summaryrefslogtreecommitdiff
path: root/source4/torture/rpc/drsuapi_cracknames.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/torture/rpc/drsuapi_cracknames.c')
-rw-r--r--source4/torture/rpc/drsuapi_cracknames.c433
1 files changed, 136 insertions, 297 deletions
diff --git a/source4/torture/rpc/drsuapi_cracknames.c b/source4/torture/rpc/drsuapi_cracknames.c
index a29010f73be..b1a65179aa8 100644
--- a/source4/torture/rpc/drsuapi_cracknames.c
+++ b/source4/torture/rpc/drsuapi_cracknames.c
@@ -28,14 +28,13 @@
#include "ldb/include/ldb.h"
#include "libcli/security/security.h"
-static BOOL test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, struct torture_context *tctx,
struct DsPrivate *priv, const char *dn,
const char *user_principal_name, const char *service_principal_name)
{
NTSTATUS status;
- BOOL ret = True;
struct drsuapi_DsCrackNames r;
enum drsuapi_DsNameFormat formats[] = {
DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
@@ -70,59 +69,34 @@ static BOOL test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
r.in.req.req1.format_desired = formats[i];
names[0].str = dn;
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
- names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired);
-
- printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+
+ torture_comment(tctx, "testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired);
-
- printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
- ret = False;
- }
+ torture_assert_ntstatus_ok(tctx, status, "dcerpc_drsuapi_DsCrackNames failed");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
- if (!ret) {
- return ret;
- }
switch (formats[i]) {
case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:
- if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE) {
- printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
- r.out.ctr.ctr1->array[0].status);
- return False;
- }
- printf ("(expected) error\n");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE,
+ "Unexpected error: This name lookup should fail");
+ torture_comment(tctx, "(expected) error\n");
break;
case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
- if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) {
- printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
- r.out.ctr.ctr1->array[0].status);
- return False;
- }
- printf ("(expected) error\n");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_NO_MAPPING,
+ "Unexpected error: This name lookup should fail");
+ torture_comment(tctx, "(expected) error\n");
break;
case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:
case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:
- if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR) {
- printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
- r.out.ctr.ctr1->array[0].status);
- return False;
- }
- printf ("(expected) error\n");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status,
+ DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR,
+ "Unexpected error: This name lookup should fail");
+ torture_comment(tctx, "(expected) error\n");
break;
default:
- if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
- printf("Error: %d\n", r.out.ctr.ctr1->array[0].status);
- return False;
- }
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_OK,
+ "Error");
}
switch (formats[i]) {
@@ -138,7 +112,7 @@ static BOOL test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
break;
default:
n_from[i] = r.out.ctr.ctr1->array[0].result_name;
- printf("%s\n", n_from[i]);
+ torture_comment(tctx, "%s\n", n_from[i]);
}
}
@@ -151,25 +125,12 @@ static BOOL test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
continue;
}
names[0].str = n_from[i];
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
- names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired, errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
- names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired,
- win_errstr(r.out.result));
- ret = False;
- }
-
- if (!ret) {
- return ret;
