Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

eventlog.c

Visit:

Last change on this file was 745, checked in by Silvan Scherrer, 13 years ago
Samba Server: updated trunk to 3.6.0
File size: 14.3 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3	test suite for eventlog rpc operations
4
5	Copyright (C) Tim Potter 2003,2005
6	Copyright (C) Jelmer Vernooij 2004
7	Copyright (C) Guenther Deschner 2009
8
9	This program is free software; you can redistribute it and/or modify
10	it under the terms of the GNU General Public License as published by
11	the Free Software Foundation; either version 3 of the License, or
12	(at your option) any later version.
13
14	This program is distributed in the hope that it will be useful,
15	but WITHOUT ANY WARRANTY; without even the implied warranty of
16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17	GNU General Public License for more details.
18
19	You should have received a copy of the GNU General Public License
20	along with this program. If not, see <http://www.gnu.org/licenses/>.
21	*/
22
23	#include "includes.h"
24	#include "librpc/gen_ndr/ndr_eventlog.h"
25	#include "librpc/gen_ndr/ndr_eventlog_c.h"
26	#include "torture/rpc/torture_rpc.h"
27	#include "param/param.h"
28
29	#define TEST_BACKUP_NAME "samrtorturetest"
30
31	static void init_lsa_String(struct lsa_String name, const char s)
32	{
33	name->string = s;
34	name->length = 2*strlen_m(s);
35	name->size = name->length;
36	}
37
38	static bool get_policy_handle(struct torture_context *tctx,
39	struct dcerpc_binding_handle *b,
40	struct policy_handle *handle)
41	{
42	struct eventlog_OpenEventLogW r;
43	struct eventlog_OpenUnknown0 unknown0;
44	struct lsa_String logname, servername;
45
46	unknown0.unknown0 = 0x005c;
47	unknown0.unknown1 = 0x0001;
48
49	r.in.unknown0 = &unknown0;
50	init_lsa_String(&logname, "dns server");
51	init_lsa_String(&servername, NULL);
52	r.in.logname = &logname;
53	r.in.servername = &servername;
54	r.in.major_version = 0x00000001;
55	r.in.minor_version = 0x00000001;
56	r.out.handle = handle;
57
58	torture_assert_ntstatus_ok(tctx,
59	dcerpc_eventlog_OpenEventLogW_r(b, tctx, &r),
60	"OpenEventLog failed");
61
62	torture_assert_ntstatus_ok(tctx, r.out.result, "OpenEventLog failed");
63
64	return true;
65	}
66
67
68
69	static bool test_GetNumRecords(struct torture_context tctx, struct dcerpc_pipe p)
70	{
71	struct eventlog_GetNumRecords r;
72	struct eventlog_CloseEventLog cr;
73	struct policy_handle handle;
74	uint32_t number = 0;
75	struct dcerpc_binding_handle *b = p->binding_handle;
76
77	if (!get_policy_handle(tctx, b, &handle))
78	return false;
79
80	ZERO_STRUCT(r);
81	r.in.handle = &handle;
82	r.out.number = &number;
83
84	torture_assert_ntstatus_ok(tctx,
85	dcerpc_eventlog_GetNumRecords_r(b, tctx, &r),
86	"GetNumRecords failed");
87	torture_assert_ntstatus_ok(tctx, r.out.result,
88	"GetNumRecords failed");
89	torture_comment(tctx, "%d records\n", *r.out.number);
90
91	cr.in.handle = cr.out.handle = &handle;
92
93	torture_assert_ntstatus_ok(tctx,
94	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
95	"CloseEventLog failed");
96	torture_assert_ntstatus_ok(tctx, cr.out.result,
97	"CloseEventLog failed");
98	return true;
99	}
100
101	static bool test_ReadEventLog(struct torture_context *tctx,
102	struct dcerpc_pipe *p)
103	{
104	NTSTATUS status;
105	struct eventlog_ReadEventLogW r;
106	struct eventlog_CloseEventLog cr;
107	struct policy_handle handle;
108	struct dcerpc_binding_handle *b = p->binding_handle;
109
110	uint32_t sent_size = 0;
111	uint32_t real_size = 0;
