2003-11-28 08:51:09 +00:00
/*
Unix SMB / CIFS implementation .
auto - idl scanner
Copyright ( C ) Andrew Tridgell 2003
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 02:07:03 +00:00
the Free Software Foundation ; either version 3 of the License , or
2003-11-28 08:51:09 +00:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 02:07:03 +00:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2003-11-28 08:51:09 +00:00
*/
# include "includes.h"
2006-01-03 13:41:17 +00:00
# include "torture/torture.h"
2006-03-14 23:35:30 +00:00
# include "librpc/gen_ndr/ndr_drsuapi_c.h"
2005-07-28 00:27:28 +00:00
# include "librpc/gen_ndr/ndr_misc.h"
2007-08-21 19:35:43 +00:00
# include "librpc/ndr/ndr_table.h"
2006-03-14 15:02:05 +00:00
# include "torture/rpc/rpc.h"
2008-04-02 04:53:27 +02:00
# include "librpc/rpc/dcerpc_proto.h"
2003-11-28 08:51:09 +00:00
2004-09-21 07:32:01 +00:00
# if 1
2004-04-18 03:57:51 +00:00
/*
2004-09-21 07:32:01 +00:00
get a DRSUAPI policy handle
*/
2007-10-06 22:28:14 +00:00
static bool get_policy_handle ( struct dcerpc_pipe * p ,
2004-09-21 07:32:01 +00:00
TALLOC_CTX * mem_ctx ,
struct policy_handle * handle )
{
NTSTATUS status ;
2004-10-10 01:30:54 +00:00
struct drsuapi_DsBind r ;
2004-09-21 07:32:01 +00:00
ZERO_STRUCT ( r ) ;
2004-10-10 01:30:54 +00:00
r . out . bind_handle = handle ;
2004-09-21 07:32:01 +00:00
2004-10-10 01:30:54 +00:00
status = dcerpc_drsuapi_DsBind ( p , mem_ctx , & r ) ;
2004-09-21 07:32:01 +00:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-10-10 01:30:54 +00:00
printf ( " drsuapi_DsBind failed - %s \n " , nt_errstr ( status ) ) ;
2007-10-06 22:28:14 +00:00
return false ;
2004-09-21 07:32:01 +00:00
}
2007-10-06 22:28:14 +00:00
return true ;
2004-09-21 07:32:01 +00:00
}
# else
/*
get a SAMR handle
2004-04-18 03:57:51 +00:00
*/
2007-10-06 22:28:14 +00:00
static bool get_policy_handle ( struct dcerpc_pipe * p , TALLOC_CTX * mem_ctx ,
2004-04-18 03:57:51 +00:00
struct policy_handle * handle )
{
NTSTATUS status ;
struct samr_Connect r ;
r . in . system_name = 0 ;
2004-12-02 04:37:36 +00:00
r . in . access_mask = SEC_FLAG_MAXIMUM_ALLOWED ;
2004-09-21 03:51:38 +00:00
r . out . connect_handle = handle ;
2004-04-18 03:57:51 +00:00
status = dcerpc_samr_Connect ( p , mem_ctx , & r ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
printf ( " samr_Connect failed - %s \n " , nt_errstr ( status ) ) ;
2007-10-06 22:28:14 +00:00
return false ;
2004-04-18 03:57:51 +00:00
}
2007-10-06 22:28:14 +00:00
return true ;
2004-04-18 03:57:51 +00:00
}
2004-09-21 07:32:01 +00:00
# endif
2004-04-18 03:57:51 +00:00
static void fill_blob_handle ( DATA_BLOB * blob , TALLOC_CTX * mem_ctx ,
struct policy_handle * handle )
{
DATA_BLOB b2 ;
if ( blob - > length < 20 ) {
return ;
}
2008-01-01 22:05:05 -06:00
