LCOV - code coverage report
Current view: top level - source4/torture/rpc - samr_handletype.c (source / functions) Hit Total Coverage
Test: coverage report for vadcx-master-patch-75612 fe003de8 Lines: 88 105 83.8 %
Date: 2024-02-29 22:57:05 Functions: 4 4 100.0 %

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    test suite for handle types on the SAMR pipe
       5             : 
       6             :    Copyright (C) Samuel Cabrero <scabrero@samba.org> 2020
       7             : 
       8             :    This program is free software; you can redistribute it and/or modify
       9             :    it under the terms of the GNU General Public License as published by
      10             :    the Free Software Foundation; either version 3 of the License, or
      11             :    (at your option) any later version.
      12             : 
      13             :    This program is distributed in the hope that it will be useful,
      14             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :    GNU General Public License for more details.
      17             : 
      18             :    You should have received a copy of the GNU General Public License
      19             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      20             : */
      21             : 
      22             : #include "includes.h"
      23             : #include "librpc/gen_ndr/ndr_samr_c.h"
      24             : #include "torture/rpc/torture_rpc.h"
      25             : #include "param/param.h"
      26             : #include "libcli/security/security.h"
      27             : 
      28             : enum samr_handle {
      29             :         SAMR_HANDLE_CONNECT,
      30             :         SAMR_HANDLE_DOMAIN,
      31             :         SAMR_HANDLE_USER,
      32             :         SAMR_HANDLE_GROUP,
      33             :         SAMR_HANDLE_ALIAS
      34             : };
      35             : 
      36          15 : static NTSTATUS torture_samr_Close(struct torture_context *tctx,
      37             :                                    struct dcerpc_binding_handle *b,
      38             :                                    struct policy_handle *h)
      39             : {
      40           0 :         NTSTATUS status;
      41           0 :         struct samr_Close cl;
      42             : 
      43          15 :         cl.in.handle  = h;
      44          15 :         cl.out.handle = h;
      45          15 :         status = dcerpc_samr_Close_r(b, tctx, &cl);
      46          15 :         if (!NT_STATUS_IS_OK(status)) {
      47           0 :                 return status;
      48             :         }
      49             : 
      50          15 :         return cl.out.result;
      51             : }
      52             : 
      53          10 : static NTSTATUS torture_samr_Connect5(struct torture_context *tctx,
      54             :                                       struct dcerpc_binding_handle *b,
      55             :                                       uint32_t mask, struct policy_handle *h)
      56             : {
      57           0 :         NTSTATUS status;
      58           0 :         struct samr_Connect5 r5;
      59           0 :         union samr_ConnectInfo info;
      60          10 :         uint32_t level_out = 0;
      61             : 
      62          10 :         info.info1.client_version = 0;
      63          10 :         info.info1.supported_features = 0;
      64          10 :         r5.in.system_name = "";
      65          10 :         r5.in.level_in = 1;
      66          10 :         r5.in.info_in = &info;
      67          10 :         r5.out.info_out = &info;
      68          10 :         r5.out.level_out = &level_out;
      69          10 :         r5.out.connect_handle = h;
      70          10 :         r5.in.access_mask = mask;
      71             : 
      72          10 :         status = dcerpc_samr_Connect5_r(b, tctx, &r5);
      73          10 :         if (!NT_STATUS_IS_OK(status)) {
      74           0 :                 return status;
      75             :         }
      76             : 
      77          10 :         return r5.out.result;
      78             : }
      79             : 
      80           5 : static bool test_samr_handletype_OpenDomain(struct torture_context *tctx,
      81             :                                             struct dcerpc_pipe *p)
      82             : {
      83           0 :         NTSTATUS status;
      84           0 :         struct samr_LookupDomain ld;
      85           5 :         struct dom_sid2 *sid = NULL;
      86           0 :         struct samr_OpenDomain od;
      87           0 :         struct samr_OpenUser ou;
      88           0 :         struct samr_OpenGroup og;
      89           0 :         struct policy_handle ch;
      90           0 :         struct policy_handle bad;
      91           0 :         struct policy_handle dh;
      92           0 :         struct policy_handle oh;
      93           0 :         struct lsa_String dn;
      94           5 :         struct dcerpc_binding_handle *b = p->binding_handle;
      95             : 
      96             :         /* first we must grab the sid of the domain */
      97           5 :         status = torture_samr_Connect5(tctx, b, SEC_FLAG_MAXIMUM_ALLOWED, &ch);
      98           5 :         torture_assert_ntstatus_ok(tctx, status, "Connect5 failed");
      99             : 
     100           5 :         ld.in.connect_handle = &ch;
     101           5 :         ld.in.domain_name    = &dn;
     102           5 :         ld.out.sid           = &sid;
     103           5 :         dn.string            = lpcfg_workgroup(tctx->lp_ctx);
     104           5 :         status = dcerpc_samr_LookupDomain_r(b, tctx, &ld);
     105           5 :         torture_assert_ntstatus_ok(tctx, status, "LookupDomain failed");
     106           5 :         torture_assert_ntstatus_ok(tctx, ld.out.result, "LookupDomain failed");
     107             : 
     108           5 :         status = torture_samr_Connect5(tctx, b, 1, &ch);
     109           5 :         torture_assert_ntstatus_ok(tctx, status, "Connect5 failed");
     110             : 
     111           5 :         od.in.connect_handle = &bad;
