smb_creds,
8045 account_name0, authority_name0):
8046 creds1 = self.get_anon_creds()
8047 account_name1 = "ANONYMOUS LOGON"
8048 authority_name1 = "NT AUTHORITY"
8049 auth_type1 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
8050 auth_level1 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
8051 auth_context_id1 = 1
8052
8053 creds2 = self.get_user_creds()
8054 account_name2 = creds2.get_username()
8055 authority_name2 = creds2.get_domain()
8056 auth_type2 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
8057 auth_level2 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
8058 auth_context_id2 = 2
8059
8060 creds3 = self.get_anon_creds()
8061 account_name3 = "ANONYMOUS LOGON"
8062 authority_name3 = "NT AUTHORITY"
8063 auth_type3 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
8064 auth_level3 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
8065 auth_context_id3 = 3
8066
8067 creds4 = self.get_user_creds()
8068 account_name4 = creds4.get_username()
8069 authority_name4 = creds4.get_domain()
8070 auth_type4 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
8071 auth_level4 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
8072 auth_context_id4 = 4
8073
8074 abstract = samba.dcerpc.lsa.abstract_syntax()
8075 transfer = base.transfer_syntax_ndr()
8076
8077 self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
8078 secondary_address='\\pipe\\lsass',
8079 transport_creds=smb_creds)
8080 self.assertIsConnected()
8081
8082 tsf1_list = [transfer]
8083 ctx1 = samba.dcerpc.dcerpc.ctx_list()
8084 ctx1.context_id = 1
8085 ctx1.num_transfer_syntaxes = len(tsf1_list)
8086 ctx1.abstract_syntax = abstract
8087 ctx1.transfer_syntaxes = tsf1_list
8088
8089 auth_context1 = self.get_auth_context_creds(creds=creds1,
8090 auth_type=auth_type1,
8091 auth_level=auth_level1,
8092 auth_context_id=auth_context_id1,
8093 hdr_signing=False)
8094 auth_context2 = self.get_auth_context_creds(creds=creds2,
8095 auth_type=auth_type2,
8096 auth_level=auth_level2,
8097 auth_context_id=auth_context_id2,
8098 hdr_signing=False)
8099 auth_context3 = self.get_auth_context_creds(creds=creds3,
8100 auth_type=auth_type3,
8101 auth_level=auth_level3,
8102 auth_context_id=auth_context_id3,
8103 hdr_signing=False)
8104 auth_context4 = self.get_auth_context_creds(creds=creds4,
8105 auth_type=auth_type4,
8106 auth_level=auth_level4,
8107 auth_context_id=auth_context_id4,
8108 hdr_signing=False)
8109
8110 get_user_name = samba.dcerpc.lsa.GetUserName()
8111 get_user_name.in_system_name = self.target_hostname
8112 get_user_name.in_account_name = None
8113 get_user_name.in_authority_name = base.ndr_pointer(None)
8114
8115 ack0 = self.do_generic_bind(call_id=0, ctx=ctx1)
8116
8117 #
8118 # We use the default auth context
8119 # inherited from the transport
8120 #
8121 self.do_single_request(call_id=1, ctx=ctx1, io=get_user_name)
8122 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8123 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8124 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8125
8126 ack1 = self.do_generic_bind(call_id=2,
8127 ctx=ctx1,
8128 auth_context=auth_context1,
8129 assoc_group_id = ack0.u.assoc_group_id,
8130 start_with_alter=True)
8131
8132 #
8133 # Note modern servers don't allow
8134 # DCERPC_AUTH_LEVEL_CONNECT for lsa anymore
8135 #
8136 if self.auth_level_connect_lsa:
8137 expected_fault_status = None
8138 else:
8139 expected_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
8140
8141 #
8142 # With just one explicit auth context and that
8143 # uses AUTH_LEVEL_CONNECT context.
