mirror of
https://github.com/samba-team/samba.git
synced 2025-02-26 21:57:41 +03:00
s4-smbtorture: make sure we can successfully run the schannel test against windows.
lsa lookupsids3/lookupnames4 is only available over schannel sealed ncacn_ip_tcp. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Dec 14 17:28:29 CET 2011 on sn-devel-104
This commit is contained in:
Günther Deschner
parent
be288b0c82
commit
030ccc42b9
@ -244,10 +244,6 @@ static bool test_lsa_ops(struct torture_context *tctx, struct dcerpc_pipe *p)
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!test_many_LookupSids(p, tctx, NULL)) {
|
||||
torture_comment(tctx, "LsaLookupSids3 failed!\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
@ -272,6 +268,7 @@ static bool test_schannel(struct torture_context *tctx,
|
||||
struct dcerpc_pipe *p_lsa = NULL;
|
||||
struct netlogon_creds_CredentialState *creds;
|
||||
struct cli_credentials *credentials;
|
||||
enum dcerpc_transport_t transport;
|
||||
|
||||
join_ctx = torture_join_domain(tctx,
|
||||
talloc_asprintf(tctx, "%s%d", TEST_MACHINE_NAME, i),
|
||||
@ -287,7 +284,7 @@ static bool test_schannel(struct torture_context *tctx,
|
||||
status = dcerpc_pipe_connect_b(tctx, &p, b, &ndr_table_samr,
|
||||
credentials, tctx->ev, tctx->lp_ctx);
|
||||
torture_assert_ntstatus_ok(tctx, status,
|
||||
"Failed to connect with schannel");
|
||||
"Failed to connect to samr with schannel");
|
||||
|
||||
torture_assert(tctx, test_samr_ops(tctx, p->binding_handle),
|
||||
"Failed to process schannel secured SAMR ops");
|
||||
@ -326,22 +323,36 @@ static bool test_schannel(struct torture_context *tctx,
|
||||
status = dcerpc_epm_map_binding(tctx, b, &ndr_table_lsarpc, tctx->ev, tctx->lp_ctx);
|
||||
torture_assert_ntstatus_ok(tctx, status, "epm map");
|
||||
|
||||
status = dcerpc_secondary_connection(p, &p_lsa,
|
||||
b);
|
||||
|
||||
torture_assert_ntstatus_ok(tctx, status, "secondary connection");
|
||||
|
||||
status = dcerpc_bind_auth(p_lsa, &ndr_table_lsarpc,
|
||||
credentials, lpcfg_gensec_settings(tctx, tctx->lp_ctx),
|
||||
DCERPC_AUTH_TYPE_SCHANNEL,
|
||||
dcerpc_auth_level(p->conn),
|
||||
NULL);
|
||||
|
||||
torture_assert_ntstatus_ok(tctx, status, "bind auth");
|
||||
torture_assert_ntstatus_ok(tctx,
|
||||
dcerpc_pipe_connect_b(tctx, &p_lsa, b, &ndr_table_lsarpc,
|
||||
credentials, tctx->ev, tctx->lp_ctx),
|
||||
"failed to connect lsarpc with schannel");
|
||||
|
||||
torture_assert(tctx, test_lsa_ops(tctx, p_lsa),
|
||||
"Failed to process schannel secured LSA ops");
|
||||
|
||||
talloc_free(p_lsa);
|
||||
p_lsa = NULL;
|
||||
|
||||
/* we *MUST* use ncacn_ip_tcp for lookupsids3/lookupnames4 */
|
||||
transport = b->transport;
|
||||
b->transport = NCACN_IP_TCP;
|
||||
|
||||
torture_assert_ntstatus_ok(tctx,
|
||||
dcerpc_epm_map_binding(tctx, b, &ndr_table_lsarpc, tctx->ev, tctx->lp_ctx),
|
||||
"failed to call epm map");
|
||||
|
||||
torture_assert_ntstatus_ok(tctx,
|
||||
dcerpc_pipe_connect_b(tctx, &p_lsa, b, &ndr_table_lsarpc,
|
||||
credentials, tctx->ev, tctx->lp_ctx),
|
||||
"failed to connect lsarpc with schannel");
|
||||
|
||||
torture_assert(tctx,
|
||||
test_many_LookupSids(p_lsa, tctx, NULL),
|
||||
"LsaLookupSids3 failed!\n");
|
||||
|
||||
b->transport = transport;
|
||||
|
||||
/* Drop the socket, we want to start from scratch */
|
||||
talloc_free(p);
|
||||
p = NULL;
|
||||
@ -438,6 +449,9 @@ bool torture_rpc_schannel(struct torture_context *torture)
|
||||
int i;
|
||||
|
||||
for (i=0;i<ARRAY_SIZE(tests);i++) {
|
||||
torture_comment(torture, "Testing with acct_flags=0x%x dcerpc_flags=0x%x \n",
|
||||
tests[i].acct_flags, tests[i].dcerpc_flags);
|
||||
|
||||
if (!test_schannel(torture,
|
||||
tests[i].acct_flags, tests[i].dcerpc_flags,
|
||||
i)) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user