ndr_push_struct_blob ( & b2 , mem_ctx , NULL , handle , ( ndr_push_flags_fn_t ) ndr_push_policy_handle ) ;
2004-04-18 03:57:51 +00:00
memcpy ( blob - > data , b2 . data , 20 ) ;
}
2007-12-03 02:58:12 +01:00
static void reopen ( struct torture_context * tctx ,
2005-03-22 08:00:45 +00:00
struct dcerpc_pipe * * p ,
2007-08-19 20:46:45 +00:00
const struct ndr_interface_table * iface )
2003-11-28 08:51:09 +00:00
{
NTSTATUS status ;
2005-03-22 08:00:45 +00:00
talloc_free ( * p ) ;
2003-11-28 08:51:09 +00:00
2007-12-03 02:58:12 +01:00
status = torture_rpc_connection ( tctx , p , iface ) ;
2003-11-28 08:51:09 +00:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
printf ( " Failed to reopen '%s' - %s \n " , iface - > name , nt_errstr ( status ) ) ;
exit ( 1 ) ;
}
}
2004-04-19 05:48:03 +00:00
static void print_depth ( int depth )
{
int i ;
for ( i = 0 ; i < depth ; i + + ) {
printf ( " " ) ;
}
}
2003-11-28 08:51:09 +00:00
2007-12-03 02:58:12 +01:00
static void test_ptr_scan ( struct torture_context * tctx , const struct ndr_interface_table * iface ,
2004-04-19 05:48:03 +00:00
int opnum , DATA_BLOB * base_in , int min_ofs , int max_ofs , int depth ) ;
2007-12-03 02:58:12 +01:00
static void try_expand ( struct torture_context * tctx , const struct ndr_interface_table * iface ,
2004-04-19 05:48:03 +00:00
int opnum , DATA_BLOB * base_in , int insert_ofs , int depth )
{
DATA_BLOB stub_in , stub_out ;
int n ;
NTSTATUS status ;
struct dcerpc_pipe * p = NULL ;
2007-12-03 02:58:12 +01:00
reopen ( tctx , & p , iface ) ;
2004-04-19 05:48:03 +00:00
/* work out how much to expand to get a non fault */
for ( n = 0 ; n < 2000 ; n + + ) {
stub_in = data_blob ( NULL , base_in - > length + n ) ;
data_blob_clear ( & stub_in ) ;
memcpy ( stub_in . data , base_in - > data , insert_ofs ) ;
memcpy ( stub_in . data + insert_ofs + n , base_in - > data + insert_ofs , base_in - > length - insert_ofs ) ;
2007-12-03 02:58:12 +01:00
status = dcerpc_request ( p , NULL , opnum , false , tctx , & stub_in , & stub_out ) ;
2004-04-19 05:48:03 +00:00
if ( ! NT_STATUS_EQUAL ( status , NT_STATUS_NET_WRITE_FAULT ) ) {
print_depth ( depth ) ;
printf ( " expand by %d gives %s \n " , n , nt_errstr ( status ) ) ;
if ( n > = 4 ) {
2007-12-03 02:58:12 +01:00
test_ptr_scan ( tctx , iface , opnum , & stub_in ,
2004-04-19 05:48:03 +00:00
insert_ofs , insert_ofs + n , depth + 1 ) ;
}
return ;
2004-04-23 04:21:22 +00:00
} else {
#if 0
print_depth ( depth ) ;
2007-12-03 02:58:12 +01:00
printf ( " expand by %d gives fault %s \n " , n , dcerpc_errstr ( tctx , p - > last_fault_code ) ) ;
2004-04-23 04:21:22 +00:00
# endif
2004-04-19 05:48:03 +00:00
}
if ( p - > last_fault_code = = 5 ) {
2007-12-03 02:58:12 +01:00
reopen ( tctx , & p , iface ) ;
2004-04-19 05:48:03 +00:00
}
}
2005-03-22 08:00:45 +00:00