112
113	if (!get_policy_handle(tctx, b, &handle))
114	return false;
115
116	ZERO_STRUCT(r);
117	r.in.offset = 0;
118	r.in.handle = &handle;
119	r.in.flags = 0;
120	r.out.data = NULL;
121	r.out.sent_size = &sent_size;
122	r.out.real_size = &real_size;
123
124	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_ReadEventLogW_r(b, tctx, &r),
125	"ReadEventLog failed");
126
127	torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
128	"ReadEventLog failed");
129
130	while (1) {
131	DATA_BLOB blob;
132	struct EVENTLOGRECORD rec;
133	enum ndr_err_code ndr_err;
134	uint32_t size = 0;
135	uint32_t pos = 0;
136
137	/* Read first for number of bytes in record */
138
139	r.in.number_of_bytes = 0;
140	r.in.flags = EVENTLOG_BACKWARDS_READ\|EVENTLOG_SEQUENTIAL_READ;
141	r.out.data = NULL;
142	r.out.sent_size = &sent_size;
143	r.out.real_size = &real_size;
144
145	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_ReadEventLogW_r(b, tctx, &r),
146	"ReadEventLogW failed");
147
148	if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_END_OF_FILE)) {
149	/* FIXME: still need to decode then */
150	break;
151	}
152
153	torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_BUFFER_TOO_SMALL,
154	"ReadEventLog failed");
155
156	/* Now read the actual record */
157
158	r.in.number_of_bytes = *r.out.real_size;
159	r.out.data = talloc_array(tctx, uint8_t, r.in.number_of_bytes);
160
161	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_ReadEventLogW_r(b, tctx, &r),
162	"ReadEventLogW failed");
163
164	torture_assert_ntstatus_ok(tctx, r.out.result, "ReadEventLog failed");
165
166	/* Decode a user-marshalled record */
167	size = IVAL(r.out.data, pos);
168
169	while (size > 0) {
170
171	blob = data_blob_const(r.out.data + pos, size);
172	dump_data(0, blob.data, blob.length);
173
174	ndr_err = ndr_pull_struct_blob_all(&blob, tctx, &rec,
175	(ndr_pull_flags_fn_t)ndr_pull_EVENTLOGRECORD);
176	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
177	status = ndr_map_error2ntstatus(ndr_err);
178	torture_assert_ntstatus_ok(tctx, status,
179	"ReadEventLog failed parsing event log record");
180	}
181
182	NDR_PRINT_DEBUG(EVENTLOGRECORD, &rec);
183
184	pos += size;
185
186	if (pos + 4 > *r.out.sent_size) {
187	break;
188	}
189
190	size = IVAL(r.out.data, pos);
191	}
192
193	torture_assert_ntstatus_ok(tctx, r.out.result,
194	"ReadEventLog failed parsing event log record");
195
196	r.in.offset++;
197	}
198
199	cr.in.handle = cr.out.handle = &handle;
200
201	torture_assert_ntstatus_ok(tctx,
202	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
203	"CloseEventLog failed");
204	torture_assert_ntstatus_ok(tctx, cr.out.result,
205	"CloseEventLog failed");
206
207	return true;
208	}
209
210	static bool test_ReportEventLog(struct torture_context *tctx,
211	struct dcerpc_pipe *p)
212	{
213	struct eventlog_ReportEventW r;
214	struct eventlog_CloseEventLog cr;
215	struct policy_handle handle;
216	struct dcerpc_binding_handle *b = p->binding_handle;
217
218	uint32_t record_number = 0;
219	time_t time_written = 0;
220	struct lsa_String servername, *strings;
221
222	if (!get_policy_handle(tctx, b, &handle))
223	return false;
224
225	init_lsa_String(&servername, NULL);
226
227	strings = talloc_array(tctx, struct lsa_String, 1);
228	init_lsa_String(&strings[0], "Currently tortured by samba 4");
229
230	ZERO_STRUCT(r);
231
232	r.in.handle = &handle;
233	r.in.timestamp = time(NULL);
234	r.in.event_type = EVENTLOG_INFORMATION_TYPE;
235	r.in.event_category = 0;
236	r.in.event_id = 0;
237	r.in.num_of_strings = 1;
