sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-11 16:58:40 +03:00
Code

cldap: Make cldap_netlogon.out.netlogon a pointer

Browse Source 
struct netlogon_samlogon_response has subpointers, this patch enables
a proper talloc hierarchy.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Volker Lendecke 2024-10-30 11:07:53 +01:00
parent a3f1cb1597
commit 31d1fc0912
9 changed files with 187 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
libcli/cldap/cldap.c
View File

@ -1043,8 +1043,15 @@ NTSTATUS cldap_netlogon_recv(struct tevent_req *req,
} }
data = state->search.out.response->attributes[0].values; data = state->search.out.response->attributes[0].values;
status = pull_netlogon_samlogon_response(data, mem_ctx, io->out.netlogon = talloc(mem_ctx, struct netlogon_samlogon_response);
&io->out.netlogon); if (io->out.netlogon == NULL) {
status = NT_STATUS_NO_MEMORY;
goto failed;
}
status = pull_netlogon_samlogon_response(data,
io->out.netlogon,
io->out.netlogon);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
goto failed; goto failed;
} }

2
libcli/cldap/cldap.h
View File

@ -108,7 +108,7 @@ struct cldap_netlogon {
uint32_t version; uint32_t version;
} in; } in;
struct { struct {
struct netlogon_samlogon_response netlogon; struct netlogon_samlogon_response *netlogon;
} out; } out;
}; };

2
source3/libads/cldap.c
View File

@ -256,7 +256,7 @@ static void cldap_multi_netlogon_done(struct tevent_req *subreq)
state->num_received += 1; state->num_received += 1;
if (NT_STATUS_IS_OK(status)) { if (NT_STATUS_IS_OK(status)) {
*response = state->ios[i].out.netlogon; *response = *state->ios[i].out.netlogon;
state->responses[i] = talloc_move(state->responses, state->responses[i] = talloc_move(state->responses,
&response); &response);
state->num_good_received += 1; state->num_good_received += 1;

12
source4/libcli/finddcs_cldap.c
View File

@ -344,14 +344,16 @@ static void finddcs_cldap_netlogon_replied(struct tevent_req *subreq)
finddcs_cldap_next_server(state); finddcs_cldap_next_server(state);
return; return;
} }
map_netlogon_samlogon_response(&state->netlogon->out.netlogon); map_netlogon_samlogon_response(state->netlogon->out.netlogon);
if (state->minimum_dc_flags != if (state->minimum_dc_flags !=
(state->minimum_dc_flags & state->netlogon->out.netlogon.data.nt5_ex.server_type)) { (state->minimum_dc_flags &
state->netlogon->out.netlogon->data.nt5_ex.server_type))
{
/* the server didn't match the minimum requirements */ /* the server didn't match the minimum requirements */
DEBUG(4,("finddcs: Skipping DC %s with server_type=0x%08x - required 0x%08x\n", DEBUG(4,("finddcs: Skipping DC %s with server_type=0x%08x - required 0x%08x\n",
state->srv_addresses[state->srv_address_index], state->srv_addresses[state->srv_address_index],
state->netlogon->out.netlogon.data.nt5_ex.server_type, state->netlogon->out.netlogon->data.nt5_ex.server_type,
state->minimum_dc_flags)); state->minimum_dc_flags));
state->srv_address_index++; state->srv_address_index++;
finddcs_cldap_next_server(state); finddcs_cldap_next_server(state);
@ -360,7 +362,7 @@ static void finddcs_cldap_netlogon_replied(struct tevent_req *subreq)
DEBUG(4,("finddcs: Found matching DC %s with server_type=0x%08x\n", DEBUG(4,("finddcs: Found matching DC %s with server_type=0x%08x\n",
state->srv_addresses[state->srv_address_index], state->srv_addresses[state->srv_address_index],
state->netlogon->out.netlogon.data.nt5_ex.server_type)); state->netlogon->out.netlogon->data.nt5_ex.server_type));
tevent_req_done(state->req); tevent_req_done(state->req);
} }
@ -460,7 +462,7 @@ NTSTATUS finddcs_cldap_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, struct
} }
talloc_steal(mem_ctx, state->netlogon); talloc_steal(mem_ctx, state->netlogon);
io->out.netlogon = state->netlogon->out.netlogon; io->out.netlogon = *state->netlogon->out.netlogon;
io->out.address = talloc_steal( io->out.address = talloc_steal(
mem_ctx, state->srv_addresses[state->srv_address_index]); mem_ctx, state->srv_addresses[state->srv_address_index]);

