svn commit: samba r6765 - in branches/SAMBA_4_0/source/torture/ldap: .

Fri May 13 06:10:10 GMT 2005

Author: tridge
Date: 2005-05-13 06:10:10 +0000 (Fri, 13 May 2005)
New Revision: 6765

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6765

Log:
expanded the cldap test suite to test the usage of the DomainGuid,
AAC, and User attributes in cldap netlogon queries

interestingly, while WinXP generated cldap filters with these set, the
w2k3 cldap server seems to completely ignore them, so I didn't need to
alter our cldap server at all to pass the test :-)

Modified:
   branches/SAMBA_4_0/source/torture/ldap/cldap.c


Changeset:
Modified: branches/SAMBA_4_0/source/torture/ldap/cldap.c
===================================================================

--- branches/SAMBA_4_0/source/torture/ldap/cldap.c	2005-05-13 06:08:49 UTC (rev 6764)
+++ branches/SAMBA_4_0/source/torture/ldap/cldap.c	2005-05-13 06:10:10 UTC (rev 6765)
@@ -26,7 +26,15 @@
 #include "libcli/ldap/ldap.h"
 #include "lib/events/events.h"
 
+#define CHECK_STATUS(status, correct) do { \
+	if (!NT_STATUS_EQUAL(status, correct)) { \
+		printf("(%s) Incorrect status %s - should be %s\n", \
+		       __location__, nt_errstr(status), nt_errstr(correct)); \
+		ret = False; \
+		goto done; \
+	}} while (0)
 
+
 /*
   test netlogon operations
 */
@@ -35,27 +43,74 @@
 	struct cldap_socket *cldap = cldap_socket_init(mem_ctx, NULL);
 	NTSTATUS status;
 	struct cldap_netlogon search;
+	union nbt_cldap_netlogon n1;
+	struct GUID guid;
 	int i;
+	BOOL ret = True;
 
 	search.in.dest_address = dest;
 	search.in.realm        = lp_realm();
 	search.in.host         = lp_netbios_name();
+	search.in.user         = NULL;
+	search.in.domain_guid  = NULL;
+	search.in.domain_sid   = NULL;
+	search.in.acct_control = -1;
 
+	printf("Scanning for netlogon levels\n");
 	for (i=0;i<256;i++) {
 		search.in.version = i;
 		printf("Trying netlogon level %d\n", i);
 		status = cldap_netlogon(cldap, mem_ctx, &search);
-		if (!NT_STATUS_IS_OK(status)) {
-			printf("netlogon[%d] failed - %s\n", i, nt_errstr(status));
-		} else {
+		CHECK_STATUS(status, NT_STATUS_OK);
+		if (DEBUGLVL(10)) {
 			NDR_PRINT_UNION_DEBUG(nbt_cldap_netlogon, i & 0xF, 
 					      &search.out.netlogon);
 		}
 	}
 
-	printf("cldap_search gave %s\n", nt_errstr(status));
+	search.in.version = 6;
+	status = cldap_netlogon(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+	n1 = search.out.netlogon;
 
-	return True;	
+	printf("Trying with User=Administrator\n");
+
+	search.in.user = "Administrator";
+	status = cldap_netlogon(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+
+	printf("Trying with a GUID\n");
+	search.in.domain_guid = GUID_string(mem_ctx, &n1.logon4.domain_uuid);
+	status = cldap_netlogon(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+
+	printf("Trying with a incorrect GUID\n");
+	guid = GUID_random();
+	search.in.user        = NULL;
+	search.in.domain_guid = GUID_string(mem_ctx, &guid);
+	status = cldap_netlogon(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+
+	printf("Trying with a incorrect domain\n");
+	search.in.realm       = "test.example.com";
+	search.in.domain_guid = NULL;
+	status = cldap_netlogon(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
+
+	printf("Trying with a AAC\n");
+	search.in.acct_control = 0x180;
+	search.in.realm = lp_realm();
+	status = cldap_netlogon(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+
+	printf("Trying with a bad AAC\n");
+	search.in.acct_control = 0xFF00FF00;
+	search.in.realm = lp_realm();
+	status = cldap_netlogon(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+
+done:
+	return ret;	
 }
 
 BOOL torture_cldap(void)

