summaryrefslogtreecommitdiffstats
path: root/source4/torture/rpc
Commit message (Collapse)AuthorAgeFilesLines
* s4-torture: add print_test_purgeDavid Disseldorp2014-05-221-0/+84
| | | | | | | | | | | This change adds a regression test for print job purging via SetPrinter(SPOOLSS_PRINTER_CONTROL_PURGE). Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu May 22 01:55:39 CEST 2014 on sn-devel-104
* s4-torture: fix some build warnings in rpc samr test.Günther Deschner2014-05-161-11/+10
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri May 16 23:48:35 CEST 2014 on sn-devel-104
* s4-torture: fix test_openprinter_wrap fake test result.Günther Deschner2014-05-161-1/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* Allow FSRVP access generic HRESULT error message descriptionsNoel Power2014-04-021-2/+3
| | | | | | | | | | | | FSRVP can possibly return any HRESULT error in addition to it's own specific errors. This change searches the HRESULT errors for a description if the error doesn't match any of the known FSRVP ones. Also removed some errors defined in fsrvp.idl (now that they are defined in hresult.h) Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Add testing of account lockout and password change behaviourAndrew Bartlett2014-04-021-39/+346
| | | | | | | | | | | | | | | | | | | | This is the regression test to avoid a repeat of CVE-2013-4496 This includes confirming that badPwdCount is updated on login, not just on first failure However the badPwdCount is not updated if the account is disabled Note: that samr_QueryUserInfo return the effective bad_password_count in level 5, 16 and 21, while it returns the raw value in level 3. (Sadly the s3 code does not do this correctly, so a knownfail is added) Change-Id: I4fd8ac5c3b1357e7a98386756dac2a43eb778ecf Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Apr 2 19:30:59 CEST 2014 on sn-devel-104
* torture-samr: Add test for lockout with and without a password historyAndrew Bartlett2014-04-021-2/+18
| | | | | | Change-Id: I6f4b3e92feabe4ff09839329b0db3d33cc6c73b4 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Improve rpc.samr.passwords.badpwdcount testAndrew Bartlett2014-04-021-10/+12
| | | | | | Change-Id: I89ac30d715e89f14aca049e0e5c5043a39ab93c7 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Do not issue a TORTURE_FAIL unless *this* test failedAndrew Bartlett2014-04-021-3/+5
| | | | | | Change-Id: I349d8ac77a98b934cd4b11b01a96a231097eeeed Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Lock accounts for 5 seconds in rpc.samr.passwords.badpwdcount ↵Andrew Bartlett2014-04-021-0/+10
| | | | | | | | | | test to ensure consistent results For "samba3" we use 60 seconds as in test_Password_lockout(). Change-Id: I886eb83d4c620e4d719a38ec47b45bacd1406b9d Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Try breaking the NT hash first, as the LM hash may not be ↵Andrew Bartlett2014-04-021-6/+6
| | | | | | | | being checked Change-Id: Iea9040bc7130f8b779c35bd367a9915633cd494d Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: set min password age to 0 for lockout and badpwdcount testsAndrew Bartlett2014-04-021-1/+5
| | | | | | Change-Id: I0d44fcc712e6f239d9adc739fdafc1b20dd2beba Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Make failures easier to trace with torture_assertAndrew Bartlett2014-04-021-42/+17
| | | | | | Change-Id: I729ba2f0a0501575357977754401a0cb40d95b34 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Indent samba3-skip blockAndrew Bartlett2014-04-021-20/+20
| | | | | | Change-Id: I2bb9f175e61401606742737a883604b922044ea5 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Actually fail on failures in rpc.samr, rather than just ↵Andrew Bartlett2014-04-021-174/+174
| | | | | | | | printing pretty warnings Change-Id: I00d66ecd84cd1a7d733f491d19328cec93ba8d2b Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture/samr: Re-open the user when checking for ACB_AUTOLOCKAndrew Bartlett2014-04-021-12/+24
| | | | | | | | | | | This flag appears to be cached from the open, so the test incorrectly indicated that the flag was not set over SAMR. Andrew Bartlett Change-Id: I2f1f017191dddb6c2ac496712064fa1b6b48be53 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Set lockout_seconds to 60 for samba3Andrew Bartlett2014-04-021-0/+4
| | | | | | | | | | | | The source3 account policy code deals with lockouts in terms of minutes, not nanoseconds, so we have to lock out for at least 60 seconds otherwise we do not wait long enough. Andrew Bartlett. Change-Id: I2b30d1c0d9b020b3aba6ed3343361e9a576b7d9a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:torture/rpc: avoid declaration after code warningsStefan Metzmacher2014-04-023-10/+10
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* torture: test FSRVP UNCs with and without trailing slashesDavid Disseldorp2014-03-311-5/+6
| | | | | | | | The trailing slash should not make a difference, unless the target share is hidden. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* auth/gensec: remove tevent_context argument from gensec_update()Stefan Metzmacher2014-03-271-6/+6
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_handle_auth_info() in backupkey.cStefan Metzmacher2014-03-251-22/+55
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_handle_auth_info() in lsa.cStefan Metzmacher2014-03-251-2/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture/rpc: fix altercontext test against windowsStefan Metzmacher2014-03-251-1/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture/rpc: remove bogus rpc.multibind testStefan Metzmacher2014-03-252-77/+0
| | | | | | | | | | | | We can later add a more useful test that tests security context multiplexing correctly. And another one that demonstrates that only DCERPC_BIND must be the first (and only the first) PDU on a connection. Otherwise DCERPC_ALTER_CONTEXT is used. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture/rpc: avoid using dcecli_connection->binding_stringStefan Metzmacher2014-03-251-5/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture/rpc: fix error path in torture_leave_domain()Stefan Metzmacher2014-03-251-2/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4-torture: add some tests for pre-allocated buffers in enumprinterdrivers call.Günther Deschner2014-03-201-0/+10