4
source4/libnet/libnet_become_dc.c
View File

@ -800,8 +800,8 @@ static void becomeDC_recv_cldap(struct tevent_req *req)
return; return;
} }
map_netlogon_samlogon_response(&s->cldap.io.out.netlogon); map_netlogon_samlogon_response(s->cldap.io.out.netlogon);
s->cldap.netlogon = s->cldap.io.out.netlogon.data.nt5_ex; s->cldap.netlogon = s->cldap.io.out.netlogon->data.nt5_ex;
s->domain.dns_name = s->cldap.netlogon.dns_domain; s->domain.dns_name = s->cldap.netlogon.dns_domain;
s->domain.netbios_name = s->cldap.netlogon.domain_name; s->domain.netbios_name = s->cldap.netlogon.domain_name;

15
source4/libnet/libnet_site.c
View File

@ -77,11 +77,12 @@ NTSTATUS libnet_FindSite(TALLOC_CTX *ctx, struct libnet_context *lctx, struct li
} }
status = cldap_netlogon(cldap, tmp_ctx, &search); status = cldap_netlogon(cldap, tmp_ctx, &search);
if (NT_STATUS_IS_OK(status)) { if (NT_STATUS_IS_OK(status)) {
map_netlogon_samlogon_response(&search.out.netlogon); map_netlogon_samlogon_response(search.out.netlogon);
} }
if (!NT_STATUS_IS_OK(status) if (!NT_STATUS_IS_OK(status) ||
|| search.out.netlogon.data.nt5_ex.client_site == NULL search.out.netlogon->data.nt5_ex.client_site == NULL ||
|| search.out.netlogon.data.nt5_ex.client_site[0] == '\0') { search.out.netlogon->data.nt5_ex.client_site[0] == '\0')
{
/* /*
If cldap_netlogon() returns in error, If cldap_netlogon() returns in error,
default to using Default-First-Site-Name. default to using Default-First-Site-Name.
@ -94,8 +95,10 @@ NTSTATUS libnet_FindSite(TALLOC_CTX *ctx, struct libnet_context *lctx, struct li
return NT_STATUS_NO_MEMORY; return NT_STATUS_NO_MEMORY;
} }
} else { } else {
site_name_str = talloc_asprintf(tmp_ctx, "%s", site_name_str = talloc_asprintf(
search.out.netlogon.data.nt5_ex.client_site); tmp_ctx,
"%s",
search.out.netlogon->data.nt5_ex.client_site);
if (!site_name_str) { if (!site_name_str) {
r->out.error_string = NULL; r->out.error_string = NULL;
talloc_free(tmp_ctx); talloc_free(tmp_ctx);

4
source4/libnet/libnet_unbecome_dc.c
View File

@ -301,9 +301,9 @@ static void unbecomeDC_recv_cldap(struct tevent_req *req)
talloc_free(req); talloc_free(req);
if (!composite_is_ok(c)) return; if (!composite_is_ok(c)) return;
map_netlogon_samlogon_response(&s->cldap.io.out.netlogon); map_netlogon_samlogon_response(s->cldap.io.out.netlogon);
s->cldap.netlogon = s->cldap.io.out.netlogon.data.nt5_ex; s->cldap.netlogon = s->cldap.io.out.netlogon->data.nt5_ex;
s->domain.dns_name = s->cldap.netlogon.dns_domain; s->domain.dns_name = s->cldap.netlogon.dns_domain;
s->domain.netbios_name = s->cldap.netlogon.domain_name; s->domain.netbios_name = s->cldap.netlogon.domain_name;

