1/* 2 Unix SMB/CIFS implementation. 3 4 NBT dgram testing 5 6 Copyright (C) Andrew Tridgell 2005 7 8 This program is free software; you can redistribute it and/or modify 9 it under the terms of the GNU General Public License as published by 10 the Free Software Foundation; either version 3 of the License, or 11 (at your option) any later version. 12 13 This program is distributed in the hope that it will be useful, 14 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program. If not, see <http://www.gnu.org/licenses/>. 20*/ 21 22#include "includes.h" 23#include "libcli/dgram/libdgram.h" 24#include "librpc/gen_ndr/samr.h" 25#include "librpc/gen_ndr/ndr_nbt.h" 26#include "librpc/gen_ndr/ndr_netlogon.h" 27#include "lib/socket/socket.h" 28#include "lib/events/events.h" 29#include "torture/rpc/rpc.h" 30#include "libcli/resolve/resolve.h" 31#include "system/network.h" 32#include "lib/socket/netif.h" 33#include "param/param.h" 34 35#define TEST_NAME "TORTURE_TEST" 36 37/* 38 reply handler for netlogon request 39*/ 40static void netlogon_handler(struct dgram_mailslot_handler *dgmslot, 41 struct nbt_dgram_packet *packet, 42 struct socket_address *src) 43{ 44 NTSTATUS status; 45 struct nbt_netlogon_response *netlogon = dgmslot->private_data; 46 47 dgmslot->private_data = netlogon = talloc(dgmslot, struct nbt_netlogon_response); 48 49 if (!dgmslot->private_data) { 50 return; 51 } 52 53 printf("netlogon reply from %s:%d\n", src->addr, src->port); 54 55 /* Fills in the netlogon pointer */ 56 status = dgram_mailslot_netlogon_parse_response(dgmslot, netlogon, packet, netlogon); 57 if (!NT_STATUS_IS_OK(status)) { 58 printf("Failed to parse netlogon packet from %s:%d\n", 59 src->addr, src->port); 60 return; 61 } 62 63} 64 65 66/* test UDP/138 netlogon requests */ 67static bool nbt_test_netlogon(struct torture_context *tctx) 68{ 69 struct dgram_mailslot_handler *dgmslot; 70 struct nbt_dgram_socket *dgmsock = nbt_dgram_socket_init(tctx, tctx->ev, 71 lp_iconv_convenience(tctx->lp_ctx)); 72 struct socket_address *dest; 73 const char *myaddress; 74 struct nbt_netlogon_packet logon; 75 struct nbt_netlogon_response *response; 76 struct nbt_name myname; 77 NTSTATUS status; 78 struct timeval tv = timeval_current(); 79 80 struct socket_address *socket_address; 81 82 const char *address; 83 struct nbt_name name; 84 85 struct interface *ifaces; 86 87 name.name = lp_workgroup(tctx->lp_ctx); 88 name.type = NBT_NAME_LOGON; 89 name.scope = NULL; 90 91 /* do an initial name resolution to find its IP */ 92 torture_assert_ntstatus_ok(tctx, 93 resolve_name(lp_resolve_context(tctx->lp_ctx), &name, tctx, &address, tctx->ev), 94 talloc_asprintf(tctx, "Failed to resolve %s", name.name)); 95 96 load_interfaces(tctx, lp_interfaces(tctx->lp_ctx), &ifaces); 97 myaddress = talloc_strdup(dgmsock, iface_best_ip(ifaces, address)); 98 99 100 socket_address = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 101 myaddress, lp_dgram_port(tctx->lp_ctx)); 102 torture_assert(tctx, socket_address != NULL, "Error getting address"); 103 104 /* try receiving replies on port 138 first, which will only 105 work if we are root and smbd/nmbd are not running - fall 106 back to listening on any port, which means replies from 107 most windows versions won't be seen */ 108 status = socket_listen(dgmsock->sock, socket_address, 0, 0); 109 if (!NT_STATUS_IS_OK(status)) { 110 talloc_free(socket_address); 111 socket_address = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 112 myaddress, 0); 113 torture_assert(tctx, socket_address != NULL, "Error