source: trunk/server/source4/torture/ndr/netlogon.c

Last change on this file was 745, checked in by Silvan Scherrer, 13 years ago

Samba Server: updated trunk to 3.6.0
File size: 12.0 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 test suite for netlogon ndr operations
4
5 Copyright (C) Jelmer Vernooij 2007
6 Copyright (C) Guenther Deschner 2011
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20*/
21
22#include "includes.h"
23#include "torture/ndr/ndr.h"
24#include "librpc/gen_ndr/ndr_netlogon.h"
25
26static const uint8_t netrserverauthenticate3_in_data[] = {
27 0xb0, 0x2e, 0x0a, 0x00, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
28 0x18, 0x00, 0x00, 0x00, 0x5c, 0x00, 0x5c, 0x00, 0x4e, 0x00, 0x41, 0x00,
29 0x54, 0x00, 0x49, 0x00, 0x56, 0x00, 0x45, 0x00, 0x2d, 0x00, 0x44, 0x00,
30 0x43, 0x00, 0x2e, 0x00, 0x4e, 0x00, 0x41, 0x00, 0x54, 0x00, 0x49, 0x00,
31 0x56, 0x00, 0x45, 0x00, 0x2e, 0x00, 0x42, 0x00, 0x41, 0x00, 0x53, 0x00,
32 0x45, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
33 0x0b, 0x00, 0x00, 0x00, 0x4e, 0x00, 0x41, 0x00, 0x54, 0x00, 0x49, 0x00,
34 0x56, 0x00, 0x45, 0x00, 0x2d, 0x00, 0x32, 0x00, 0x4b, 0x00, 0x24, 0x00,
35 0x00, 0x00, 0x02, 0x00, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
36 0x0a, 0x00, 0x00, 0x00, 0x4e, 0x00, 0x41, 0x00, 0x54, 0x00, 0x49, 0x00,
37 0x56, 0x00, 0x45, 0x00, 0x2d, 0x00, 0x32, 0x00, 0x4b, 0x00, 0x00, 0x00,
38 0x68, 0x8e, 0x3c, 0xdf, 0x23, 0x02, 0xb1, 0x51, 0xff, 0xff, 0x07, 0x60
39};
40
41static bool netrserverauthenticate3_in_check(struct torture_context *tctx,
42 struct netr_ServerAuthenticate3 *r)
43{
44 uint8_t cred_expected[8] = { 0x68, 0x8e, 0x3c, 0xdf, 0x23, 0x02, 0xb1, 0x51 };
45 torture_assert_str_equal(tctx, r->in.server_name, "\\\\NATIVE-DC.NATIVE.BASE", "server name");
46 torture_assert_str_equal(tctx, r->in.account_name, "NATIVE-2K$", "account name");
47 torture_assert_int_equal(tctx, r->in.secure_channel_type, 2, "secure channel type");
48 torture_assert_str_equal(tctx, r->in.computer_name, "NATIVE-2K", "computer name");
49 torture_assert_int_equal(tctx, *r->in.negotiate_flags, 0x6007ffff, "negotiate flags");
50 torture_assert_mem_equal(tctx, cred_expected, r->in.credentials->data, 8, "credentials");
51 return true;
52}
53
54static const uint8_t netrserverauthenticate3_out_data[] = {
55 0x22, 0x0c, 0x86, 0x8a, 0xe9, 0x92, 0x93, 0xc9, 0xff, 0xff, 0x07, 0x60,
56 0x54, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
57};
58
59static bool netrserverauthenticate3_out_check(struct torture_context *tctx,
60 struct netr_ServerAuthenticate3 *r)
61{
62 uint8_t cred_expected[8] = { 0x22, 0x0c, 0x86, 0x8a, 0xe9, 0x92, 0x93, 0xc9 };
63 torture_assert_mem_equal(tctx, cred_expected, r->out.return_credentials->data, 8, "return_credentials");
64 torture_assert_int_equal(tctx, *r->out.negotiate_flags, 0x6007ffff, "negotiate flags");
65 torture_assert_int_equal(tctx, *r->out.rid, 0x454, "rid");
66 torture_assert_ntstatus_ok(tctx, r->out.result, "return code");
67
68 return true;
69}
70