219
source4/torture/ldap/netlogon.c
View File

@ -76,7 +76,7 @@ static bool test_ldap_netlogon(struct torture_context *tctx,
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
n1 = search.out.netlogon; n1 = *search.out.netlogon;
search.in.user = "Administrator"; search.in.user = "Administrator";
search.in.realm = n1.data.nt5_ex.dns_domain; search.in.realm = n1.data.nt5_ex.dns_domain;
@ -106,20 +106,25 @@ static bool test_ldap_netlogon(struct torture_context *tctx,
search.in.user = NULL; search.in.user = NULL;
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); LOGON_SAM_LOGON_RESPONSE_EX);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name, "");
torture_assert(tctx, torture_assert(tctx,
strstr(search.out.netlogon.data.nt5_ex.pdc_name, "\\\\") == NULL, strstr(search.out.netlogon->data.nt5_ex.pdc_name,
"\\\\") == NULL,
"PDC name should not be in UNC form"); "PDC name should not be in UNC form");
printf("Trying with User=Administrator\n"); printf("Trying with User=Administrator\n");
search.in.user = "Administrator"; search.in.user = "Administrator";
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); LOGON_SAM_LOGON_USER_UNKNOWN_EX);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name,
search.in.user);
torture_assert(tctx, torture_assert(tctx,
strstr(search.out.netlogon.data.nt5_ex.pdc_name, "\\\\") == NULL, strstr(search.out.netlogon->data.nt5_ex.pdc_name,
"\\\\") == NULL,
"PDC name should not be in UNC form"); "PDC name should not be in UNC form");
search.in.version = NETLOGON_NT_VERSION_5; search.in.version = NETLOGON_NT_VERSION_5;
@ -130,20 +135,25 @@ static bool test_ldap_netlogon(struct torture_context *tctx,
search.in.user = NULL; search.in.user = NULL;
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); LOGON_SAM_LOGON_RESPONSE);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name, "");
torture_assert(tctx, torture_assert(tctx,
strstr(search.out.netlogon.data.nt5_ex.pdc_name, "\\\\") != NULL, strstr(search.out.netlogon->data.nt5_ex.pdc_name,
"\\\\") != NULL,
"PDC name should be in UNC form"); "PDC name should be in UNC form");
printf("Trying with User=Administrator\n"); printf("Trying with User=Administrator\n");
search.in.user = "Administrator"; search.in.user = "Administrator";
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); LOGON_SAM_LOGON_USER_UNKNOWN);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name,
search.in.user);
torture_assert(tctx, torture_assert(tctx,
strstr(search.out.netlogon.data.nt5_ex.pdc_name, "\\\\") != NULL, strstr(search.out.netlogon->data.nt5_ex.pdc_name,
"\\\\") != NULL,
"PDC name should be in UNC form"); "PDC name should be in UNC form");
search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX; search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
@ -153,10 +163,14 @@ static bool test_ldap_netlogon(struct torture_context *tctx,
search.in.domain_guid = GUID_string(tctx, &n1.data.nt5_ex.domain_uuid); search.in.domain_guid = GUID_string(tctx, &n1.data.nt5_ex.domain_uuid);
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(GUID_string(tctx, &search.out.netlogon.data.nt5_ex.domain_uuid), search.in.domain_guid); LOGON_SAM_LOGON_USER_UNKNOWN_EX);
CHECK_STRING(GUID_string(tctx,
&search.out.netlogon->data.nt5_ex.domain_uuid),
search.in.domain_guid);
torture_assert(tctx, torture_assert(tctx,
strstr(search.out.netlogon.data.nt5_ex.pdc_name, "\\\\") == NULL, strstr(search.out.netlogon->data.nt5_ex.pdc_name,
"\\\\") == NULL,
"PDC name should not be in UNC form"); "PDC name should not be in UNC form");
printf("Trying with a incorrect GUID\n"); printf("Trying with a incorrect GUID\n");
@ -171,16 +185,18 @@ static bool test_ldap_netlogon(struct torture_context *tctx,
search.in.realm = n1.data.nt5_ex.dns_domain; search.in.realm = n1.data.nt5_ex.dns_domain;
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); LOGON_SAM_LOGON_RESPONSE_EX);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name, "");
printf("Trying with a zero AAC\n"); printf("Trying with a zero AAC\n");
search.in.acct_control = 0x0; search.in.acct_control = 0x0;
search.in.realm = n1.data.nt5_ex.dns_domain; search.in.realm = n1.data.nt5_ex.dns_domain;
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); LOGON_SAM_LOGON_RESPONSE_EX);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name, "");
printf("Trying with a zero AAC and user=Administrator\n"); printf("Trying with a zero AAC and user=Administrator\n");
search.in.acct_control = 0x0; search.in.acct_control = 0x0;
@ -188,8 +204,10 @@ static bool test_ldap_netlogon(struct torture_context *tctx,
search.in.realm = n1.data.nt5_ex.dns_domain; search.in.realm = n1.data.nt5_ex.dns_domain;
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "Administrator"); LOGON_SAM_LOGON_USER_UNKNOWN_EX);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name,
"Administrator");
printf("Trying with a bad AAC\n"); printf("Trying with a bad AAC\n");
search.in.user = NULL; search.in.user = NULL;