8144 #
8145 # We always get that by default instead of the one default one
8146 # inherited from the transport
8147 #
8148 # Until a new explicit context resets the mode
8149 #
8150 self.do_single_request(call_id=3, ctx=ctx1, io=get_user_name,
8151 fault_status=expected_fault_status)
8152 if not self.auth_level_connect_lsa:
8153 # wait for a disconnect
8154 rep = self.recv_pdu()
8155 self.assertIsNone(rep)
8156 self.assertNotConnected()
8157 return
8158 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8159 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
8160 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
8161
8162 self.do_single_request(call_id=4, ctx=ctx1, io=get_user_name)
8163 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8164 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
8165 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
8166
8167 ack2 = self.do_generic_bind(call_id=5,
8168 ctx=ctx1,
8169 auth_context=auth_context2,
8170 assoc_group_id = ack0.u.assoc_group_id,
8171 start_with_alter=True)
8172
8173 #
8174 # Note modern servers don't allow
8175 # DCERPC_AUTH_LEVEL_CONNECT for lsa anymore
8176 #
8177 if self.auth_level_connect_lsa:
8178 expected_fault_status = None
8179 else:
8180 expected_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
8181
8182 #
8183 # A new auth context with LEVEL_CONNECT resets the default.
8184 #
8185 self.do_single_request(call_id=6, ctx=ctx1, io=get_user_name,
8186 fault_status=expected_fault_status)
8187 if not self.auth_level_connect_lsa:
8188 # wait for a disconnect
8189 rep = self.recv_pdu()
8190 self.assertIsNone(rep)
8191 self.assertNotConnected()
8192 return
8193 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8194 self.assertEqualsStrLower(get_user_name.out_account_name, account_name2)
8195 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name2)
8196
8197 self.do_single_request(call_id=7, ctx=ctx1, io=get_user_name)
8198 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8199 self.assertEqualsStrLower(get_user_name.out_account_name, account_name2)
8200 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name2)
8201
8202 ack3 = self.do_generic_bind(call_id=8,
8203 ctx=ctx1,
8204 auth_context=auth_context3,
8205 assoc_group_id = ack0.u.assoc_group_id,
8206 start_with_alter=True)
8207
8208 #
8209 # A new auth context with LEVEL_CONNECT resets the default.
8210 #
8211 self.do_single_request(call_id=9, ctx=ctx1, io=get_user_name)
8212 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8213 self.assertEqualsStrLower(get_user_name.out_account_name, account_name3)
8214 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name3)
8215
8216 self.do_single_request(call_id=10, ctx=ctx1, io=get_user_name)
8217 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8218 self.assertEqualsStrLower(get_user_name.out_account_name, account_name3)
8219 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name3)
8220
8221 ack4 = self.do_generic_bind(call_id=11,
8222 ctx=ctx1,
8223 auth_context=auth_context4,
8224 assoc_group_id = ack0.u.assoc_group_id,
8225 start_with_alter=True)
8226
8227 #
8228 # A new auth context with LEVEL_CONNECT resets the default.
8229 #
8230 self.do_single_request(call_id=12, ctx=ctx1, io=get_user_name)
8231 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8232 self.assertEqualsStrLower(get_user_name.out_account_name, account_name4)
8233 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name4)
8234
8235 self.do_single_request(call_id=13, ctx=ctx1, io=get_user_name)
8236 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8237 self.assertEqualsStrLower(get_user_name.out_account_name, account_name4)
8238 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name4)
8239
8240 #
8241 # Only the explicit usage of any context reset that mode
8242 #
8243 self.do_single_request(call_id=14, ctx=ctx1, io=get_user_name,
8244 auth_context=auth_context1)
8245 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8246 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
8247 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
8248
8249 self.do_single_request(call_id=15, ctx=ctx1, io=get_user_name)
8250 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8251 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8252 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8253
8254 self.do_single_request(call_id=16, ctx=ctx1, io=get_user_name,
8255 auth_context=auth_context1)
8256 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8257 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
8258 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
8259
8260 self.do_single_request(call_id=17, ctx=ctx1, io=get_user_name,
8261 auth_context=auth_context2)
8262 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8263 self.assertEqualsStrLower(get_user_name.out_account_name, account_name2)
8264 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name2)
8265
8266 self.do_single_request(call_id=18, ctx=ctx1, io=get_user_name,
8267 auth_context=auth_context3)