- }
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+ torture_comment(tctx, "testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d",
+ names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired);
+ torture_assert_ntstatus_ok(tctx, status, "DsCrackNames failed");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
+
if (r.out.ctr.ctr1->array[0].status == DRSUAPI_DS_NAME_STATUS_OK) {
n_matrix[i][j] = r.out.ctr.ctr1->array[0].result_name;
} else {
@@ -188,28 +149,22 @@ static BOOL test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
/* we can't map to these two */
} else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL) {
} else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL) {
- } else if (n_matrix[i][j] == NULL && n_from[j] != NULL) {
- printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
- ret = False;
- } else if (n_matrix[i][j] != NULL && n_from[j] == NULL) {
- printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
- ret = False;
- } else if (strcmp(n_matrix[i][j], n_from[j]) != 0) {
- printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
- ret = False;
+ } else {
+ torture_assert_str_equal(tctx, n_matrix[i][j], n_from[j],
+ "dcerpc_drsuapi_DsCrackNames mismatch");
}
}
}
- return ret;
+ return true;
}
-BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct DsPrivate *priv)
+bool test_DsCrackNames(struct torture_context *tctx,
+ struct dcerpc_pipe *p,
+ struct DsPrivate *priv)
{
NTSTATUS status;
struct drsuapi_DsCrackNames r;
struct drsuapi_DsNameString names[1];
- BOOL ret = True;
const char *dns_domain;
const char *nt4_domain;
const char *FQDN_1779_name;
@@ -239,32 +194,18 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
- dom_sid = dom_sid_string(mem_ctx, torture_join_sid(priv->join));
+ dom_sid = dom_sid_string(tctx, torture_join_sid(priv->join));
names[0].str = dom_sid;
printf("testing DsCrackNames with name '%s' desired format:%d\n",
names[0].str, r.in.req.req1.format_desired);
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
- ret = False;
- } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
- printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
- ret = False;
- }
-
- if (!ret) {
- return ret;
- }
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+ torture_assert_ntstatus_ok(tctx, status, "DsCrackNames");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_OK,
+ "DsCrackNames failed on name");
dns_domain = r.out.ctr.ctr1->array[0].dns_domain_name;
nt4_domain = r.out.ctr.ctr1->array[0].result_name;
@@ -274,25 +215,11 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
printf("testing DsCrackNames with name '%s' desired format:%d\n",
names[0].str, r.in.req.req1.format_desired);
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
- ret = False;
- } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
- printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
- ret = False;
- }
-
- if (!ret) {
- return ret;
- }
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+ torture_assert_ntstatus_ok(tctx, status, "dcerpc_drsuapi_DsCrackNames failed");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_OK,
+ "DsCrackNames failed on name");
priv->domain_dns_name = r.out.ctr.ctr1->array[0].dns_domain_name;
priv->domain_guid_str = r.out.ctr.ctr1->array[0].result_name;
@@ -300,108 +227,56 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
- printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ torture_comment(tctx, "testing DsCrackNames with name '%s' desired format:%d\n",
names[0].str, r.in.req.req1.format_desired);
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
- ret = False;
- } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
- printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
- ret = False;
- }
-
- if (!ret) {
- return ret;
- }
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+ torture_assert_ntstatus_ok(tctx, status, "dcerpc_drsuapi_DsCrackNames failed");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_OK,