@ -197,34 +215,50 @@ static bool test_ldap_netlogon(struct torture_context *tctx,
search.in.realm = n1.data.nt5_ex.dns_domain; search.in.realm = n1.data.nt5_ex.dns_domain;
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); LOGON_SAM_LOGON_RESPONSE_EX);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name, "");
printf("Trying with a user only\n"); printf("Trying with a user only\n");
search = empty_search; search = empty_search;
search.in.user = "Administrator"; search.in.user = "Administrator";
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_STRING(search.out.netlogon.data.nt5_ex.forest, n1.data.nt5_ex.dns_domain); CHECK_STRING(search.out.netlogon->data.nt5_ex.forest,
CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.domain_name, n1.data.nt5_ex.domain_name); CHECK_STRING(search.out.netlogon->data.nt5_ex.dns_domain,
CHECK_STRING(search.out.netlogon.data.nt5_ex.pdc_name, n1.data.nt5_ex.pdc_name); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); CHECK_STRING(search.out.netlogon->data.nt5_ex.domain_name,
CHECK_STRING(search.out.netlogon.data.nt5_ex.server_site, n1.data.nt5_ex.server_site); n1.data.nt5_ex.domain_name);
CHECK_STRING(search.out.netlogon.data.nt5_ex.client_site, n1.data.nt5_ex.client_site); CHECK_STRING(search.out.netlogon->data.nt5_ex.pdc_name,
n1.data.nt5_ex.pdc_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name,
search.in.user);
CHECK_STRING(search.out.netlogon->data.nt5_ex.server_site,
n1.data.nt5_ex.server_site);
CHECK_STRING(search.out.netlogon->data.nt5_ex.client_site,
n1.data.nt5_ex.client_site);
printf("Trying with just a bad username\n"); printf("Trying with just a bad username\n");
search.in.user = "___no_such_user___"; search.in.user = "___no_such_user___";
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.forest, n1.data.nt5_ex.dns_domain); LOGON_SAM_LOGON_USER_UNKNOWN_EX);
CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); CHECK_STRING(search.out.netlogon->data.nt5_ex.forest,
CHECK_STRING(search.out.netlogon.data.nt5_ex.domain_name, n1.data.nt5_ex.domain_name); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.pdc_name, n1.data.nt5_ex.pdc_name); CHECK_STRING(search.out.netlogon->data.nt5_ex.dns_domain,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.server_site, n1.data.nt5_ex.server_site); CHECK_STRING(search.out.netlogon->data.nt5_ex.domain_name,
CHECK_STRING(search.out.netlogon.data.nt5_ex.client_site, n1.data.nt5_ex.client_site); n1.data.nt5_ex.domain_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.pdc_name,
n1.data.nt5_ex.pdc_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name,
search.in.user);
CHECK_STRING(search.out.netlogon->data.nt5_ex.server_site,
n1.data.nt5_ex.server_site);
CHECK_STRING(search.out.netlogon->data.nt5_ex.client_site,
n1.data.nt5_ex.client_site);
printf("Trying with just a bad domain\n"); printf("Trying with just a bad domain\n");
search = empty_search; search = empty_search;
@ -236,53 +270,81 @@ static bool test_ldap_netlogon(struct torture_context *tctx,
search.in.domain_guid = GUID_string(tctx, &n1.data.nt5_ex.domain_uuid); search.in.domain_guid = GUID_string(tctx, &n1.data.nt5_ex.domain_uuid);
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.forest, n1.data.nt5_ex.dns_domain); LOGON_SAM_LOGON_RESPONSE_EX);
CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); CHECK_STRING(search.out.netlogon->data.nt5_ex.forest,
CHECK_STRING(search.out.netlogon.data.nt5_ex.domain_name, n1.data.nt5_ex.domain_name); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.pdc_name, n1.data.nt5_ex.pdc_name); CHECK_STRING(search.out.netlogon->data.nt5_ex.dns_domain,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.server_site, n1.data.nt5_ex.server_site); CHECK_STRING(search.out.netlogon->data.nt5_ex.domain_name,
CHECK_STRING(search.out.netlogon.data.nt5_ex.client_site, n1.data.nt5_ex.client_site); n1.data.nt5_ex.domain_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.pdc_name,
n1.data.nt5_ex.pdc_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name, "");
CHECK_STRING(search.out.netlogon->data.nt5_ex.server_site,
n1.data.nt5_ex.server_site);
CHECK_STRING(search.out.netlogon->data.nt5_ex.client_site,
n1.data.nt5_ex.client_site);
printf("Trying with a incorrect domain and incorrect guid\n"); printf("Trying with a incorrect domain and incorrect guid\n");
search.in.domain_guid = GUID_string(tctx, &guid); search.in.domain_guid = GUID_string(tctx, &guid);
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_NOT_FOUND); CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.forest, n1.data.nt5_ex.dns_domain); LOGON_SAM_LOGON_RESPONSE_EX);
CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); CHECK_STRING(search.out.netlogon->data.nt5_ex.forest,
CHECK_STRING(search.out.netlogon.data.nt5_ex.domain_name, n1.data.nt5_ex.domain_name); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.pdc_name, n1.data.nt5_ex.pdc_name); CHECK_STRING(search.out.netlogon->data.nt5_ex.dns_domain,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.server_site, n1.data.nt5_ex.server_site); CHECK_STRING(search.out.netlogon->data.nt5_ex.domain_name,