getting address"); 114 115 socket_listen(dgmsock->sock, socket_address, 0, 0); 116 } 117 118 /* setup a temporary mailslot listener for replies */ 119 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 120 netlogon_handler, NULL); 121 122 ZERO_STRUCT(logon); 123 logon.command = LOGON_PRIMARY_QUERY; 124 logon.req.pdc.computer_name = TEST_NAME; 125 logon.req.pdc.mailslot_name = dgmslot->mailslot_name; 126 logon.req.pdc.unicode_name = TEST_NAME; 127 logon.req.pdc.nt_version = 1; 128 logon.req.pdc.lmnt_token = 0xFFFF; 129 logon.req.pdc.lm20_token = 0xFFFF; 130 131 make_nbt_name_client(&myname, TEST_NAME); 132 133 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 134 address, lp_dgram_port(tctx->lp_ctx)); 135 torture_assert(tctx, dest != NULL, "Error getting address"); 136 137 status = dgram_mailslot_netlogon_send(dgmsock, &name, dest, 138 NBT_MAILSLOT_NETLOGON, 139 &myname, &logon); 140 torture_assert_ntstatus_ok(tctx, status, "Failed to send netlogon request"); 141 142 while (timeval_elapsed(&tv) < 5 && !dgmslot->private_data) { 143 event_loop_once(dgmsock->event_ctx); 144 } 145 146 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 147 148 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 149 150 torture_assert(tctx, response->response_type == NETLOGON_GET_PDC, "Got incorrect type of netlogon response"); 151 torture_assert(tctx, response->data.get_pdc.command == NETLOGON_RESPONSE_FROM_PDC, "Got incorrect netlogon response command"); 152 153 return true; 154} 155 156 157/* test UDP/138 netlogon requests */ 158static bool nbt_test_netlogon2(struct torture_context *tctx) 159{ 160 struct dgram_mailslot_handler *dgmslot; 161 struct nbt_dgram_socket *dgmsock = nbt_dgram_socket_init(tctx, tctx->ev, 162 lp_iconv_convenience(tctx->lp_ctx)); 163 struct socket_address *dest; 164 const char *myaddress; 165 struct nbt_netlogon_packet logon; 166 struct nbt_netlogon_response *response; 167 struct nbt_name myname; 168 NTSTATUS status; 169 struct timeval tv = timeval_current(); 170 171 struct socket_address *socket_address; 172 173 const char *address; 174 struct nbt_name name; 175 176 struct interface *ifaces; 177 struct test_join *join_ctx; 178 struct cli_credentials *machine_credentials; 179 const struct dom_sid *dom_sid; 180 181 name.name = lp_workgroup(tctx->lp_ctx); 182 name.type = NBT_NAME_LOGON; 183 name.scope = NULL; 184 185 /* do an initial name resolution to find its IP */ 186 torture_assert_ntstatus_ok(tctx, 187 resolve_name(lp_resolve_context(tctx->lp_ctx), &name, tctx, &address, tctx->ev), 188 talloc_asprintf(tctx, "Failed to resolve %s", name.name)); 189 190 load_interfaces(tctx, lp_interfaces(tctx->lp_ctx), &ifaces); 191 myaddress = talloc_strdup(dgmsock, iface_best_ip(ifaces, address)); 192 193 socket_address = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 194 myaddress, lp_dgram_port(tctx->lp_ctx)); 195 torture_assert(tctx, socket_address != NULL, "Error getting address"); 196 197 /* try receiving replies on port 138 first, which will only 198 work if we are root and smbd/nmbd are not running - fall 199 back to listening on any port, which means replies from 200 some windows versions won't be seen */ 201 status = socket_listen(dgmsock->sock, socket_address, 0, 0); 202 if (!NT_STATUS_IS_OK(status)) { 203 talloc_free(socket_address); 204 socket_address = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 205 myaddress, 0); 206 torture_assert(tctx, socket_address != NULL, "Error getting address"); 207 208 socket_listen(dgmsock->sock, socket_address, 0, 