     112           5 :         od.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
     113           5 :         od.in.sid = sid;
     114           5 :         od.out.domain_handle = &dh;
     115             : 
     116             :         /* Open domain, wrong handle GUID */
     117           5 :         bad = ch;
     118           5 :         bad.uuid = GUID_random();
     119             : 
     120           5 :         status = dcerpc_samr_OpenDomain_r(b, tctx, &od);
     121           5 :         torture_assert_ntstatus_equal(tctx,
     122             :                                       status,
     123             :                                       NT_STATUS_RPC_SS_CONTEXT_MISMATCH,
     124             :                                       "OpenDomain succeeded with random GUID");
     125             : 
     126             :         /* Open domain, wrong handle type */
     127           5 :         bad = ch;
     128           5 :         bad.handle_type = SAMR_HANDLE_USER;
     129             : 
     130           5 :         status = dcerpc_samr_OpenDomain_r(b, tctx, &od);
     131           5 :         torture_assert_ntstatus_equal(tctx,
     132             :                                       status,
     133             :                                       NT_STATUS_RPC_SS_CONTEXT_MISMATCH,
     134             :                                       "OpenDomain succeeded with wrong type");
     135             : 
     136             :         /* Open domain */
     137           5 :         bad = ch;
     138             : 
     139           5 :         status = dcerpc_samr_OpenDomain_r(b, tctx, &od);
     140           5 :         torture_assert_ntstatus_ok(tctx, status, "OpenDomain failed");
     141           5 :         torture_assert_ntstatus_ok(tctx, od.out.result, "OpenDomain failed");
     142             : 
     143           5 :         bad = dh;
     144             : 
     145             :         /* Open user, wrong handle type */
     146           5 :         ou.in.domain_handle = &bad;
     147           5 :         ou.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
     148           5 :         ou.in.rid = 501;
     149           5 :         ou.out.user_handle = &oh;
     150             : 
     151           5 :         bad.handle_type = SAMR_HANDLE_ALIAS;
     152             : 
     153           5 :         status = dcerpc_samr_OpenUser_r(b, tctx, &ou);
     154           5 :         torture_assert_ntstatus_equal(tctx,
     155             :                                       status,
     156             :                                       NT_STATUS_RPC_SS_CONTEXT_MISMATCH,
     157             :                                       "OpenUser succeeded with wrong type");
     158             : 
     159             :         /* Open user */
     160           5 :         bad.handle_type = SAMR_HANDLE_DOMAIN;
     161             : 
     162           5 :         status = dcerpc_samr_OpenUser_r(b, tctx, &ou);
     163           5 :         torture_assert_ntstatus_ok(tctx, status, "OpenUser failed");
     164           5 :         torture_assert_ntstatus_ok(tctx, ou.out.result, "OpenUser failed");
     165             : 
     166             :         /* Close user */
     167           5 :         status = torture_samr_Close(tctx, b, &oh);
     168           5 :         torture_assert_ntstatus_ok(tctx, status, "Close failed");
     169             : 
     170           5 :         bad = dh;
     171             : 
     172             :         /* Open group, wrong type */
     173           5 :         og.in.domain_handle = &bad;
     174           5 :         og.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
     175           5 :         og.in.rid = 513;
     176           5 :         og.out.group_handle = &oh;
     177             : 
     178           5 :         bad.handle_type = SAMR_HANDLE_GROUP;
     179             : 
     180           5 :         status = dcerpc_samr_OpenGroup_r(b, tctx, &og);
     181           5 :         torture_assert_ntstatus_equal(tctx,
     182             :                                       status,
     183             :                                       NT_STATUS_RPC_SS_CONTEXT_MISMATCH,
     184             :                                       "OpenGroup succeeded with wrong type");
     185             : 
     186             :         /* Open group */
     187           5 :         bad.handle_type = SAMR_HANDLE_DOMAIN;
     188             : 
     189           5 :         status = dcerpc_samr_OpenGroup_r(b, tctx, &og);
     190           5 :         torture_assert_ntstatus_ok(tctx, status, "OpenGroup failed");
     191           5 :         torture_assert_ntstatus_ok(tctx, ou.out.result, "OpenGroup failed");
     192             : 
     193             :         /* Close group */
     194           5 :         status = torture_samr_Close(tctx, b, &oh);
     195           5 :         torture_assert_ntstatus_ok(tctx, status, "Close failed");
     196             : 
     197             :         /* Close connect */
     198           5 :         status = torture_samr_Close(tctx, b, &ch);
     199           5 :         torture_assert_ntstatus_ok(tctx, status, "Close failed");
     200             : 
     201           5 :         return true;
     202             : }
     203             : 
     204        2354 : struct torture_suite *torture_rpc_samr_handletype(TALLOC_CTX *mem_ctx)
     205             : {
     206        2354 :         struct torture_suite *suite = NULL;
     207        2354 :         struct torture_rpc_tcase *tcase = NULL;
     208             : 
     209        2354 :         suite = torture_suite_create(mem_ctx, "samr.handletype");
     210        2354 :         tcase = torture_suite_add_rpc_iface_tcase(suite, "samr",
     211             :                                                   &ndr_table_samr);
     212             : 
     213        2354 :         torture_rpc_tcase_add_test(tcase, "OpenDomainHandleType",
     214             :                                    test_samr_handletype_OpenDomain);
     215             : 
     216        2354 :         return suite;
     217             : }

Generated by: LCOV version 1.14