1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

46 Commits

Author SHA1 Message Date
Stefan Metzmacher
7ed9867fa8 s4:torture/rpc: make use of dcerpc_binding_handle_get_binding() and dcerpc_binding_get_flags()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Andreas Schneider
a40bc1d0ee s4:torture: Migrate smbtorture to new cmdline option parser
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-06-16 00:34:38 +00:00
Samuel Cabrero
1e559f9587 selftest: Test RPC handles and association groups from different connection
Add a test to check if a RPC handle can be used from a different connection
than the one where it was created, when the same association group is
requested in the bind operation of the second connection.

The association group handling is one of the differences between the S3
and S4 RPC server implementations provided by the implementation
callbacks after the merge.

Association groups work fine in the S4 implementation as the RPC server
runs in one process, except for the 'smbd' embedded services provided
by the S3 implementation like winreg (see lp_enforce_ad_dc_settings()).

In the S3 implementation, association groups should work in the same
process, but the merge introduced a bug where a new association group is
always created even when it already exists in the same process.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2021-04-07 09:18:30 +00:00
Jeremy Allison
b2de5a81bf s4: popt: Global replace of cmdline_credentials -> popt_get_cmdline_credentials().
Add one use of popt_set_cmdline_credentials().
Fix 80 column limits when cmdline_credentials changes
to popt_get_cmdline_credentials().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-11 20:30:13 +02:00
Stefan Metzmacher
460272d69b s4:torture/rpc: make use of dcerpc_binding_set_flags()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2014-02-13 11:54:17 +01:00
Jelmer Vernooij
35fbc7bbda s4-smbtorture: Make test names lowercase and dot-separated.
This is consistent with the test names used by selftest, should
make the names less confusing and easier to integrate with other tools.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Dec 11 04:16:13 CET 2010 on sn-devel-104
2010-12-11 04:16:13 +01:00
Günther Deschner
3b0c87cf31 s4-smbtorture: run all testcases with bigendian push as well in RPC-BIND.
Guenther
2010-07-16 22:47:30 +02:00
Günther Deschner
1c7d089904 s4-smbtorture: rearrange testlist in RPC-BIND.
Guenther
2010-07-16 22:47:30 +02:00
Günther Deschner
7755e196a1 s4-smbtorture: make sure to wipe out dcerpc auth flags before RPC-BIND starts.
Guenther
2010-07-16 22:47:30 +02:00
Günther Deschner
595c5a2498 s4-smbtorture: add very simple RPC-BIND testsuite.
Guenther
2010-07-14 01:34:48 +02:00
Günther Deschner
14cf257969 s4-smbtorture: rename rpc/bind.c to rpc/multi_bind.c.
Guenther
2010-07-14 01:34:28 +02:00
Stefan Metzmacher
e1e2195a4a s4:torture/rpc: rename rpc.h => torture_rpc.h
The reason for this is that some systems include
<rpc/rpc.h> from within system headers. HP-UX 11.00
does so somewhere deep inside of <shadow.h>.

For torture/winbind/struct_based.c <rpc/rpc.h> resolves
to torture/rpc/rpc.h and breaks the build.

metze
2010-04-14 20:27:11 +02:00
Andrew Tridgell
84d0047377 s4-torture: ran minimal_includes.pl over source4/torture
This reduces compile time somewhat.
2009-10-20 16:04:46 +11:00
Jelmer Vernooij
4c4323009f r26327: Explicit loadparm_context for RPC client functions.
(This used to be commit eeb2251d22)
2007-12-21 05:48:41 +01:00
Jelmer Vernooij
2151cde580 r25554: Convert last instances of BOOL, True and False to the standard types.
(This used to be commit 566aa14139)
2007-10-10 15:07:55 -05:00
Jelmer Vernooij
3e7203d0b3 r24755: Use common code for finding the RPC binding in the torture tests.
(This used to be commit e3310e7739)
2007-10-10 15:03:03 -05:00
Jelmer Vernooij
919aa6b27e r24735: Use torture API in more places.
(This used to be commit 1319d88c09)
2007-10-10 15:03:00 -05:00
Stefan Metzmacher
f14bd1a90a r24557: rename 'dcerpc_table_' -> 'ndr_table_'
metze
(This used to be commit 84651aee81)
2007-10-10 15:02:15 -05:00
Andrew Tridgell
0479a2f1cb r23792: convert Samba4 to GPLv3
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac)
2007-10-10 14:59:12 -05:00
Jelmer Vernooij
a39f239cb2 r19392: Use torture_setting_* rather than lp_parm_* where possible.
(This used to be commit b28860978f)
2007-10-10 14:21:24 -05:00
Volker Lendecke
232db0b46d r16044: Create a samba3 specific file in torture/rpc. The tests in there survive
against W2k3, but they are designed to walk existing Samba3 code paths. It
might be possible that I add something like that to other subdirs like raw/.