+ "DsCrackNames failed on name");
- ldb = ldb_init(mem_ctx);
+ ldb = ldb_init(tctx);
realm_dn_str = r.out.ctr.ctr1->array[0].result_name;
- realm_dn = ldb_dn_new(mem_ctx, ldb, realm_dn_str);
- realm_canonical = ldb_dn_canonical_string(mem_ctx, realm_dn);
-
- if (strcmp(realm_canonical,
- talloc_asprintf(mem_ctx, "%s/", dns_domain))!= 0) {
- printf("local Round trip on canonical name failed: %s != %s!\n",
- realm_canonical,
- talloc_asprintf(mem_ctx, "%s/", dns_domain));
- return False;
- };
+ realm_dn = ldb_dn_new(tctx, ldb, realm_dn_str);
+ realm_canonical = ldb_dn_canonical_string(tctx, realm_dn);
- realm_canonical_ex = ldb_dn_canonical_ex_string(mem_ctx, realm_dn);
+ torture_assert_str_equal(tctx, realm_canonical,
+ talloc_asprintf(tctx, "%s/", dns_domain), "local Round trip on canonical name failed");
- if (strcmp(realm_canonical_ex,
- talloc_asprintf(mem_ctx, "%s\n", dns_domain))!= 0) {
- printf("local Round trip on canonical ex name failed: %s != %s!\n",
- realm_canonical,
- talloc_asprintf(mem_ctx, "%s\n", dns_domain));
- return False;
- };
+ realm_canonical_ex = ldb_dn_canonical_ex_string(tctx, realm_dn);
+
+ torture_assert_str_equal(tctx, realm_canonical_ex, talloc_asprintf(tctx, "%s\n", dns_domain),
+ "local Round trip on canonical ex name failed");
r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
names[0].str = nt4_domain;
- printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ torture_comment(tctx, "testing DsCrackNames with name '%s' desired format:%d\n",
names[0].str, r.in.req.req1.format_desired);
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
- ret = False;
- } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
- printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
- ret = False;
- }
-
- if (!ret) {
- return ret;
- }
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+ torture_assert_ntstatus_ok(tctx, status, "dcerpc_drsuapi_DsCrackNames failed");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_OK,
+ "DsCrackNames failed on name");
priv->domain_obj_dn = r.out.ctr.ctr1->array[0].result_name;
r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
- names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc);
+ names[0].str = talloc_asprintf(tctx, "%s%s$", nt4_domain, test_dc);
- printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ torture_comment(tctx, "testing DsCrackNames with name '%s' desired format:%d\n",
names[0].str, r.in.req.req1.format_desired);
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
- ret = False;
- } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
- printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
- ret = False;
- }
-
- if (!ret) {
- return ret;
- }
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+ torture_assert_ntstatus_ok(tctx, status, "dcerpc_drsuapi_DsCrackNames failed");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_OK,
+ "DsCrackNames failed on name");
FQDN_1779_name = r.out.ctr.ctr1->array[0].result_name;
@@ -409,47 +284,31 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
names[0].str = priv->domain_guid_str;
- printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ torture_comment(tctx, "testing DsCrackNames with name '%s' desired format:%d\n",
names[0].str, r.in.req.req1.format_desired);
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
- ret = False;
- } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
- printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
- ret = False;
- }
-
- if (!ret) {
- return ret;
- }
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+ torture_assert_ntstatus_ok(tctx, status, "dcerpc_drsuapi_DsCrackNames failed");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status, DRSUAPI_DS_NAME_STATUS_OK,
+ "DsCrackNames failed on name");
- if (strcmp(priv->domain_dns_name, r.out.ctr.ctr1->array[0].dns_domain_name) != 0) {
- printf("DsCrackNames failed to return same DNS name - expected %s got %s\n", priv->domain_dns_name, r.out.ctr.ctr1->array[0].dns_domain_name);
- return False;