8268 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8269 self.assertEqualsStrLower(get_user_name.out_account_name, account_name3)
8270 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name3)
8271
8272 self.do_single_request(call_id=19, ctx=ctx1, io=get_user_name,
8273 auth_context=auth_context4)
8274 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8275 self.assertEqualsStrLower(get_user_name.out_account_name, account_name4)
8276 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name4)
8277
8278 self.do_single_request(call_id=20, ctx=ctx1, io=get_user_name)
8279 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8280 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8281 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8282
8283 return
8284
8285 def test_lsa_multi_auth_connect4u(self):
8286 smb_auth_creds = self.get_user_creds()
8287 account_name0 = smb_auth_creds.get_username()
8288 authority_name0 = smb_auth_creds.get_domain()
8289 return self._test_lsa_multi_auth_connect4(smb_auth_creds,
8290 account_name0,
8291 authority_name0)
8292
8293 def test_lsa_multi_auth_connect4a(self):
8294 smb_auth_creds = self.get_anon_creds()
8295 account_name0 = "ANONYMOUS LOGON"
8296 authority_name0 = "NT AUTHORITY"
8297 return self._test_lsa_multi_auth_connect4(smb_auth_creds,
8298 account_name0,
8299 authority_name0)
8300
8301 def _test_lsa_multi_auth_sign_connect1(self, smb_creds,
8302 account_name0, authority_name0):
8303
8304 creds1 = self.get_user_creds()
8305 account_name1 = creds1.get_username()
8306 authority_name1 = creds1.get_domain()
8307 auth_type1 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
8308 auth_level1 = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
8309 auth_context_id1 = 1
8310
8311 creds2 = self.get_user_creds()
8312 account_name2 = creds2.get_username()
8313 authority_name2 = creds2.get_domain()
8314 auth_type2 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
8315 auth_level2 = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
8316 auth_context_id2 = 2
8317
8318 creds3 = self.get_anon_creds()
8319 account_name3 = "ANONYMOUS LOGON"
8320 authority_name3 = "NT AUTHORITY"
8321 auth_type3 = dcerpc.DCERPC_AUTH_TYPE_NTLMSSP
8322 auth_level3 = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
8323 auth_context_id3 = 3
8324
8325 abstract = samba.dcerpc.lsa.abstract_syntax()
8326 transfer = base.transfer_syntax_ndr()
8327
8328 self.reconnect_smb_pipe(primary_address='\\pipe\\lsarpc',
8329 secondary_address='\\pipe\\lsass',
8330 transport_creds=smb_creds)
8331 self.assertIsConnected()
8332
8333 tsf1_list = [transfer]
8334 ctx1 = samba.dcerpc.dcerpc.ctx_list()
8335 ctx1.context_id = 1
8336 ctx1.num_transfer_syntaxes = len(tsf1_list)
8337 ctx1.abstract_syntax = abstract
8338 ctx1.transfer_syntaxes = tsf1_list
8339
8340 auth_context1 = self.get_auth_context_creds(creds=creds1,
8341 auth_type=auth_type1,
8342 auth_level=auth_level1,
8343 auth_context_id=auth_context_id1,
8344 hdr_signing=False)
8345 auth_context2 = self.get_auth_context_creds(creds=creds2,
8346 auth_type=auth_type2,
8347 auth_level=auth_level2,
8348 auth_context_id=auth_context_id2,
8349 hdr_signing=False)
8350 auth_context3 = self.get_auth_context_creds(creds=creds3,
8351 auth_type=auth_type3,
8352 auth_level=auth_level3,
8353 auth_context_id=auth_context_id3,
8354 hdr_signing=False)
8355
8356 get_user_name = samba.dcerpc.lsa.GetUserName()
8357 get_user_name.in_system_name = self.target_hostname
8358 get_user_name.in_account_name = None
8359 get_user_name.in_authority_name = base.ndr_pointer(None)
8360
8361 ack1 = self.do_generic_bind(call_id=0,
8362 ctx=ctx1,
8363 auth_context=auth_context1)
8364
8365 #
8366 # Note modern servers don't allow
8367 # DCERPC_AUTH_LEVEL_CONNECT for lsa anymore
8368 #
8369 if self.auth_level_connect_lsa:
8370 expected_fault_status = None
8371 else:
8372 expected_fault_status = dcerpc.DCERPC_FAULT_ACCESS_DENIED
8373
8374 #
8375 # With just one explicit auth context and that
8376 # *not* uses AUTH_LEVEL_CONNECT context.
8377 #
8378 # We don't get the by default (auth_context1)
8379 #
8380 self.do_single_request(call_id=1, ctx=ctx1, io=get_user_name)
8381 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8382 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8383 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8384
8385 self.do_single_request(call_id=2, ctx=ctx1, io=get_user_name,
8386 auth_context=auth_context1)
8387 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8388 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
8389 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
8390
8391 self.do_single_request(call_id=3, ctx=ctx1, io=get_user_name)
8392 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8393 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8394 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8395
8396 ack2 = self.do_generic_bind(call_id=4,
8397 ctx=ctx1,
8398 auth_context=auth_context2,
8399 assoc_group_id = ack1.u.assoc_group_id,
8400 start_with_alter=True)
8401
8402 #
8403 # With just two explicit auth context and
8404 # *none* uses AUTH_LEVEL_CONNECT context.