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4-torture: add test_EnumPrinterDrivers_buffers function.Günther Deschner2014-03-201-11/+31
| | | | | | | | | This will allow to test the enumdriver call with pre-allocated buffer. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* CVE-2013-4496:samr: Remove ChangePasswordUserAndrew Bartlett2014-03-131-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This old password change mechanism does not provide the plaintext to validate against password complexity, and it is not used by modern clients. It also has quite difficult semantics to handle regarding password lockout. The missing features in both implementations (by design) were: - the password complexity checks (no plaintext) - the minimum password length (no plaintext) Additionally, the source3 version did not check: - the minimum password age - pdb_get_pass_can_change() which checks the security descriptor for the 'user cannot change password' setting. - the password history - the output of the 'passwd program' if 'unix passwd sync = yes'. Finally, the mechanism was almost useless, as it was incorrectly only made available to administrative users with permission to reset the password. It is removed here so that it is not mistakenly reinstated in the future. Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245 Change-Id: If2edd3183c177e5ff37c9511b0d0ad0dd9038c66 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-on: https://gerrit.samba.org/37
* torture: Fix a torture crash with -O3Volker Lendecke2014-02-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When compiled with -O3, smbtorture can crash after the following valgrind trace: ==16944== Conditional jump or move depends on uninitialised value(s) ==16944== at 0x57FFAC3: ndr_push_unique_ptr (ndr_basic.c:730) ==16944== by 0x58CB855: ndr_push_spoolss_SetPrinterInfo (ndr_spoolss.c:7939) ==16944== by 0x58E2F95: ndr_push_spoolss_SetPrinter (ndr_spoolss.c:24724) ==16944== by 0x417C78C: dcerpc_binding_handle_call_send (binding_handle.c:410) ==16944== by 0x417C986: dcerpc_binding_handle_call (binding_handle.c:547) ==16944== by 0x522059C: dcerpc_spoolss_SetPrinter_r (ndr_spoolss_c.c:1722) ==16944== by 0x2853BD: test_sd_set_level (spoolss.c:1248) ==16944== by 0x28F146: test_PrinterInfo_SD (spoolss.c:1962) ==16944== by 0x2A3C31: test_EnumPrinters_old (spoolss.c:6589) ==16944== by 0x41F6D66: internal_torture_run_test.part.0 (torture.c:442) ==16944== by 0x41F711F: torture_run_tcase_restricted (torture.c:758) ==16944== by 0x2018E8: run_matching.isra.1 (smbtorture.c:103) ==16944== by 0x20176B: run_matching.isra.1 (smbtorture.c:95) ==16944== by 0x20176B: run_matching.isra.1 (smbtorture.c:95) ==16944== by 0x201C12: torture_run_named_tests (smbtorture.c:143) ==16944== by 0x202F5B: main (smbtorture.c:661) My assumption is that with optimization gcc makes use of the fact that the structures that this patch moves go out of scope. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Feb 28 21:27:11 CET 2014 on sn-devel-104
* torture: Fix a buffer overrunVolker Lendecke2014-02-281-2/+2
| | | | | | | | | | | In test_EnumPrinterDrivers we go up to driver level 8. In C, this means we are accessing the 9th entry in the following lines: ctx->driver_count[level] = count; ctx->drivers[level] = info; Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_get_string_option("host")Stefan Metzmacher2014-02-132-2/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_set_flags()Stefan Metzmacher2014-02-133-3/+11
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: use dcerpc_binding_set_abstract_syntax() in epmapper.cStefan Metzmacher2014-02-131-1/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_set_abstract_syntax() in epmapper.cStefan Metzmacher2014-02-131-3/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_set_flags()Stefan Metzmacher2014-02-135-19/+34
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_set_*() in torture_rpc_scanner()Stefan Metzmacher2014-02-131-1/+14
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_[g|s]et_transport()Stefan Metzmacher2014-02-134-22/+31
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_get_assoc_group_id() in handles.cStefan Metzmacher2014-02-131-6/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: make use of dcerpc_binding_set_*() in ↵Stefan Metzmacher2014-02-131-7/+18
| | | | | | | torture_rpc_connection_transport() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: use dcerpc_parse_binding() in epmapper.cStefan Metzmacher2014-02-131-7/+7
| | | | | | | This makes sure binding is talloc'ed. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: use dcerpc_binding_dup() before modifying the given bindingStefan Metzmacher2014-02-131-1/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: s/pipe/p/ in order to avoid compiler warningsStefan Metzmacher2014-02-131-7/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: fix rpc.scanner testStefan Metzmacher2014-02-111-13/+29
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: pass object down to test_Map_display()Stefan Metzmacher2014-02-111-5/+15
| | | | | | | We also pass the given tower unmodified first. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: print out the object guid in rpc.epmapper.epmapper.Lookup_simpleStefan Metzmacher2014-02-111-2/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: test all auth_types (8bit) in rpc.mgmtStefan Metzmacher2014-02-111-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: fix rpc.mgmt testStefan Metzmacher2014-02-111-1/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: remove unused variable in session_key.cStefan Metzmacher2014-02-111-4/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: remove unused variable in frsapi.cStefan Metzmacher2014-02-111-9/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: remove unused variable in dsgetinfo.cStefan Metzmacher2014-02-111-3/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
generated by cgit (git 2.34.1) at 2025-09-01 10:33:18 +0000