- }
+ torture_assert_str_equal(tctx, priv->domain_dns_name, r.out.ctr.ctr1->array[0].dns_domain_name,
+ "DsCrackNames failed to return same DNS name");
- FQDN_1779_dn = ldb_dn_new(mem_ctx, ldb, FQDN_1779_name);
+ FQDN_1779_dn = ldb_dn_new(tctx, ldb, FQDN_1779_name);
- canonical_name = ldb_dn_canonical_string(mem_ctx, FQDN_1779_dn);
- canonical_ex_name = ldb_dn_canonical_ex_string(mem_ctx, FQDN_1779_dn);
+ canonical_name = ldb_dn_canonical_string(tctx, FQDN_1779_dn);
+ canonical_ex_name = ldb_dn_canonical_ex_string(tctx, FQDN_1779_dn);
- user_principal_name = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, dns_domain);
+ user_principal_name = talloc_asprintf(tctx, "%s$@%s", test_dc, dns_domain);
/* form up a user@DOMAIN */
- user_principal_name_short = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, nt4_domain);
+ user_principal_name_short = talloc_asprintf(tctx, "%s$@%s", test_dc, nt4_domain);
/* variable nt4_domain includs a trailing \ */
user_principal_name_short[strlen(user_principal_name_short) - 1] = '\0';
- service_principal_name = talloc_asprintf(mem_ctx, "HOST/%s", test_dc);
+ service_principal_name = talloc_asprintf(tctx, "HOST/%s", test_dc);
{
struct {
@@ -462,7 +321,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
enum drsuapi_DsNameStatus status;
enum drsuapi_DsNameStatus alternate_status;
enum drsuapi_DsNameFlags flags;
- BOOL skip;
+ bool skip;
} crack[] = {
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
@@ -494,7 +353,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "cifs/%s.%s", test_dc, dns_domain),
+ .str = talloc_asprintf(tctx, "cifs/%s.%s", test_dc, dns_domain),
.comment = "ServicePrincipal Name",
.expected_str = FQDN_1779_name,
.status = DRSUAPI_DS_NAME_STATUS_OK
@@ -570,7 +429,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
.str = priv->domain_guid_str,
.comment = "Domain GUID to Canonical",
- .expected_str = talloc_asprintf(mem_ctx, "%s/", dns_domain),
+ .expected_str = talloc_asprintf(tctx, "%s/", dns_domain),
.status = DRSUAPI_DS_NAME_STATUS_OK
},
{
@@ -578,7 +437,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
.str = priv->domain_guid_str,
.comment = "Domain GUID to Canonical EX",
- .expected_str = talloc_asprintf(mem_ctx, "%s\n", dns_domain),
+ .expected_str = talloc_asprintf(tctx, "%s\n", dns_domain),
.status = DRSUAPI_DS_NAME_STATUS_OK
},
{
@@ -593,7 +452,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = GUID_string2(mem_ctx, torture_join_user_guid(priv->join)),
+ .str = GUID_string2(tctx, torture_join_user_guid(priv->join)),
.comment = "Account GUID -> DN",
.expected_str = FQDN_1779_name,
.status = DRSUAPI_DS_NAME_STATUS_OK
@@ -601,15 +460,15 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
- .str = GUID_string2(mem_ctx, torture_join_user_guid(priv->join)),
+ .str = GUID_string2(tctx, torture_join_user_guid(priv->join)),
.comment = "Account GUID -> NT4 Account",
- .expected_str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc),
+ .expected_str = talloc_asprintf(tctx, "%s%s$", nt4_domain, test_dc),
.status = DRSUAPI_DS_NAME_STATUS_OK
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = GUID_string2(mem_ctx, &priv->dcinfo.site_guid),
+ .str = GUID_string2(tctx, &priv->dcinfo.site_guid),
.comment = "Site GUID",
.expected_str = priv->dcinfo.site_dn,
.status = DRSUAPI_DS_NAME_STATUS_OK
@@ -617,7 +476,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid),
+ .str = GUID_string2(tctx, &priv->dcinfo.computer_guid),
.comment = "Computer GUID",
.expected_str = priv->dcinfo.computer_dn,
.status = DRSUAPI_DS_NAME_STATUS_OK
@@ -625,14 +484,14 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
- .str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid),
+ .str = GUID_string2(tctx, &priv->dcinfo.computer_guid),
.comment = "Computer GUID -> NT4 Account",
.status = DRSUAPI_DS_NAME_STATUS_OK
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = GUID_string2(mem_ctx, &priv->dcinfo.server_guid),
+ .str = GUID_string2(tctx, &priv->dcinfo.server_guid),