8405 #
8406 # We don't get auth_context1 or auth_context2 by default
8407 #
8408 self.do_single_request(call_id=5, ctx=ctx1, io=get_user_name)
8409 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8410 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8411 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8412
8413 self.do_single_request(call_id=6, ctx=ctx1, io=get_user_name,
8414 auth_context=auth_context1)
8415 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8416 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
8417 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
8418
8419 self.do_single_request(call_id=7, ctx=ctx1, io=get_user_name,
8420 auth_context=auth_context2)
8421 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8422 self.assertEqualsStrLower(get_user_name.out_account_name, account_name2)
8423 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name2)
8424
8425 self.do_single_request(call_id=8, ctx=ctx1, io=get_user_name)
8426 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8427 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8428 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8429
8430 ack3 = self.do_generic_bind(call_id=9,
8431 ctx=ctx1,
8432 auth_context=auth_context3,
8433 assoc_group_id = ack1.u.assoc_group_id,
8434 start_with_alter=True)
8435
8436 #
8437 # Now we have tree explicit auth contexts,
8438 # but just one with AUTH_LEVEL_CONNECT
8439 #
8440 # If we don't specify one of them we get
8441 # that one auth_level_connect context.
8442 #
8443 # Until an explicit usage of any auth context reset that mode.
8444 #
8445 self.do_single_request(call_id=10, ctx=ctx1, io=get_user_name,
8446 fault_status=expected_fault_status)
8447 if self.auth_level_connect_lsa:
8448 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8449 self.assertEqualsStrLower(get_user_name.out_account_name, account_name3)
8450 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name3)
8451
8452 self.do_single_request(call_id=11, ctx=ctx1, io=get_user_name,
8453 fault_status=expected_fault_status)
8454 if self.auth_level_connect_lsa:
8455 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8456 self.assertEqualsStrLower(get_user_name.out_account_name, account_name3)
8457 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name3)
8458
8459 self.do_single_request(call_id=12, ctx=ctx1, io=get_user_name,
8460 auth_context=auth_context1)
8461 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8462 self.assertEqualsStrLower(get_user_name.out_account_name, account_name1)
8463 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name1)
8464
8465 self.do_single_request(call_id=13, ctx=ctx1, io=get_user_name)
8466 self.assertEqual(get_user_name.result[0], NT_STATUS_SUCCESS)
8467 self.assertEqualsStrLower(get_user_name.out_account_name, account_name0)
8468 self.assertEqualsStrLower(get_user_name.out_authority_name.value, authority_name0)
8469
8470 return
8471
8472 def test_lsa_multi_auth_sign_connect1u(self):
8473 smb_auth_creds = self.get_user_creds()
8474 account_name0 = smb_auth_creds.get_username()
8475 authority_name0 = smb_auth_creds.get_domain()
8476 return self._test_lsa_multi_auth_sign_connect1(smb_auth_creds,
8477 account_name0,
8478 authority_name0)
8479 def test_lsa_multi_auth_sign_connect1a(self):
8480 smb_auth_creds = self.get_anon_creds()
8481 account_name0 = "ANONYMOUS LOGON"
8482 authority_name0 = "NT AUTHORITY"
8483 return self._test_lsa_multi_auth_sign_connect1(smb_auth_creds,
8484 account_name0,
8485 authority_name0)
8486