RPC-BINDSAMBA3 excercises the bind variants that samba3 supports right now.

RPC-NETLOGSAMBA3 does a samba3 style join, does some schannel-protected
netlogon operations and leaves again. Samba3 right now does not survive this,
I'm about to fix it soon. I'll also post a *VERY* dirty hack (fake users in
sys_getpwnam()) to be able to run this in the build farm.

Volker
(This used to be commit 60b45bf8b6)
2007-10-10 14:08:53 -05:00
Volker Lendecke
279e9166de r15930: Attempt to fix the buildfarm segfaults -- thanks Tridge for the hints
(This used to be commit e363020115)
2007-10-10 14:08:41 -05:00
Volker Lendecke
b63d6b22e4 r15916: Modify RPC-AUTHCONTEXT so that it can be anabled in samba3 make test
(This used to be commit 4298fde656)
2007-10-10 14:08:40 -05:00
Volker Lendecke
53107aed4a r15912: Run an rpc request with an invalid uid and make sure NT_STATUS_INVALID_HANDLE
is returned.

Volker
(This used to be commit 0ef6ecda1d)
2007-10-10 14:08:39 -05:00
Andrew Bartlett
7f0a396e3b r15504: Revert -r 15500 and -r 15503 until I'm awake, and can get my head
around the mess that is composite functions...

Async might be all the rage, but it's bloody painful to debug.

Andrew Bartlett
(This used to be commit 756e1dad7c)
2007-10-10 14:05:43 -05:00
Andrew Bartlett
5f36534629 r15500: Add support for interactive prompting on bad passwords to the RPC libraries.
This support requires that the bind_ack and alter_ack recv functions
also be send the DCE/RPC fault.  This would be best done by having the
ack run as a normal RPC reply callback, but this isn't easily possible
for now.

Andrew Bartlett
(This used to be commit be6dde22fe)
2007-10-10 14:05:42 -05:00
Andrew Bartlett
5f4d86f955 r15426: Implement SPNEGO as the default RPC authentication mechanism. Where
this isn't supported, fallback to NTLM.

Also, where we get a failure as 'logon failure', try and do a '3
tries' for the password, like we already do for CIFS.  (Incomplete:
needs a mapping between RPC errors and the logon failure NTSTATUS).

Because we don't yet support Kerberos sign/seal to win2k3 SP1 for
DCE/RPC, disable this (causing SPNEGO to negotiate NTLM) when kerberos
isn't demanded.

Andrew Bartlett
(This used to be commit b3212d1fb9)
2007-10-10 14:05:36 -05:00
Jelmer Vernooij
42da534d66 r14735: Use dcerpc_syntax_id rather then seperate GUID + if_version everywhere
(This used to be commit a316b33057)
2007-10-10 13:59:17 -05:00
Jelmer Vernooij
909b111f58 r14720: Add torture_context argument to all torture tests
(This used to be commit 3c7a5ce291)
2007-10-10 13:59:13 -05:00
Jelmer Vernooij
35349a58df r14542: Remove librpc, libndr and libnbt from includes.h
(This used to be commit 51b4270513)
2007-10-10 13:58:42 -05:00
Jelmer Vernooij
eefe30b7d8 r14379: Build torture/rpc/ as a seperate smbtorture module. Move helper
functions for rpc out of torture/torture.c
(This used to be commit 1d2d970f3b)
2007-10-10 13:57:16 -05:00
Jelmer Vernooij
25bb00fbcd r12693: Move core data structures out of smb.h into core.h
torture prototypes in seperate header
(This used to be commit 73610639b2)
2007-10-10 13:49:39 -05:00
Jelmer Vernooij
d658de65d3 r12512: Use GUID structs in API functions everywhere rather then converting back and
forth between GUID structs and strings in several places.
(This used to be commit 3564e2f967)
2007-10-10 13:47:48 -05:00
Jelmer Vernooij
acd6a086b3 r12510: Change the DCE/RPC interfaces to take a pointer to a
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.

This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).

This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.