71static const uint8_t netrserverreqchallenge_in_data[] = {
72 0xb0, 0x2e, 0x0a, 0x00, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
73 0x18, 0x00, 0x00, 0x00, 0x5c, 0x00, 0x5c, 0x00, 0x4e, 0x00, 0x41, 0x00,
74 0x54, 0x00, 0x49, 0x00, 0x56, 0x00, 0x45, 0x00, 0x2d, 0x00, 0x44, 0x00,
75 0x43, 0x00, 0x2e, 0x00, 0x4e, 0x00, 0x41, 0x00, 0x54, 0x00, 0x49, 0x00,
76 0x56, 0x00, 0x45, 0x00, 0x2e, 0x00, 0x42, 0x00, 0x41, 0x00, 0x53, 0x00,
77 0x45, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
78 0x0a, 0x00, 0x00, 0x00, 0x4e, 0x00, 0x41, 0x00, 0x54, 0x00, 0x49, 0x00,
79 0x56, 0x00, 0x45, 0x00, 0x2d, 0x00, 0x32, 0x00, 0x4b, 0x00, 0x00, 0x00,
80 0xa3, 0x2c, 0xa2, 0x95, 0x40, 0xcc, 0xb7, 0xbb
81};
82
83static bool netrserverreqchallenge_in_check(struct torture_context *tctx,
84 struct netr_ServerReqChallenge *r)
85{
86 uint8_t cred_expected[8] = { 0xa3, 0x2c, 0xa2, 0x95, 0x40, 0xcc, 0xb7, 0xbb };
87 torture_assert_str_equal(tctx, r->in.server_name, "\\\\NATIVE-DC.NATIVE.BASE", "server name");
88 torture_assert_str_equal(tctx, r->in.computer_name, "NATIVE-2K", "account name");
89 torture_assert_mem_equal(tctx, cred_expected, r->in.credentials->data, 8, "credentials");
90
91 return true;
92}
93
94static const uint8_t netrserverreqchallenge_out_data[] = {
95 0x22, 0xfc, 0xc1, 0x17, 0xc0, 0xae, 0x27, 0x8e, 0x00, 0x00, 0x00, 0x00
96};
97
98static bool netrserverreqchallenge_out_check(struct torture_context *tctx,
99 struct netr_ServerReqChallenge *r)
100{
101 uint8_t cred_expected[8] = { 0x22, 0xfc, 0xc1, 0x17, 0xc0, 0xae, 0x27, 0x8e };
102 torture_assert_mem_equal(tctx, cred_expected, r->out.return_credentials->data, 8, "return_credentials");
103 torture_assert_ntstatus_ok(tctx, r->out.result, "return code");
104
105 return true;
106}
107
108static const uint8_t netrlogonsamlogon_w2k_in_data[] = {
109 0x00, 0x00, 0x02, 0x00, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
110 0x09, 0x00, 0x00, 0x00, 0x5c, 0x00, 0x5c, 0x00, 0x57, 0x00, 0x32, 0x00,
111 0x4b, 0x00, 0x53, 0x00, 0x52, 0x00, 0x56, 0x00, 0x00, 0x00, 0x00, 0x00,
112 0x04, 0x00, 0x02, 0x00, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
113 0x09, 0x00, 0x00, 0x00, 0x4d, 0x00, 0x54, 0x00, 0x48, 0x00, 0x45, 0x00,
114 0x4c, 0x00, 0x45, 0x00, 0x4e, 0x00, 0x41, 0x00, 0x00, 0x00, 0x00, 0x00,
115 0x08, 0x00, 0x02, 0x00, 0x08, 0xaf, 0x72, 0x50, 0xa0, 0x5b, 0x50, 0x19,
116 0x02, 0xc3, 0x39, 0x4d, 0x0c, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
117 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00,
118 0x10, 0x00, 0x02, 0x00, 0x0c, 0x00, 0x0c, 0x00, 0x14, 0x00, 0x02, 0x00,
119 0x00, 0x00, 0x00, 0x00, 0xad, 0xde, 0x00, 0x00, 0xef, 0xbe, 0x00, 0x00,
120 0x1a, 0x00, 0x1a, 0x00, 0x18, 0x00, 0x02, 0x00, 0x14, 0x00, 0x14, 0x00,
121 0x1c, 0x00, 0x02, 0x00, 0x31, 0xeb, 0xf4, 0x68, 0x62, 0x93, 0xfe, 0x38,
122 0x51, 0xc1, 0x1d, 0x41, 0x0a, 0xbd, 0x5d, 0xdf, 0xe3, 0x4f, 0x76, 0x7f,
123 0x19, 0x12, 0xcd, 0xfe, 0x9c, 0x68, 0xed, 0x9b, 0x1e, 0x9c, 0x66, 0xf6,
124 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00,