CHECK_STRING(search.out.netlogon.data.nt5_ex.client_site, n1.data.nt5_ex.client_site); n1.data.nt5_ex.domain_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.pdc_name,
n1.data.nt5_ex.pdc_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name, "");
CHECK_STRING(search.out.netlogon->data.nt5_ex.server_site,
n1.data.nt5_ex.server_site);
CHECK_STRING(search.out.netlogon->data.nt5_ex.client_site,
n1.data.nt5_ex.client_site);
printf("Trying with a incorrect GUID and correct domain\n"); printf("Trying with a incorrect GUID and correct domain\n");
search.in.domain_guid = GUID_string(tctx, &guid); search.in.domain_guid = GUID_string(tctx, &guid);
search.in.realm = n1.data.nt5_ex.dns_domain; search.in.realm = n1.data.nt5_ex.dns_domain;
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); CHECK_VAL(search.out.netlogon->data.nt5_ex.command,
CHECK_STRING(search.out.netlogon.data.nt5_ex.forest, n1.data.nt5_ex.dns_domain); LOGON_SAM_LOGON_RESPONSE_EX);
CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); CHECK_STRING(search.out.netlogon->data.nt5_ex.forest,
CHECK_STRING(search.out.netlogon.data.nt5_ex.domain_name, n1.data.nt5_ex.domain_name); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.pdc_name, n1.data.nt5_ex.pdc_name); CHECK_STRING(search.out.netlogon->data.nt5_ex.dns_domain,
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.server_site, n1.data.nt5_ex.server_site); CHECK_STRING(search.out.netlogon->data.nt5_ex.domain_name,
CHECK_STRING(search.out.netlogon.data.nt5_ex.client_site, n1.data.nt5_ex.client_site); n1.data.nt5_ex.domain_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.pdc_name,
n1.data.nt5_ex.pdc_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name, "");
CHECK_STRING(search.out.netlogon->data.nt5_ex.server_site,
n1.data.nt5_ex.server_site);
CHECK_STRING(search.out.netlogon->data.nt5_ex.client_site,
n1.data.nt5_ex.client_site);
printf("Proof other results\n"); printf("Proof other results\n");
search.in.user = "Administrator"; search.in.user = "Administrator";
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
CHECK_STRING(search.out.netlogon.data.nt5_ex.forest, n1.data.nt5_ex.dns_domain); CHECK_STRING(search.out.netlogon->data.nt5_ex.forest,
CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.domain_name, n1.data.nt5_ex.domain_name); CHECK_STRING(search.out.netlogon->data.nt5_ex.dns_domain,
CHECK_STRING(search.out.netlogon.data.nt5_ex.pdc_name, n1.data.nt5_ex.pdc_name); n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); CHECK_STRING(search.out.netlogon->data.nt5_ex.domain_name,
CHECK_STRING(search.out.netlogon.data.nt5_ex.server_site, n1.data.nt5_ex.server_site); n1.data.nt5_ex.domain_name);
CHECK_STRING(search.out.netlogon.data.nt5_ex.client_site, n1.data.nt5_ex.client_site); CHECK_STRING(search.out.netlogon->data.nt5_ex.pdc_name,
n1.data.nt5_ex.pdc_name);
CHECK_STRING(search.out.netlogon->data.nt5_ex.user_name,
search.in.user);
CHECK_STRING(search.out.netlogon->data.nt5_ex.server_site,
n1.data.nt5_ex.server_site);
CHECK_STRING(search.out.netlogon->data.nt5_ex.client_site,
n1.data.nt5_ex.client_site);
return true; return true;
} }
@ -311,7 +373,7 @@ static bool test_ldap_netlogon_flags(struct torture_context *tctx,
status = request_netlogon(cldap, tctx, &search); status = request_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK); CHECK_STATUS(status, NT_STATUS_OK);
n1 = search.out.netlogon; n1 = *search.out.netlogon;
if (n1.ntver == NETLOGON_NT_VERSION_5) if (n1.ntver == NETLOGON_NT_VERSION_5)
server_type = n1.data.nt5.server_type; server_type = n1.data.nt5.server_type;
else if (n1.ntver == NETLOGON_NT_VERSION_5EX) else if (n1.ntver == NETLOGON_NT_VERSION_5EX)
@ -457,13 +519,20 @@ static NTSTATUS tcp_ldap_netlogon(void *conn,
} }
blob = res->attributes[0].values; blob = res->attributes[0].values;
status = pull_netlogon_samlogon_response(blob, mem_ctx,
&io->out.netlogon); io->out.netlogon = talloc(mem_ctx, struct netlogon_samlogon_response);
if (io->out.netlogon == NULL) {
return NT_STATUS_NO_MEMORY;
}
status = pull_netlogon_samlogon_response(blob,
io->out.netlogon,
io->out.netlogon);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
return status; return status;
} }
map_netlogon_samlogon_response(&io->out.netlogon); map_netlogon_samlogon_response(io->out.netlogon);
return NT_STATUS_OK; return NT_STATUS_OK;
} }
@ -624,7 +693,7 @@ static NTSTATUS udp_ldap_netlogon(void *data,
struct cldap_socket); struct cldap_socket);
NTSTATUS status = cldap_netlogon(cldap, mem_ctx, io); NTSTATUS status = cldap_netlogon(cldap, mem_ctx, io);
if (NT_STATUS_IS_OK(status)) { if (NT_STATUS_IS_OK(status)) {
map_netlogon_samlogon_response(&io->out.netlogon); map_netlogon_samlogon_response(io->out.netlogon);
} }
return status; return status;
} }