talloc_free ( p ) ;
2004-04-19 05:48:03 +00:00
}
2007-12-03 02:58:12 +01:00
static void test_ptr_scan ( struct torture_context * tctx , const struct ndr_interface_table * iface ,
2004-04-19 05:48:03 +00:00
int opnum , DATA_BLOB * base_in , int min_ofs , int max_ofs , int depth )
2003-11-28 08:51:09 +00:00
{
DATA_BLOB stub_in , stub_out ;
int ofs ;
NTSTATUS status ;
struct dcerpc_pipe * p = NULL ;
2007-12-03 02:58:12 +01:00
reopen ( tctx , & p , iface ) ;
2003-11-28 08:51:09 +00:00
2004-04-19 05:48:03 +00:00
stub_in = data_blob ( NULL , base_in - > length ) ;
memcpy ( stub_in . data , base_in - > data , base_in - > length ) ;
2003-11-28 08:51:09 +00:00
2004-04-19 05:48:03 +00:00
/* work out which elements are pointers */
for ( ofs = min_ofs ; ofs < = max_ofs - 4 ; ofs + = 4 ) {
2003-11-28 08:51:09 +00:00
SIVAL ( stub_in . data , ofs , 1 ) ;
2007-12-03 02:58:12 +01:00
status = dcerpc_request ( p , NULL , opnum , false , tctx , & stub_in , & stub_out ) ;
2003-11-28 08:51:09 +00:00
if ( NT_STATUS_EQUAL ( status , NT_STATUS_NET_WRITE_FAULT ) ) {
2004-04-19 05:48:03 +00:00
print_depth ( depth ) ;
2004-09-21 08:11:53 +00:00
printf ( " possible ptr at ofs %d - fault %s \n " ,
2007-12-03 02:58:12 +01:00
ofs - min_ofs , dcerpc_errstr ( tctx , p - > last_fault_code ) ) ;
2003-11-28 08:51:09 +00:00
if ( p - > last_fault_code = = 5 ) {
2007-12-03 02:58:12 +01:00
reopen ( tctx , & p , iface ) ;
2003-11-28 08:51:09 +00:00
}
2004-04-19 05:48:03 +00:00
if ( depth = = 0 ) {
2007-12-03 02:58:12 +01:00
try_expand ( tctx , iface , opnum , & stub_in , ofs + 4 , depth + 1 ) ;
2004-04-19 05:48:03 +00:00
} else {
2007-12-03 02:58:12 +01:00
try_expand ( tctx , iface , opnum , & stub_in , max_ofs , depth + 1 ) ;
2004-04-19 05:48:03 +00:00
}
SIVAL ( stub_in . data , ofs , 0 ) ;
2003-11-28 08:51:09 +00:00
continue ;
}
2004-04-19 05:48:03 +00:00
SIVAL ( stub_in . data , ofs , 0 ) ;
2003-11-28 08:51:09 +00:00
}
2005-03-22 08:00:45 +00:00
talloc_free ( p ) ;
2003-11-28 08:51:09 +00:00
}
2007-12-03 02:58:12 +01:00
static void test_scan_call ( struct torture_context * tctx , const struct ndr_interface_table * iface , int opnum )
2003-11-28 08:51:09 +00:00
{
DATA_BLOB stub_in , stub_out ;
int i ;
NTSTATUS status ;
struct dcerpc_pipe * p = NULL ;
2004-04-18 03:57:51 +00:00
struct policy_handle handle ;
2003-11-28 08:51:09 +00:00
2007-12-03 02:58:12 +01:00
reopen ( tctx , & p , iface ) ;
2003-11-28 08:51:09 +00:00
2007-12-03 02:58:12 +01:00
get_policy_handle ( p , tctx , & handle ) ;
2004-04-18 03:57:51 +00:00
2003-11-28 08:51:09 +00:00
/* work out the minimum amount of input data */
2004-04-18 03:57:51 +00:00
for ( i = 0 ; i < 2000 ; i + + ) {
2003-11-28 08:51:09 +00:00
stub_in = data_blob ( NULL , i ) ;
data_blob_clear ( & stub_in ) ;
2004-04-18 03:57:51 +00:00
2007-12-03 02:58:12 +01:00