I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e)
2007-10-10 13:47:48 -05:00
Andrew Bartlett
645711c602 r5941: Commit this patch much earlier than I would normally prefer, but metze needs a working tree...
The main volume of this patch was what I started working on today:
 - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context.
 - Uses sepereate inner loops for some of the DCE/RPC tests

The other and more important part of this patch fixes issues
surrounding the new credentials framwork:

This makes the struct cli_credentials always a talloc() structure,
rather than on the stack.  Parts of the cli_credentials code already
assumed this.

There were other issues, particularly in the DCERPC over SMB handling,
as well as little things that had to be tidied up before test_w2k3.sh
would start to pass.

Andrew Bartlett
(This used to be commit 0453f9d05d)
2007-10-10 13:11:11 -05:00
Jelmer Vernooij
05bc2d7b2c r5928: Use cli_credentials in:
- gtk+ (returned by GtkHostBindingDialog as well now)
 - torture/
 - librpc/
 - lib/com/dcom/
(This used to be commit ccefd78233)
2007-10-10 13:11:08 -05:00
Andrew Bartlett
df64302213 r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.

With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind.  This changes a lot of files, and these will again
be changed when jelmer does the credentials work.

I also correct some schannel IDL to distinguish between workstation
names and account names.  The distinction matters for domain trust
accounts.

Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.

In the schannel DB, we now store both the domain and computername, and
query on both.  This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.

In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.

This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.

The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.

The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests.  This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.

In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL.  This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc2)
2007-10-10 13:11:07 -05:00
Stefan Metzmacher
4a3ca96fb4 r5603: add "authservice()" property to the interface property list
so we can specify allowed target service names in the idl file

the default is "host"

metze
(This used to be commit bf40d5321f)
2007-10-10 13:10:55 -05:00
Andrew Tridgell
759da3b915 r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for the
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5)
2007-10-10 13:09:15 -05:00
Andrew Bartlett
7db9de3ea9 r4635: Fix NTLMSSP to return NT_STATUS_OK when it has constructed the auth
token in the client (the final token in the negotiation).

Consequential fixes in the SPNEGO code, which now uses the out.length
as the indicator of 'I need to send something to the other side'.

Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client.

Fix the RPC-MULTIBIND test consequent to this merge.

Andrew Bartlett
(This used to be commit 43e3516fc0)
2007-10-10 13:08:37 -05:00
Andrew Tridgell
90067934cd r3428: switched to using minimal includes for the auto-generated RPC code.
The thing that finally convinced me that minimal includes was worth
pursuing for rpc was a compiler (tcc) that failed to build Samba due
to reaching internal limits of the size of include files. Also the
fact that includes.h.gch was 16MB, which really seems excessive. This
patch brings it back to 12M, which is still too large, but
better. Note that this patch speeds up compile times for both the pch
and non-pch case.

This change also includes the addition iof a "depends()" option in our
IDL files, allowing you to specify that one IDL file depends on
another. This capability was needed for the auto-includes generation.
(This used to be commit b8f5fa8ac8)
2007-10-10 13:05:09 -05:00
Andrew Tridgell
ba6d5fcb97 r3324: made the smbtorture code completely warning free
(This used to be commit 7067bb9b52)
2007-10-10 13:04:55 -05:00
Stefan Metzmacher
8aa051c7b2 r2071: - change smbtorture to use the popt_common stuff
this means -U DOM\\user is know allowed

- torture:userdomain is a new smb.conf parameter
  because lp_workgroup is not the domain of the user

- we use torture:userdomain now in the tests instad of lp_workgroup

- for backward compat the userdomain is lp_workgroup() by default and
  not lp_netbios_name(), which my change later to match 'net' and 'smbclient'..

- we now have dublicate options e.g. -N -s ...
  tridge: can we change this?

metze
(This used to be commit 4733dcbf5f)
2007-10-10 12:58:23 -05:00
Andrew Bartlett
bc2fd488f1 r1197: Fix my build breakage, variables at the top of a block only...
Andrew Bartlett
(This used to be commit 57ca89eab3)
2007-10-10 12:56:44 -05:00
Andrew Bartlett
5c3afaf856 r1186: Clarify why this is a 'bogus' negitive test. If we pass it, we may
still be broken.

Andrew Bartlett
(This used to be commit da5f311732)
2007-10-10 12:56:43 -05:00
Andrew Bartlett
1f31eccdad r1173: A quick little test to show that we cannot bind twice to a single endpoint.
Andrew Bartlett
(This used to be commit e12ad47c69)
2007-10-10 12:56:43 -05:00