125 0x57, 0x00, 0x32, 0x00, 0x4b, 0x00, 0x44, 0x00, 0x4f, 0x00, 0x4d, 0x00,
126 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x00, 0x00,
127 0x61, 0x00, 0x64, 0x00, 0x6d, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x69, 0x00,
128 0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00, 0x74, 0x00, 0x6f, 0x00,
129 0x72, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
130 0x0a, 0x00, 0x00, 0x00, 0x5c, 0x00, 0x5c, 0x00, 0x6d, 0x00, 0x74, 0x00,
131 0x68, 0x00, 0x65, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x6e, 0x00, 0x61, 0x00,
132 0x06, 0x00
133};
134
135static bool netrlogonsamlogon_w2k_in_check(struct torture_context *tctx,
136 struct netr_LogonSamLogon *r)
137{
138 uint8_t credential_expected[8] = { 0x08, 0xaf, 0x72, 0x50, 0xa0, 0x5b, 0x50, 0x19 };
139 uint8_t return_authenticator_expected[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
140 uint8_t lmpassword_expected[16] = { 0x31, 0xeb, 0xf4, 0x68, 0x62, 0x93, 0xfe, 0x38, 0x51, 0xc1, 0x1d, 0x41, 0x0a, 0xbd, 0x5d, 0xdf };
141 uint8_t ntpassword_expected[16] = { 0xe3, 0x4f, 0x76, 0x7f, 0x19, 0x12, 0xcd, 0xfe, 0x9c, 0x68, 0xed, 0x9b, 0x1e, 0x9c, 0x66, 0xf6 };
142
143 torture_assert_str_equal(tctx, r->in.server_name, "\\\\W2KSRV", "server_name");
144 torture_assert_str_equal(tctx, r->in.computer_name, "MTHELENA", "computer_name");
145 torture_assert_mem_equal(tctx, r->in.credential->cred.data, credential_expected, 8, "credential");
146/* torture_assert_int_equal(tctx, r->in.credential->timestamp, 0, "credential.timestamp"); */
147 torture_assert_mem_equal(tctx, r->in.return_authenticator->cred.data, return_authenticator_expected, 8, "return_authenticator.cred.data");
148 torture_assert_int_equal(tctx, r->in.return_authenticator->timestamp, 0, "return_authenticator.timestamp");
149 torture_assert_int_equal(tctx, r->in.logon_level, NetlogonInteractiveInformation, "logon_level");
150 torture_assert(tctx, r->in.logon, "logon NULL pointer");
151 torture_assert(tctx, r->in.logon->password, "logon->password NULL pointer");
152 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.domain_name.length, 12, "domain_name.length");
153 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.domain_name.size, 12, "domain_name.size");
154 torture_assert_str_equal(tctx, r->in.logon->password->identity_info.domain_name.string, "W2KDOM", "domain_name.string");
155 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.parameter_control, 0, "parameter_control");
156 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.logon_id_low, 0xdead, "logon_id_low");
157 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.logon_id_high, 0xbeef, "logon_id_high");
158 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.account_name.length, 26, "account_name.length");
159 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.account_name.size, 26, "account_name.size");
160 torture_assert_str_equal(tctx, r->in.logon->password->identity_info.account_name.string, "administrator", "account_name.string");