.comment = "Server GUID",
.expected_str = priv->dcinfo.server_dn,
.status = DRSUAPI_DS_NAME_STATUS_OK
@@ -640,7 +499,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = GUID_string2(mem_ctx, &priv->dcinfo.ntds_guid),
+ .str = GUID_string2(tctx, &priv->dcinfo.ntds_guid),
.comment = "NTDS GUID",
.expected_str = priv->dcinfo.ntds_dn,
.status = DRSUAPI_DS_NAME_STATUS_OK,
@@ -656,7 +515,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "krbtgt/%s", dns_domain),
+ .str = talloc_asprintf(tctx, "krbtgt/%s", dns_domain),
.comment = "Looking for KRBTGT as a serivce principal",
.status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
.expected_dns = dns_domain
@@ -664,7 +523,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "bogus/%s", dns_domain),
+ .str = talloc_asprintf(tctx, "bogus/%s", dns_domain),
.comment = "Looking for bogus serivce principal",
.status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
.expected_dns = dns_domain
@@ -672,30 +531,30 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "bogus/%s.%s", test_dc, dns_domain),
+ .str = talloc_asprintf(tctx, "bogus/%s.%s", test_dc, dns_domain),
.comment = "Looking for bogus serivce on test DC",
.status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
- .expected_dns = talloc_asprintf(mem_ctx, "%s.%s", test_dc, dns_domain)
+ .expected_dns = talloc_asprintf(tctx, "%s.%s", test_dc, dns_domain)
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "krbtgt"),
+ .str = talloc_asprintf(tctx, "krbtgt"),
.status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.comment = "Looking for the kadmin/changepw service as a serivce principal",
- .str = talloc_asprintf(mem_ctx, "kadmin/changepw"),
+ .str = talloc_asprintf(tctx, "kadmin/changepw"),
.status = DRSUAPI_DS_NAME_STATUS_OK,
- .expected_str = talloc_asprintf(mem_ctx, "CN=krbtgt,CN=Users,%s", realm_dn_str),
+ .expected_str = talloc_asprintf(tctx, "CN=krbtgt,CN=Users,%s", realm_dn_str),
.alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s",
+ .str = talloc_asprintf(tctx, "cifs/%s.%s@%s",
test_dc, dns_domain,
dns_domain),
.status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
@@ -703,7 +562,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s",
+ .str = talloc_asprintf(tctx, "cifs/%s.%s@%s",
test_dc, dns_domain,
"BOGUS"),
.status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
@@ -712,7 +571,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s",
+ .str = talloc_asprintf(tctx, "cifs/%s.%s@%s",
test_dc, "REALLY",
"BOGUS"),
.status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
@@ -721,14 +580,14 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "cifs/%s.%s",
+ .str = talloc_asprintf(tctx, "cifs/%s.%s",
test_dc, dns_domain),
.status = DRSUAPI_DS_NAME_STATUS_OK
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
- .str = talloc_asprintf(mem_ctx, "cifs/%s",
+ .str = talloc_asprintf(tctx, "cifs/%s",
test_dc),
.status = DRSUAPI_DS_NAME_STATUS_OK
},
@@ -775,21 +634,21 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.comment = "BIND GUID (ie, not in the directory)",
- .str = GUID_string2(mem_ctx, &priv->bind_guid),
+ .str = GUID_string2(tctx, &priv->bind_guid),
.status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.comment = "Unqualified Machine account as user principal",
- .str = talloc_asprintf(mem_ctx, "%s$", test_dc),
+ .str = talloc_asprintf(tctx, "%s$", test_dc),
.status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.comment = "Machine account as service principal",
- .str = talloc_asprintf(mem_ctx, "%s$", test_dc),
+ .str = talloc_asprintf(tctx, "%s$", test_dc),
.status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
},
{
@@ -803,7 +662,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.comment = "Realm as an NT4 domain lookup",
- .str = talloc_asprintf(mem_ctx, "%s\\", dns_domain),
+ .str = talloc_asprintf(tctx, "%s\\", dns_domain),
.status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
},
{
@@ -827,7 +686,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.str = SID_BUILTIN,