19
source4/torture/rpc/lsa.c
View File

@ -4446,20 +4446,25 @@ static bool check_dom_trust_pw(struct dcerpc_pipe *p,
} }
status = cldap_netlogon(cldap, tctx, &cldap1); status = cldap_netlogon(cldap, tctx, &cldap1);
torture_assert_ntstatus_ok(tctx, status, "cldap_netlogon"); torture_assert_ntstatus_ok(tctx, status, "cldap_netlogon");
torture_assert_int_equal(tctx, cldap1.out.netlogon.ntver, torture_assert_int_equal(tctx,
cldap1.out.netlogon->ntver,
NETLOGON_NT_VERSION_5EX, NETLOGON_NT_VERSION_5EX,
"ntver"); "ntver");
torture_assert_int_equal(tctx, cldap1.out.netlogon.data.nt5_ex.nt_version, torture_assert_int_equal(tctx,
NETLOGON_NT_VERSION_1 | NETLOGON_NT_VERSION_5EX, cldap1.out.netlogon->data.nt5_ex.nt_version,
NETLOGON_NT_VERSION_1 |
NETLOGON_NT_VERSION_5EX,
"nt_version"); "nt_version");
torture_assert_int_equal(tctx, cldap1.out.netlogon.data.nt5_ex.command, torture_assert_int_equal(tctx,
cldap1.out.netlogon->data.nt5_ex.command,
LOGON_SAM_LOGON_RESPONSE_EX, LOGON_SAM_LOGON_RESPONSE_EX,
"command"); "command");
torture_assert_str_equal(tctx, cldap1.out.netlogon.data.nt5_ex.user_name, torture_assert_str_equal(tctx,
cldap1.out.netlogon->data.nt5_ex.user_name,
cldap1.in.user, cldap1.in.user,
"user_name"); "user_name");
server_name = talloc_asprintf(tctx, "\\\\%s", server_name = talloc_asprintf(
cldap1.out.netlogon.data.nt5_ex.pdc_dns_name); tctx, "\\\\%s", cldap1.out.netlogon->data.nt5_ex.pdc_dns_name);
torture_assert(tctx, server_name, __location__); torture_assert(tctx, server_name, __location__);
status = dcerpc_parse_binding(tctx, binding, &b2); status = dcerpc_parse_binding(tctx, binding, &b2);