8487 def test_spnego_multiple_auth_hdr_signing(self):
8488 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
8489 auth_level1 = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
8490 auth_context_id1=1
8491 auth_level2 = dcerpc.DCERPC_AUTH_LEVEL_PACKET
8492 auth_context_id2=2
8493
8494 creds = self.get_user_creds()
8495
8496 abstract = samba.dcerpc.mgmt.abstract_syntax()
8497 transfer = base.transfer_syntax_ndr()
8498
8499 tsf1_list = [transfer]
8500 ctx = samba.dcerpc.dcerpc.ctx_list()
8501 ctx.context_id = 1
8502 ctx.num_transfer_syntaxes = len(tsf1_list)
8503 ctx.abstract_syntax = abstract
8504 ctx.transfer_syntaxes = tsf1_list
8505
8506 auth_context1 = self.get_auth_context_creds(creds=creds,
8507 auth_type=auth_type,
8508 auth_level=auth_level1,
8509 auth_context_id=auth_context_id1,
8510 hdr_signing=False)
8511 auth_context2 = self.get_auth_context_creds(creds=creds,
8512 auth_type=auth_type,
8513 auth_level=auth_level2,
8514 auth_context_id=auth_context_id2,
8515 hdr_signing=False)
8516
8517 ack0 = self.do_generic_bind(call_id=1, ctx=ctx)
8518
8519 ack1 = self.do_generic_bind(call_id=2,
8520 ctx=ctx,
8521 auth_context=auth_context1,
8522 assoc_group_id = ack0.u.assoc_group_id,
8523 start_with_alter=True)
8524 ack2 = self.do_generic_bind(call_id=3,
8525 ctx=ctx,
8526 auth_context=auth_context2,
8527 assoc_group_id = ack0.u.assoc_group_id,
8528 start_with_alter=True)
8529
8530 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
8531 self.do_single_request(call_id=4, ctx=ctx, io=inq_if_ids)
8532 self.do_single_request(call_id=5, ctx=ctx, io=inq_if_ids,
8533 auth_context=auth_context1)
8534 self.do_single_request(call_id=6, ctx=ctx, io=inq_if_ids,
8535 auth_context=auth_context2)
8536
8537 ack3 = self.do_generic_bind(call_id=7, ctx=ctx,
8538 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
8539 dcerpc.DCERPC_PFC_FLAG_LAST |
8540 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN,
8541 assoc_group_id = ack0.u.assoc_group_id,
8542 start_with_alter=True)
8543
8544 self.assertFalse(auth_context1['hdr_signing'])
8545 auth_context1['hdr_signing'] = True
8546 auth_context1["gensec"].want_feature(gensec.FEATURE_SIGN_PKT_HEADER)
8547
8548 self.do_single_request(call_id=8, ctx=ctx, io=inq_if_ids)
8549 self.do_single_request(call_id=9, ctx=ctx, io=inq_if_ids,
8550 auth_context=auth_context1)
8551 self.do_single_request(call_id=10, ctx=ctx, io=inq_if_ids,
8552 auth_context=auth_context2,
8553 fault_status=dcerpc.DCERPC_FAULT_SEC_PKG_ERROR)
8554
8555 # wait for a disconnect
8556 rep = self.recv_pdu()
8557 self.assertIsNone(rep)
8558 self.assertNotConnected()
8559
8560 def test_no_auth_ctx_request(self):
8561 abstract = samba.dcerpc.mgmt.abstract_syntax()
8562 transfer = base.transfer_syntax_ndr()
8563
8564 tsf1_list = [transfer]
8565 ctx = samba.dcerpc.dcerpc.ctx_list()
8566 ctx.context_id = 1
8567 ctx.num_transfer_syntaxes = len(tsf1_list)
8568 ctx.abstract_syntax = abstract
8569 ctx.transfer_syntaxes = tsf1_list
8570
8571 auth_context = {}
8572 auth_context["auth_type"] = 0
8573 auth_context["auth_level"] = 0
8574 auth_context["auth_context_id"] = 0
8575 auth_context["g_auth_level"] = 0
8576 auth_context["gensec"] = None
8577 auth_context["hdr_signing"] = False
8578 auth_context["expect_3legs"] = False
8579
8580 ack0 = self.do_generic_bind(call_id=1, ctx=ctx)
8581
8582 inq_if_ids = samba.dcerpc.mgmt.inq_if_ids()
8583 self.do_single_request(call_id=2, ctx=ctx, io=inq_if_ids,
8584 auth_context=auth_context,
8585 fault_status=dcerpc.DCERPC_FAULT_ACCESS_DENIED)
8586