status = dcerpc_request ( p , NULL , opnum , false , tctx , & stub_in , & stub_out ) ;
2003-11-28 08:51:09 +00:00
if ( NT_STATUS_IS_OK ( status ) ) {
printf ( " opnum %d min_input %d - output %d \n " ,
2005-07-17 09:20:52 +00:00
opnum , ( int ) stub_in . length , ( int ) stub_out . length ) ;
2004-04-18 03:57:51 +00:00
dump_data ( 0 , stub_out . data , stub_out . length ) ;
2005-03-22 08:00:45 +00:00
talloc_free ( p ) ;
2007-12-03 02:58:12 +01:00
test_ptr_scan ( tctx , iface , opnum , & stub_in , 0 , stub_in . length , 0 ) ;
2004-04-19 05:48:03 +00:00
return ;
}
2007-12-03 02:58:12 +01:00
fill_blob_handle ( & stub_in , tctx , & handle ) ;
2004-04-19 05:48:03 +00:00
2007-12-03 02:58:12 +01:00
status = dcerpc_request ( p , NULL , opnum , false , tctx , & stub_in , & stub_out ) ;
2004-04-19 05:48:03 +00:00
if ( NT_STATUS_IS_OK ( status ) ) {
printf ( " opnum %d min_input %d - output %d (with handle) \n " ,
2005-07-17 09:20:52 +00:00
opnum , ( int ) stub_in . length , ( int ) stub_out . length ) ;
2004-04-19 05:48:03 +00:00
dump_data ( 0 , stub_out . data , stub_out . length ) ;
2005-03-22 08:00:45 +00:00
talloc_free ( p ) ;
2007-12-03 02:58:12 +01:00
test_ptr_scan ( tctx , iface , opnum , & stub_in , 0 , stub_in . length , 0 ) ;
2003-11-28 08:51:09 +00:00
return ;
}
if ( NT_STATUS_EQUAL ( status , NT_STATUS_NET_WRITE_FAULT ) ) {
2007-12-03 02:58:12 +01:00
printf ( " opnum %d size %d fault %s \n " , opnum , i , dcerpc_errstr ( tctx , p - > last_fault_code ) ) ;
2003-11-28 08:51:09 +00:00
if ( p - > last_fault_code = = 5 ) {
2007-12-03 02:58:12 +01:00
reopen ( tctx , & p , iface ) ;
2003-11-28 08:51:09 +00:00
}
continue ;
}
printf ( " opnum %d size %d error %s \n " , opnum , i , nt_errstr ( status ) ) ;
}
printf ( " opnum %d minimum not found!? \n " , opnum ) ;
2005-03-22 08:00:45 +00:00
talloc_free ( p ) ;
2003-11-28 08:51:09 +00:00
}
2007-12-03 02:58:12 +01:00
static void test_auto_scan ( struct torture_context * tctx , const struct ndr_interface_table * iface )
2003-11-28 08:51:09 +00:00
{
2007-12-03 02:58:12 +01:00
test_scan_call ( tctx , iface , 2 ) ;
2003-11-28 08:51:09 +00:00
}
2007-10-06 22:28:14 +00:00
bool torture_rpc_autoidl ( struct torture_context * torture )
2003-11-28 08:51:09 +00:00
{
2007-08-19 20:46:45 +00:00
const struct ndr_interface_table * iface ;
2003-11-28 08:51:09 +00:00
2007-08-21 19:35:43 +00:00
iface = ndr_table_by_name ( " drsuapi " ) ;
2003-11-28 08:51:09 +00:00
if ( ! iface ) {
printf ( " Unknown interface! \n " ) ;
2007-10-06 22:28:14 +00:00
return false ;
2003-11-28 08:51:09 +00:00
}
printf ( " \n Probing pipe '%s' \n " , iface - > name ) ;
2007-12-03 02:58:12 +01:00
test_auto_scan ( torture , iface ) ;
2003-11-28 08:51:09 +00:00
2007-10-06 22:28:14 +00:00
return true ;
2003-11-28 08:51:09 +00:00
}