0); 209 } 210 211 /* setup a temporary mailslot listener for replies */ 212 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 213 netlogon_handler, NULL); 214 215 216 ZERO_STRUCT(logon); 217 logon.command = LOGON_SAM_LOGON_REQUEST; 218 logon.req.logon.request_count = 0; 219 logon.req.logon.computer_name = TEST_NAME; 220 logon.req.logon.user_name = ""; 221 logon.req.logon.mailslot_name = dgmslot->mailslot_name; 222 logon.req.logon.nt_version = NETLOGON_NT_VERSION_5EX_WITH_IP|NETLOGON_NT_VERSION_5|NETLOGON_NT_VERSION_1; 223 logon.req.logon.lmnt_token = 0xFFFF; 224 logon.req.logon.lm20_token = 0xFFFF; 225 226 make_nbt_name_client(&myname, TEST_NAME); 227 228 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 229 address, lp_dgram_port(tctx->lp_ctx)); 230 231 torture_assert(tctx, dest != NULL, "Error getting address"); 232 status = dgram_mailslot_netlogon_send(dgmsock, &name, dest, 233 NBT_MAILSLOT_NETLOGON, 234 &myname, &logon); 235 torture_assert_ntstatus_ok(tctx, status, "Failed to send netlogon request"); 236 237 while (timeval_elapsed(&tv) < 5 && dgmslot->private_data == NULL) { 238 event_loop_once(dgmsock->event_ctx); 239 } 240 241 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 242 243 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 244 245 torture_assert_int_equal(tctx, response->response_type, NETLOGON_SAMLOGON, "Got incorrect type of netlogon response"); 246 map_netlogon_samlogon_response(&response->data.samlogon); 247 248 torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX, "Got incorrect netlogon response command"); 249 torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.nt_version, NETLOGON_NT_VERSION_5EX_WITH_IP|NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_1, "Got incorrect netlogon response command"); 250 251 /* setup (another) temporary mailslot listener for replies */ 252 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 253 netlogon_handler, NULL); 254 255 ZERO_STRUCT(logon); 256 logon.command = LOGON_SAM_LOGON_REQUEST; 257 logon.req.logon.request_count = 0; 258 logon.req.logon.computer_name = TEST_NAME; 259 logon.req.logon.user_name = TEST_NAME"$"; 260 logon.req.logon.mailslot_name = dgmslot->mailslot_name; 261 logon.req.logon.nt_version = 1; 262 logon.req.logon.lmnt_token = 0xFFFF; 263 logon.req.logon.lm20_token = 0xFFFF; 264 265 make_nbt_name_client(&myname, TEST_NAME); 266 267 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 268 address, lp_dgram_port(tctx->lp_ctx)); 269 270 torture_assert(tctx, dest != NULL, "Error getting address"); 271 status = dgram_mailslot_netlogon_send(dgmsock, &name, dest, 272 NBT_MAILSLOT_NETLOGON, 273 &myname, &logon); 274 torture_assert_ntstatus_ok(tctx, status, "Failed to send netlogon request"); 275 276 while (timeval_elapsed(&tv) < 5 && dgmslot->private_data == NULL) { 277 event_loop_once(dgmsock->event_ctx); 278 } 279 280 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 281 282 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 283 284 torture_assert_int_equal(tctx, response->response_type, NETLOGON_SAMLOGON, "Got incorrect type of netlogon response"); 285 map_netlogon_samlogon_response(&response->data.samlogon); 286 287 torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN, "Got incorrect netlogon response command"); 288 289 torture_assert_str_equal(tctx, response->data.samlogon.data.nt5_ex.user_name, TEST_NAME"$", "Got incorrect user in netlogon response"); 290 291 join_ctx = torture_join_domain(tctx, TEST_NAME, 292 ACB_WSTRUST, &machine_credentials); 293 294 