161 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.workstation.length, 20, "workstation.length");
162 torture_assert_int_equal(tctx, r->in.logon->password->identity_info.workstation.size, 20, "workstation.size");
163 torture_assert_str_equal(tctx, r->in.logon->password->identity_info.workstation.string, "\\\\mthelena", "workstation.string");
164 torture_assert_mem_equal(tctx, r->in.logon->password->lmpassword.hash, lmpassword_expected, 16, "lmpassword");
165 torture_assert_mem_equal(tctx, r->in.logon->password->ntpassword.hash, ntpassword_expected, 16, "ntpassword");
166 torture_assert_int_equal(tctx, r->in.validation_level, 6, "validation_level");
167
168 return true;
169}
170
171static const uint8_t netrlogonsamlogon_w2k_out_data[] = {
172 0x6c, 0xdb, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
173 0x00, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
174 0x03, 0x00, 0x00, 0xc0
175};
176
177static bool netrlogonsamlogon_w2k_out_check(struct torture_context *tctx,
178 struct netr_LogonSamLogon *r)
179{
180 uint8_t return_authenticator_expected[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
181
182 torture_assert_mem_equal(tctx, r->out.return_authenticator->cred.data, return_authenticator_expected, 8, "return_authenticator.cred.data");
183 torture_assert_int_equal(tctx, r->out.return_authenticator->timestamp, 0, "return_authenticator.timestamp");
184 torture_assert(tctx, r->out.validation, "validation NULL pointer");
185 torture_assert(tctx, (r->out.validation->sam6 == NULL), "sam6 not NULL");
186 torture_assert_int_equal(tctx, *r->out.authoritative, 1, "authoritative");
187 torture_assert_ntstatus_equal(tctx, r->out.result, NT_STATUS_INVALID_INFO_CLASS, "unexpected result");
188
189 return true;
190}
191
192struct torture_suite *ndr_netlogon_suite(TALLOC_CTX *ctx)
193{
194 struct torture_suite *suite = torture_suite_create(ctx, "netlogon");
195
196 torture_suite_add_ndr_pull_fn_test(suite, netr_ServerReqChallenge, netrserverreqchallenge_in_data, NDR_IN, netrserverreqchallenge_in_check );
197 torture_suite_add_ndr_pull_fn_test(suite, netr_ServerReqChallenge, netrserverreqchallenge_out_data, NDR_OUT, netrserverreqchallenge_out_check );
198
199 torture_suite_add_ndr_pull_fn_test(suite, netr_ServerAuthenticate3, netrserverauthenticate3_in_data, NDR_IN, netrserverauthenticate3_in_check );
200 torture_suite_add_ndr_pull_fn_test(suite, netr_ServerAuthenticate3, netrserverauthenticate3_out_data, NDR_OUT, netrserverauthenticate3_out_check );
201
202 torture_suite_add_ndr_pull_fn_test(suite, netr_LogonSamLogon, netrlogonsamlogon_w2k_in_data, NDR_IN, netrlogonsamlogon_w2k_in_check );
203#if 0
204 /* samba currently fails to parse a validation level 6 samlogon reply
205 * from w2k and other servers - gd */
206 torture_suite_add_ndr_pull_io_test(suite, netr_LogonSamLogon, netrlogonsamlogon_w2k_in_data, netrlogonsamlogon_w2k_out_data, netrlogonsamlogon_w2k_out_check);
207#endif
208
209 return suite;
210}
Note: See TracBrowser for help on using the repository browser.