svn commit: samba r15912 - in branches/SAMBA_4_0/source/torture/rpc: .

Sat May 27 21:39:57 GMT 2006

Author: vlendec
Date: 2006-05-27 21:39:56 +0000 (Sat, 27 May 2006)
New Revision: 15912

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15912

Log:
Run an rpc request with an invalid uid and make sure NT_STATUS_INVALID_HANDLE
is returned.

Volker

Modified:
   branches/SAMBA_4_0/source/torture/rpc/bind.c
   branches/SAMBA_4_0/source/torture/rpc/rpc.c


Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/bind.c
===================================================================

--- branches/SAMBA_4_0/source/torture/rpc/bind.c	2006-05-27 21:38:54 UTC (rev 15911)
+++ branches/SAMBA_4_0/source/torture/rpc/bind.c	2006-05-27 21:39:56 UTC (rev 15912)
@@ -24,9 +24,13 @@
 #include "includes.h"
 #include "torture/torture.h"
 #include "librpc/gen_ndr/ndr_lsa.h"
+#include "librpc/gen_ndr/ndr_lsa_c.h"
 #include "lib/cmdline/popt_common.h"
 #include "librpc/rpc/dcerpc.h"
 #include "torture/rpc/rpc.h"
+#include "libcli/libcli.h"
+#include "libcli/composite/composite.h"
+#include "libcli/smb_composite/smb_composite.h"
 
 /*
   This test is 'bogus' in that it doesn't actually perform to the
@@ -78,3 +82,126 @@
 
 	return ret;
 }
+
+BOOL torture_bind_authcontext(struct torture_context *torture) 
+{
+	TALLOC_CTX *mem_ctx;
+	NTSTATUS status;
+	BOOL ret = False;
+	struct lsa_ObjectAttribute objectattr;
+	struct lsa_OpenPolicy2 openpolicy;
+	struct policy_handle handle;
+	struct lsa_Close close;
+	struct smbcli_session *tmp;
+	struct smbcli_session *session2;
+	struct smbcli_state *cli;
+	struct dcerpc_pipe *lsa_pipe;
+	struct cli_credentials *anon_creds;
+	struct smb_composite_sesssetup setup;
+
+	mem_ctx = talloc_init("torture_bind_auth");
+
+	if (mem_ctx == NULL) {
+		d_printf("talloc_init failed\n");
+		return False;
+	}
+
+	status = smbcli_full_connection(mem_ctx, &cli,
+					lp_parm_string(-1, "torture", "host"),
+					"IPC$", NULL, cmdline_credentials,
+					NULL);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("smbcli_full_connection failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	lsa_pipe = dcerpc_pipe_init(mem_ctx, cli->transport->socket->event.ctx);
+	if (lsa_pipe == NULL) {
+		d_printf("dcerpc_pipe_init failed\n");
+		goto done;
+	}
+
+	status = dcerpc_pipe_open_smb(lsa_pipe->conn, cli->tree, "\\lsarpc");
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("dcerpc_pipe_open_smb failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	status = dcerpc_bind_auth_none(lsa_pipe, &dcerpc_table_lsarpc);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("dcerpc_bind_auth_none failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	openpolicy.in.system_name =talloc_asprintf(
+		mem_ctx, "\\\\%s", dcerpc_server_name(lsa_pipe));
+	ZERO_STRUCT(objectattr);
+	openpolicy.in.attr = &objectattr;
+	openpolicy.in.access_mask = SEC_GENERIC_WRITE;
+	openpolicy.out.handle = &handle;
+
+	status = dcerpc_lsa_OpenPolicy2(lsa_pipe, mem_ctx, &openpolicy);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("dcerpc_lsa_OpenPolicy2 failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	close.in.handle = &handle;
+	close.out.handle = &handle;
+
+	status = dcerpc_lsa_Close(lsa_pipe, mem_ctx, &close);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("dcerpc_lsa_Close failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	session2 = smbcli_session_init(cli->transport, mem_ctx, False);
+	if (session2 == NULL) {
+		d_printf("smbcli_session_init failed\n");
+		goto done;
+	}
+
+	anon_creds = cli_credentials_init(mem_ctx);
+	if (anon_creds == NULL) {
+		d_printf("cli_credentials_init failed\n");
+		goto done;
+	}
+
+	cli_credentials_set_conf(anon_creds);
+	cli_credentials_set_anonymous(anon_creds);
+
+	setup.in.sesskey = cli->transport->negotiate.sesskey;
+	setup.in.capabilities = cli->transport->negotiate.capabilities;
+	setup.in.workgroup = "";
+	setup.in.credentials = anon_creds;
+
+	status = smb_composite_sesssetup(session2, &setup);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("anon session setup failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	tmp = cli->tree->session;
+	cli->tree->session = session2;
+
+	status = dcerpc_lsa_OpenPolicy2(lsa_pipe, mem_ctx, &openpolicy);
+
+	if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_HANDLE)) {
+		d_printf("dcerpc_lsa_OpenPolicy2 with wrong vuid gave %s, "
+			 "expected NT_STATUS_INVALID_HANDLE\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	ret = True;
+ done:
+	talloc_free(mem_ctx);
+	return ret;
+}

Modified: branches/SAMBA_4_0/source/torture/rpc/rpc.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/rpc.c	2006-05-27 21:38:54 UTC (rev 15911)
+++ branches/SAMBA_4_0/source/torture/rpc/rpc.c	2006-05-27 21:39:56 UTC (rev 15912)
@@ -122,6 +122,7 @@
 	register_torture_op("RPC-AUTOIDL", torture_rpc_autoidl, 0);
 	register_torture_op("RPC-COUNTCALLS", torture_rpc_countcalls, 0);
 	register_torture_op("RPC-MULTIBIND", torture_multi_bind, 0);
+	register_torture_op("RPC-AUTHCONTEXT", torture_bind_authcontext, 0);
 	register_torture_op("RPC-DRSUAPI", torture_rpc_drsuapi, 0);
 	register_torture_op("RPC-CRACKNAMES", torture_rpc_drsuapi_cracknames, 0);
 	register_torture_op("RPC-ROT", torture_rpc_rot, 0);