8587 # wait for a disconnect
8588 rep = self.recv_pdu()
8589 self.assertIsNone(rep)
8590 self.assertNotConnected()
8591
8592
8593 def test_multiple_auth_limit(self):
8594 creds = self.get_user_creds()
8595
8596 abstract = samba.dcerpc.mgmt.abstract_syntax()
8597 transfer = base.transfer_syntax_ndr()
8598
8599 tsf1_list = [transfer]
8600 ctx = samba.dcerpc.dcerpc.ctx_list()
8601 ctx.context_id = 1
8602 ctx.num_transfer_syntaxes = len(tsf1_list)
8603 ctx.abstract_syntax = abstract
8604 ctx.transfer_syntaxes = tsf1_list
8605
8606 ack0 = self.do_generic_bind(call_id=0, ctx=ctx)
8607
8608 is_server_listening = samba.dcerpc.mgmt.is_server_listening()
8609
8610 max_num_auth_str = samba.tests.env_get_var_value('MAX_NUM_AUTH', allow_missing=True)
8611 if max_num_auth_str is not None:
8612 max_num_auth = int(max_num_auth_str)
8613 else:
8614 max_num_auth = 2049
8615
8616 for i in range(1, max_num_auth+2):
8617 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
8618 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
8619 auth_context_id = i
8620
8621 auth_context = self.get_auth_context_creds(creds=creds,
8622 auth_type=auth_type,
8623 auth_level=auth_level,
8624 auth_context_id=auth_context_id,
8625 hdr_signing=False)
8626
8627 alter_fault = None
8628 if i > max_num_auth:
8629 alter_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
8630
8631 ack = self.do_generic_bind(call_id=auth_context_id,
8632 ctx=ctx,
8633 auth_context=auth_context,
8634 assoc_group_id = ack0.u.assoc_group_id,
8635 alter_fault=alter_fault,
8636 start_with_alter=True,
8637 )
8638 if alter_fault is not None:
8639 break
8640
8641
8642 self.do_single_request(call_id=auth_context_id,
8643 ctx=ctx, io=is_server_listening,
8644 auth_context=auth_context)
8645
8646 # wait for a disconnect
8647 rep = self.recv_pdu()
8648 self.assertIsNone(rep)
8649 self.assertNotConnected()
8650 return
8651
8652 def _test_schannel_invalid_with_args(self,
8653 pktype,
8654 tail_padding):
8655
8656 ndr32 = base.transfer_syntax_ndr()
8657 lsarpc_syntax = samba.dcerpc.lsa.abstract_syntax()
8658
8659 self.epmap_reconnect(lsarpc_syntax)
8660
8661 if pktype == dcerpc.DCERPC_PKT_AUTH3:
8662 max_auth_length=4096
8663 max_xmit_frag=self.max_xmit_frag
8664 else:
8665 max_auth_length=0xffff
8666 max_xmit_frag=0xffff
8667
8668 tsf1_list = [ndr32]
8669 ctx1 = dcerpc.ctx_list()
8670 ctx1.context_id = 1
8671 ctx1.num_transfer_syntaxes = len(tsf1_list)
8672 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
8673 ctx1.transfer_syntaxes = tsf1_list
8674 ctx_list = [ctx1]
8675
8676 auth_type = dcerpc.DCERPC_AUTH_TYPE_SCHANNEL
8677 auth_level = dcerpc.DCERPC_AUTH_LEVEL_PRIVACY
8678 auth_context_id = 1
8679
8680 nl_auth = schannel.NL_AUTH_MESSAGE()
8681 nl_auth.MessageType = schannel.NL_NEGOTIATE_REQUEST
8682 nl_auth.Flags = 0
8683
8684 nl_auth.Flags |= schannel.NL_FLAG_OEM_NETBIOS_DOMAIN_NAME
8685 nl_auth.oem_netbios_domain = "NBDOMAIN"
8686
8687 nl_auth.Flags |= schannel.NL_FLAG_OEM_NETBIOS_COMPUTER_NAME
8688 nl_auth.oem_netbios_computer = "RAWCOMPUTER"
8689
8690 nl_auth.Flags |= schannel.NL_FLAG_UTF8_DNS_DOMAIN_NAME
8691 nl_auth.utf8_dns_domain = "DNS.DOMAIN"
8692
8693 nl_auth.Flags |= schannel.NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME
8694 nl_auth.utf8_netbios_computer = "RAWCOMPUTER"
8695
8696 to_server = samba.ndr.ndr_pack(nl_auth)
8697
8698 auth_info = self.generate_auth(auth_type=auth_type,
8699 auth_level=auth_level,
8700 auth_context_id=auth_context_id,
8701 auth_blob=to_server)
8702
8703 if pktype != dcerpc.DCERPC_PKT_BIND:
