svn commit: samba r13380 - in branches/SAMBA_4_0/source: script/tests torture/rpc

abartlet at samba.org abartlet at samba.org
Tue Feb 7 23:30:51 GMT 2006 

Author: abartlet
Date: 2006-02-07 23:30:50 +0000 (Tue, 07 Feb 2006)
New Revision: 13380

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13380

Log:
Drop the socket, then try SAMR operations secured with netlogon on the new socket.

We should also test netlogon operations, but there are issues with
what state is expected to be stored (far more than we currently do).

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/script/tests/test_rpc_quick.sh
   branches/SAMBA_4_0/source/torture/rpc/schannel.c


Changeset:
Modified: branches/SAMBA_4_0/source/script/tests/test_rpc_quick.sh
===================================================================
--- branches/SAMBA_4_0/source/script/tests/test_rpc_quick.sh	2006-02-07 23:30:31 UTC (rev 13379)
+++ branches/SAMBA_4_0/source/script/tests/test_rpc_quick.sh	2006-02-07 23:30:50 UTC (rev 13380)
@@ -2,9 +2,9 @@
 
 # add tests to this list as they start passing, so we test
 # that they stay passing
-ncacn_np_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO"
-ncalrpc_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO"
-ncacn_ip_tcp_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO"
+ncacn_np_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO RPC-SCHANNEL"
+ncalrpc_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO RPC-SCHANNEL"
+ncacn_ip_tcp_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO RPC-SCHANNEL"
 
 if [ $# -lt 4 ]; then
 cat <<EOF

Modified: branches/SAMBA_4_0/source/torture/rpc/schannel.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/schannel.c	2006-02-07 23:30:31 UTC (rev 13379)
+++ branches/SAMBA_4_0/source/torture/rpc/schannel.c	2006-02-07 23:30:50 UTC (rev 13380)
@@ -157,6 +157,7 @@
 	struct dcerpc_binding *b;
 	struct dcerpc_pipe *p = NULL;
 	struct dcerpc_pipe *p_netlogon = NULL;
+	struct dcerpc_pipe *p_samr2 = NULL;
 	struct dcerpc_pipe *p_lsa = NULL;
 	struct creds_CredentialState *creds;
 	struct cli_credentials *credentials;
@@ -256,6 +257,34 @@
 		ret = False;
 	}
 
+	/* Drop the socket, we want to start from scratch */
+	talloc_free(p);
+	p = NULL;
+
+	/* Now see what we are still allowed to do */
+	
+	status = dcerpc_parse_binding(test_ctx, binding, &b);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("Bad binding string %s\n", binding);
+		goto failed;
+	}
+
+	b->flags &= ~DCERPC_AUTH_OPTIONS;
+	b->flags |= dcerpc_flags;
+
+	status = dcerpc_pipe_connect_b(test_ctx, &p_samr2, b, &dcerpc_table_samr,
+				       credentials, NULL);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("Failed to connect with schannel: %s\n", nt_errstr(status));
+		goto failed;
+	}
+
+	/* do a couple of logins.  We have *not* done a new serverauthenticate */
+	if (!test_samr_ops(p_samr2, test_ctx)) {
+		printf("Failed to process schannel secured SAMR ops (on fresh connection)\n");
+		ret = False;
+	}
+
 	torture_leave_domain(join_ctx);
 	talloc_free(test_ctx);
 	return ret;

More information about the samba-cvs mailing list