torture_assert(tctx, join_ctx != NULL, 295 talloc_asprintf(tctx, "Failed to join domain %s as %s\n", 296 lp_workgroup(tctx->lp_ctx), TEST_NAME)); 297 298 dom_sid = torture_join_sid(join_ctx); 299 300 /* setup (another) temporary mailslot listener for replies */ 301 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 302 netlogon_handler, NULL); 303 304 ZERO_STRUCT(logon); 305 logon.command = LOGON_SAM_LOGON_REQUEST; 306 logon.req.logon.request_count = 0; 307 logon.req.logon.computer_name = TEST_NAME; 308 logon.req.logon.user_name = TEST_NAME"$"; 309 logon.req.logon.mailslot_name = dgmslot->mailslot_name; 310 logon.req.logon.sid = *dom_sid; 311 logon.req.logon.nt_version = 1; 312 logon.req.logon.lmnt_token = 0xFFFF; 313 logon.req.logon.lm20_token = 0xFFFF; 314 315 make_nbt_name_client(&myname, TEST_NAME); 316 317 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 318 address, lp_dgram_port(tctx->lp_ctx)); 319 320 torture_assert(tctx, dest != NULL, "Error getting address"); 321 status = dgram_mailslot_netlogon_send(dgmsock, &name, dest, 322 NBT_MAILSLOT_NETLOGON, 323 &myname, &logon); 324 torture_assert_ntstatus_ok(tctx, status, "Failed to send netlogon request"); 325 326 327 while (timeval_elapsed(&tv) < 5 && dgmslot->private_data == NULL) { 328 event_loop_once(dgmsock->event_ctx); 329 } 330 331 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 332 333 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 334 335 torture_assert_int_equal(tctx, response->response_type, NETLOGON_SAMLOGON, "Got incorrect type of netlogon response"); 336 map_netlogon_samlogon_response(&response->data.samlogon); 337 338 torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN, "Got incorrect netlogon response command"); 339 340 /* setup (another) temporary mailslot listener for replies */ 341 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 342 netlogon_handler, NULL); 343 344 torture_assert(tctx, dgmslot != NULL, "Error getting a Mailslot for GetDC reply"); 345 346 ZERO_STRUCT(logon); 347 logon.command = LOGON_SAM_LOGON_REQUEST; 348 logon.req.logon.request_count = 0; 349 logon.req.logon.computer_name = TEST_NAME; 350 logon.req.logon.user_name = TEST_NAME"$"; 351 logon.req.logon.mailslot_name = dgmslot->mailslot_name; 352 logon.req.logon.sid = *dom_sid; 353 logon.req.logon.acct_control = ACB_WSTRUST; 354 logon.req.logon.nt_version = 1; 355 logon.req.logon.lmnt_token = 0xFFFF; 356 logon.req.logon.lm20_token = 0xFFFF; 357 358 make_nbt_name_client(&myname, TEST_NAME); 359 360 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 361 address, lp_dgram_port(tctx->lp_ctx)); 362 363 torture_assert(tctx, dest != NULL, "Error getting address"); 364 status = dgram_mailslot_netlogon_send(dgmsock, &name, dest, 365 NBT_MAILSLOT_NETLOGON, 366 &myname, &logon); 367 torture_assert_ntstatus_ok(tctx, status, "Failed to send netlogon request"); 368 369 370 while (timeval_elapsed(&tv) < 5 && dgmslot->private_data == NULL) { 371 event_loop_once(dgmsock->event_ctx); 372 } 373 374 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 375 376 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 377 378 torture_assert_int_equal(tctx, response->response_type, NETLOGON_SAMLOGON, "Got incorrect type of netlogon response"); 379 map_netlogon_samlogon_response(&response->data.samlogon); 380 381 torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE, "Got incorrect netlogon response command"); 382 383 dgmslot->private_data = NULL; 384 385 ZERO_STRUCT(logon); 386 logon.command = LOGON_SAM_LOGON_REQUEST; 387 logon.req.logon.request_count = 0; 388 logon.req.logon.computer_name = TEST_NAME; 389 logon.req.logon.user_name = TEST_NAME"$"; 390 logon.req.logon.mailslot_name = dgmslot->mailslot_name; 391 logon.req.logon.sid = *dom_sid; 392 logon.req.logon.acct_control = ACB_NORMAL; 393 logon.req.logon.nt_version = 1; 394 logon.req.logon.lmnt_token = 0xFFFF; 395 logon.req.logon.lm20_token = 0xFFFF; 396 397 make_nbt_name_client(&myname, TEST_NAME); 398 399 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 400 address, lp_dgram_port(tctx->lp_ctx)); 401 402 torture_assert(tctx, dest != NULL, "Error getting address"); 403 status = dgram_mailslot_netlogon_send(dgmsock, &name, dest, 404 NBT_MAILSLOT_NETLOGON, 405 &myname, &logon); 406 torture_assert_ntstatus_ok(tctx, status, "Failed to send netlogon request"); 407 408 409 while (timeval_elapsed(&tv) < 5 && dgmslot->private_data == NULL) { 410 event_loop_once(dgmsock->event_ctx); 411 } 412 413 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 414 415 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 416 417 torture_assert_int_equal(tctx, response->response_type, NETLOGON_SAMLOGON, "Got incorrect type of netlogon response"); 418 map_netlogon_samlogon_response(&response->data.samlogon); 419 420 torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN, "Got incorrect netlogon response command"); 421 422 torture_leave_domain(tctx, join_ctx); 423 return true; 424} 425 426 427/* test UDP/138 ntlogon requests */ 428static bool nbt_test_ntlogon(struct torture_context *tctx) 429{ 430 struct dgram_mailslot_handler *dgmslot; 431 struct nbt_dgram_socket *dgmsock = nbt_dgram_socket_init(tctx, tctx->ev, 432 lp_iconv_convenience(tctx->lp_ctx)); 433 struct socket_address *dest; 434 struct test_join *join_ctx; 435 const struct dom_sid *dom_sid; 436 struct cli_credentials *machine_credentials; 437 438 const char *myaddress; 439 struct nbt_netlogon_packet logon; 440 struct nbt_netlogon_response *response; 441 struct nbt_name myname; 442 NTSTATUS status; 443 struct timeval tv = timeval_current(); 444 445 struct socket_address *socket_address; 446 const char *address; 447 struct nbt_name name; 448 449 struct interface *ifaces; 450 451 name.name = lp_workgroup(tctx->lp_ctx); 452 name.type = NBT_NAME_LOGON; 453 name.scope = NULL; 454 455 /* do an initial name resolution to find its IP */ 456 torture_assert_ntstatus_ok(tctx, 457 resolve_name(lp_resolve_context(tctx->lp_ctx), &name, tctx, &address, tctx->ev), 458 talloc_asprintf(tctx, "Failed to resolve %s", name.name)); 459 460 load_interfaces(tctx, lp_interfaces(tctx->lp_ctx), &ifaces); 461 myaddress = talloc_strdup(dgmsock, iface_best_ip(ifaces, address)); 462 463 socket_address = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 464 myaddress, lp_dgram_port(tctx->lp_ctx)); 465 torture_assert(tctx, socket_address != NULL, "Error getting address"); 466 467 /* try receiving replies on port 138 first, which will only 468 work if we are root and smbd/nmbd are not running - fall 469 back to listening on any port, which means replies from 470 most windows versions won't be seen */ 471 status = socket_listen(dgmsock->sock, socket_address, 0, 0); 472 if (!NT_STATUS_IS_OK(status)) { 473 talloc_free(socket_address); 474 socket_address = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 475 myaddress, 0); 476 torture_assert(tctx, socket_address != NULL, "Error getting address"); 477 478 socket_listen(dgmsock->sock, socket_address, 0, 0); 479 } 480 481 join_ctx = torture_join_domain(tctx, TEST_NAME, 482 ACB_WSTRUST, &machine_credentials); 