8704 req = self.generate_bind(call_id=1,
8705 ctx_list=ctx_list)
8706 self.send_pdu(req)
8707 rep = self.recv_pdu()
8708 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
8709 auth_length=0)
8710 self.assertEqual(rep.u.max_xmit_frag, req.u.max_xmit_frag)
8711 self.assertEqual(rep.u.max_recv_frag, req.u.max_recv_frag)
8712 self.assertNotEqual(rep.u.assoc_group_id, req.u.assoc_group_id)
8713 sda_str = self.secondary_address
8714 sda_len = len(sda_str) + 1
8715 mod_len = (2 + sda_len) % 4
8716 if mod_len != 0:
8717 sda_pad = 4 - mod_len
8718 else:
8719 sda_pad = 0
8720 self.assertEqual(rep.u.secondary_address_size, sda_len)
8721 self.assertEqual(rep.u.secondary_address, sda_str)
8722 self.assertPadding(rep.u._pad1, sda_pad)
8723 self.assertEqual(rep.u.num_results, 1)
8724 self.assertEqual(rep.u.ctx_list[0].result,
8725 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
8726 self.assertEqual(rep.u.ctx_list[0].reason,
8727 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
8728 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
8729
8730 if pktype == dcerpc.DCERPC_PKT_AUTH3:
8731 req = self.generate_auth3(call_id=2,
8732 auth_info=auth_info)
8733 expected_fault = dcerpc.DCERPC_NCA_S_PROTO_ERROR
8734 else:
8735 req = self.generate_alter(call_id=2,
8736 ctx_list=ctx_list,
8737 auth_info=auth_info)
8738 expected_fault = dcerpc.DCERPC_FAULT_ACCESS_DENIED
8739 else:
8740 req = self.generate_bind(call_id=1,
8741 ctx_list=ctx_list,
8742 auth_info=auth_info)
8743 req_pdu = self._add_auth_padding(req,
8744 tail_padding=tail_padding,
8745 max_auth_length=max_auth_length,
8746 max_xmit_frag=max_xmit_frag)
8747 self.send_pdu_blob(req_pdu)
8748 rep = self.recv_pdu()
8749 if pktype != dcerpc.DCERPC_PKT_BIND:
8750 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
8751 pfc_flags=req.pfc_flags |
8752 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
8753 auth_length=0)
8754 self.assertNotEqual(rep.u.alloc_hint, 0)
8755 self.assertEqual(rep.u.context_id, 0)
8756 self.assertEqual(rep.u.cancel_count, 0)
8757 self.assertEqual(rep.u.flags, 0)
8758 self.assertEqual(rep.u.status, expected_fault)
8759 self.assertEqual(rep.u.reserved, 0)
8760 self.assertEqual(len(rep.u.error_and_verifier), 0)
8761 else:
8762 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
8763 auth_length=0)
8764 self.assertEqual(rep.u.reject_reason,
8765 dcerpc.DCERPC_BIND_NAK_REASON_INVALID_CHECKSUM)
8766 self.assertEqual(rep.u.num_versions, 1)
8767 self.assertEqual(rep.u.versions[0].rpc_vers, req.rpc_vers)
8768 self.assertEqual(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
8769 self.assertPadding(rep.u._pad, 3)
8770
8771 # wait for a disconnect
8772 rep = self.recv_pdu()
8773 self.assertIsNone(rep)
8774 self.assertNotConnected()
8775
8776 @classmethod
8777 def _setup_test_schannel_invalid(cls):
8778 pktype_methods = {
8779 "bind": dcerpc.DCERPC_PKT_BIND,
8780 "alter": dcerpc.DCERPC_PKT_ALTER,
8781 "auth3": dcerpc.DCERPC_PKT_AUTH3,
8782 }
8783 paddings = {
8784 "no_padding": False,
8785 "tail_padding": True,
8786 }
8787
8788 for pktype_method in pktype_methods.keys():
8789 for padding in paddings.keys():
8790 tname = "%s_%s" % (
8791 pktype_method,
8792 padding,
8793 )
8794 targs = (
8795 pktype_methods[pktype_method],
8796 paddings[padding],
8797 )
8798 cls.generate_dynamic_test("test_schannel_invalid",
8799 tname, *targs)
8800 return
8801
8802
8803 if __name__ == "__main__":
8804 global_ndr_print = True
8805 global_hexdump = True
8806 import unittest
8807 unittest.main()
GSS-enabled samba4