.comment = "Builtin Domain SID -> DN",
.status = DRSUAPI_DS_NAME_STATUS_OK,
- .expected_str = talloc_asprintf(mem_ctx, "CN=Builtin,%s", realm_dn_str),
+ .expected_str = talloc_asprintf(tctx, "CN=Builtin,%s", realm_dn_str),
.alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
},
{
@@ -874,7 +733,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.comment = "invalid user principal name in valid domain",
- .str = talloc_asprintf(mem_ctx, "invalidusername@%s", dns_domain),
+ .str = talloc_asprintf(tctx, "invalidusername@%s", dns_domain),
.status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
}
};
@@ -888,73 +747,53 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
names[0].str = crack[i].str;
if (crack[i].comment) {
- comment = talloc_asprintf(mem_ctx, "'%s' with name '%s' desired format:%d\n",
+ comment = talloc_asprintf(tctx, "'%s' with name '%s' desired format:%d\n",
crack[i].comment, names[0].str, r.in.req.req1.format_desired);
} else {
- comment = talloc_asprintf(mem_ctx, "'%s' desired format:%d\n",
+ comment = talloc_asprintf(tctx, "'%s' desired format:%d\n",
names[0].str, r.in.req.req1.format_desired);
}
+ torture_comment(tctx, "Running DsCrackNames on %s", comment);
if (crack[i].skip) {
printf("skipping: %s", comment);
continue;
}
- status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
- errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
- }
- printf("dcerpc_drsuapi_DsCrackNames failed on %s - %s\n", comment, errstr);
- ret = False;
- } else if (!W_ERROR_IS_OK(r.out.result)) {
- printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
- ret = False;
- } else if (r.out.ctr.ctr1->array[0].status != crack[i].status) {
+ status = dcerpc_drsuapi_DsCrackNames(p, tctx, &r);
+ torture_assert_ntstatus_ok(tctx, status, "dcerpc_drsuapi_DsCrackNames failed");
+ torture_assert_werr_ok(tctx, r.out.result, "DsCrackNames failed");
+ if (r.out.ctr.ctr1->array[0].status != crack[i].status) {
if (crack[i].alternate_status) {
- if (r.out.ctr.ctr1->array[0].status != crack[i].alternate_status) {
- printf("DsCrackNames unexpected status %d, wanted %d or %d on: %s\n",
- r.out.ctr.ctr1->array[0].status,
- crack[i].status,
- crack[i].alternate_status,
- comment);
- ret = False;
- }
+ torture_assert_int_equal(tctx, r.out.ctr.ctr1->array[0].status,
+ crack[i].alternate_status,
+ "DsCrackNames unexpected status");
} else {
- printf("DsCrackNames unexpected status %d, wanted %d on: %s\n",
- r.out.ctr.ctr1->array[0].status,
- crack[i].status,
- comment);
- ret = False;
+ torture_fail(tctx, "DsCrackNames unexpected status");
}
} else if (crack[i].expected_str
&& (strcmp(r.out.ctr.ctr1->array[0].result_name,
crack[i].expected_str) != 0)) {
if (strcasecmp(r.out.ctr.ctr1->array[0].result_name,
crack[i].expected_str) != 0) {
- printf("DsCrackNames failed - got %s, expected %s on %s\n",
+ torture_comment(tctx, "DsCrackNames failed - got %s, expected %s on %s\n",
r.out.ctr.ctr1->array[0].result_name,
crack[i].expected_str, comment);
- ret = False;
+ return False;
} else {
- printf("(warning) DsCrackNames returned different case - got %s, expected %s on %s\n",
+ torture_comment(tctx,
+ "(warning) DsCrackNames returned different case - got %s, expected %s on %s\n",
r.out.ctr.ctr1->array[0].result_name,
crack[i].expected_str, comment);
}
- } else if (crack[i].expected_dns
- && (strcmp(r.out.ctr.ctr1->array[0].dns_domain_name,
- crack[i].expected_dns) != 0)) {
- printf("DsCrackNames failed - got DNS name %s, expected %s on %s\n",
- r.out.ctr.ctr1->array[0].result_name,
- crack[i].expected_str, comment);
- ret = False;
- }
+ } else if (crack[i].expected_dns)
+ torture_assert_str_equal(tctx, r.out.ctr.ctr1->array[0].dns_domain_name,
+ crack[i].expected_dns, "DsCrackNames failed");
}
}
- if (!test_DsCrackNamesMatrix(p, mem_ctx, priv, FQDN_1779_name,
+ if (!test_DsCrackNamesMatrix(p, tctx, priv, FQDN_1779_name,
user_principal_name, service_principal_name)) {
- ret = False;
+ return false;
}
- return ret;
+ return true;
}