483 dom_sid = torture_join_sid(join_ctx); 484 485 torture_assert(tctx, join_ctx != NULL, 486 talloc_asprintf(tctx, "Failed to join domain %s as %s\n", 487 lp_workgroup(tctx->lp_ctx), TEST_NAME)); 488 489 /* setup a temporary mailslot listener for replies */ 490 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 491 netlogon_handler, NULL); 492 493 494 ZERO_STRUCT(logon); 495 logon.command = LOGON_SAM_LOGON_REQUEST; 496 logon.req.logon.request_count = 0; 497 logon.req.logon.computer_name = TEST_NAME; 498 logon.req.logon.user_name = TEST_NAME"$"; 499 logon.req.logon.mailslot_name = dgmslot->mailslot_name; 500 logon.req.logon.acct_control = ACB_WSTRUST; 501 /* Try with a SID this time */ 502 logon.req.logon.sid = *dom_sid; 503 logon.req.logon.nt_version = 1; 504 logon.req.logon.lmnt_token = 0xFFFF; 505 logon.req.logon.lm20_token = 0xFFFF; 506 507 make_nbt_name_client(&myname, TEST_NAME); 508 509 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 510 address, lp_dgram_port(tctx->lp_ctx)); 511 torture_assert(tctx, dest != NULL, "Error getting address"); 512 status = dgram_mailslot_netlogon_send(dgmsock, 513 &name, dest, 514 NBT_MAILSLOT_NTLOGON, 515 &myname, &logon); 516 torture_assert_ntstatus_ok(tctx, status, "Failed to send ntlogon request"); 517 518 while (timeval_elapsed(&tv) < 5 && dgmslot->private_data == NULL) { 519 event_loop_once(dgmsock->event_ctx); 520 } 521 522 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 523 524 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 525 526 torture_assert_int_equal(tctx, response->response_type, NETLOGON_SAMLOGON, "Got incorrect type of netlogon response"); 527 map_netlogon_samlogon_response(&response->data.samlogon); 528 529 torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE, "Got incorrect netlogon response command"); 530 531 torture_assert_str_equal(tctx, response->data.samlogon.data.nt5_ex.user_name, TEST_NAME"$", "Got incorrect user in netlogon response"); 532 533 534 /* setup a temporary mailslot listener for replies */ 535 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 536 netlogon_handler, NULL); 537 538 539 ZERO_STRUCT(logon); 540 logon.command = LOGON_SAM_LOGON_REQUEST; 541 logon.req.logon.request_count = 0; 542 logon.req.logon.computer_name = TEST_NAME; 543 logon.req.logon.user_name = TEST_NAME"$"; 544 logon.req.logon.mailslot_name = dgmslot->mailslot_name; 545 logon.req.logon.acct_control = ACB_WSTRUST; 546 /* Leave sid as all zero */ 547 logon.req.logon.nt_version = 1; 548 logon.req.logon.lmnt_token = 0xFFFF; 549 logon.req.logon.lm20_token = 0xFFFF; 550 551 make_nbt_name_client(&myname, TEST_NAME); 552 553 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 554 address, lp_dgram_port(tctx->lp_ctx)); 555 torture_assert(tctx, dest != NULL, "Error getting address"); 556 status = dgram_mailslot_netlogon_send(dgmsock, 557 &name, dest, 558 NBT_MAILSLOT_NTLOGON, 559 &myname, &logon); 560 torture_assert_ntstatus_ok(tctx, status, "Failed to send ntlogon request"); 561 562 while (timeval_elapsed(&tv) < 5 && dgmslot->private_data == NULL) { 563 event_loop_once(dgmsock->event_ctx); 564 } 565 566 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 567 568 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 569 570 torture_assert_int_equal(tctx, response->response_type, NETLOGON_SAMLOGON, "Got incorrect type of netlogon response"); 571 map_netlogon_samlogon_response(&response->data.samlogon); 572 573 torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE, "Got incorrect netlogon response command"); 574 575 torture_assert_str_equal(tctx, response->data.samlogon.data.nt5_ex.user_name, TEST_NAME"$", "Got incorrect user in netlogon response"); 576 577 578 /* setup (another) temporary mailslot listener for replies */ 579 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 580 netlogon_handler, NULL); 581 582 ZERO_STRUCT(logon); 583 logon.command = LOGON_PRIMARY_QUERY; 584 logon.req.pdc.computer_name = TEST_NAME; 585 logon.req.pdc.mailslot_name = dgmslot->mailslot_name; 586 logon.req.pdc.unicode_name = TEST_NAME; 587 logon.req.pdc.nt_version = 1; 588 logon.req.pdc.lmnt_token = 0xFFFF; 589 logon.req.pdc.lm20_token = 0xFFFF; 590 591 make_nbt_name_client(&myname, TEST_NAME); 592 593 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 594 address, lp_dgram_port(tctx->lp_ctx)); 595 torture_assert(tctx, dest != NULL, "Error getting address"); 596 status = dgram_mailslot_netlogon_send(dgmsock, 597 &name, dest, 598 NBT_MAILSLOT_NTLOGON, 599 &myname, &logon); 600 torture_assert_ntstatus_ok(tctx, status, "Failed to send ntlogon request"); 601 602 while (timeval_elapsed(&tv) < 5 && !dgmslot->private_data) { 603 event_loop_once(dgmsock->event_ctx); 604 } 605 606 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 607 608 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 609 610 torture_assert_int_equal(tctx, response->response_type, NETLOGON_GET_PDC, "Got incorrect type of ntlogon response"); 611 torture_assert_int_equal(tctx, response->data.get_pdc.command, NETLOGON_RESPONSE_FROM_PDC, "Got incorrect ntlogon response command"); 612 613 torture_leave_domain(tctx, join_ctx); 614 615 /* setup (another) temporary mailslot listener for replies */ 616 dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC, 617 netlogon_handler, NULL); 618 619 ZERO_STRUCT(logon); 620 logon.command = LOGON_PRIMARY_QUERY; 621 logon.req.pdc.computer_name = TEST_NAME; 622 logon.req.pdc.mailslot_name = dgmslot->mailslot_name; 623 logon.req.pdc.unicode_name = TEST_NAME; 624 logon.req.pdc.nt_version = 1; 625 logon.req.pdc.lmnt_token = 0xFFFF; 626 logon.req.pdc.lm20_token = 0xFFFF; 627 628 make_nbt_name_client(&myname, TEST_NAME); 629 630 dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name, 631 address, lp_dgram_port(tctx->lp_ctx)); 632 torture_assert(tctx, dest != NULL, "Error getting address"); 633 status = dgram_mailslot_netlogon_send(dgmsock, 634 &name, dest, 635 NBT_MAILSLOT_NTLOGON, 636 &myname, &logon); 637 torture_assert_ntstatus_ok(tctx, status, "Failed to send ntlogon request"); 638 639 while (timeval_elapsed(&tv) < 5 && !dgmslot->private_data) { 640 event_loop_once(dgmsock->event_ctx); 641 } 642 643 response = talloc_get_type(dgmslot->private_data, struct nbt_netlogon_response); 644 645 torture_assert(tctx, response != NULL, "Failed to receive a netlogon reply packet"); 646 647 torture_assert_int_equal(tctx, response->response_type, NETLOGON_GET_PDC, "Got incorrect type of ntlogon response"); 648 torture_assert_int_equal(tctx, response->data.get_pdc.command, NETLOGON_RESPONSE_FROM_PDC, "Got incorrect ntlogon response command"); 649 650 651 return true; 652} 653 654 655/* 656 test nbt dgram operations 657*/ 658struct torture_suite *torture_nbt_dgram(TALLOC_CTX *mem_ctx) 659{ 660 struct torture_suite *suite = torture_suite_create(mem_ctx, "DGRAM"); 661 662 torture_suite_add_simple_test(suite, "netlogon", nbt_test_netlogon); 663 torture_suite_add_simple_test(suite, "netlogon2", nbt_test_netlogon2); 664 torture_suite_add_simple_test(suite, "ntlogon", nbt_test_ntlogon); 665 666 return suite; 667} 668