238	r.in.data_size = 0;
239	r.in.servername = &servername;
240	r.in.user_sid = NULL;
241	r.in.strings = &strings;
242	r.in.data = NULL;
243	r.in.flags = 0;
244	r.in.record_number = r.out.record_number = &record_number;
245	r.in.time_written = r.out.time_written = &time_written;
246
247	torture_assert_ntstatus_ok(tctx,
248	dcerpc_eventlog_ReportEventW_r(b, tctx, &r),
249	"ReportEventW failed");
250
251	torture_assert_ntstatus_ok(tctx, r.out.result, "ReportEventW failed");
252
253	cr.in.handle = cr.out.handle = &handle;
254
255	torture_assert_ntstatus_ok(tctx,
256	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
257	"CloseEventLog failed");
258	torture_assert_ntstatus_ok(tctx, cr.out.result,
259	"CloseEventLog failed");
260
261	return true;
262	}
263
264	static bool test_FlushEventLog(struct torture_context *tctx,
265	struct dcerpc_pipe *p)
266	{
267	struct eventlog_FlushEventLog r;
268	struct eventlog_CloseEventLog cr;
269	struct policy_handle handle;
270	struct dcerpc_binding_handle *b = p->binding_handle;
271
272	if (!get_policy_handle(tctx, b, &handle))
273	return false;
274
275	r.in.handle = &handle;
276
277	/* Huh? Does this RPC always return access denied? */
278	torture_assert_ntstatus_ok(tctx,
279	dcerpc_eventlog_FlushEventLog_r(b, tctx, &r),
280	"FlushEventLog failed");
281
282	torture_assert_ntstatus_equal(tctx,
283	r.out.result,
284	NT_STATUS_ACCESS_DENIED,
285	"FlushEventLog failed");
286
287	cr.in.handle = cr.out.handle = &handle;
288
289	torture_assert_ntstatus_ok(tctx,
290	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
291	"CloseEventLog failed");
292	torture_assert_ntstatus_ok(tctx, cr.out.result,
293	"CloseEventLog failed");
294
295	return true;
296	}
297
298	static bool test_ClearEventLog(struct torture_context *tctx,
299	struct dcerpc_pipe *p)
300	{
301	struct eventlog_ClearEventLogW r;
302	struct eventlog_CloseEventLog cr;
303	struct policy_handle handle;
304	struct dcerpc_binding_handle *b = p->binding_handle;
305
306	if (!get_policy_handle(tctx, b, &handle))
307	return false;
308
309	r.in.handle = &handle;
310	r.in.backupfile = NULL;
311
312	torture_assert_ntstatus_ok(tctx,
313	dcerpc_eventlog_ClearEventLogW_r(b, tctx, &r),
314	"ClearEventLog failed");
315	torture_assert_ntstatus_ok(tctx, r.out.result,
316	"ClearEventLog failed");
317
318	cr.in.handle = cr.out.handle = &handle;
319
320	torture_assert_ntstatus_ok(tctx,
321	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
322	"CloseEventLog failed");
323	torture_assert_ntstatus_ok(tctx, cr.out.result,
324	"CloseEventLog failed");
325
326	return true;
327	}
328
329	static bool test_GetLogInformation(struct torture_context *tctx,
330	struct dcerpc_pipe *p)
331	{
332	struct eventlog_GetLogInformation r;
333	struct eventlog_CloseEventLog cr;
334	struct policy_handle handle;
335	uint32_t bytes_needed = 0;
336	struct dcerpc_binding_handle *b = p->binding_handle;
337
338	if (!get_policy_handle(tctx, b, &handle))
339	return false;
340
341	r.in.handle = &handle;
342	r.in.level = 1;
343	r.in.buf_size = 0;
344	r.out.buffer = NULL;
345	r.out.bytes_needed = &bytes_needed;
346
347	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_GetLogInformation_r(b, tctx, &r),
348	"GetLogInformation failed");
349
350	torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_LEVEL,
351	"GetLogInformation failed");
352
353	r.in.level = 0;
354
355	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_GetLogInformation_r(b, tctx, &r),
356	"GetLogInformation failed");
357
358	torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_BUFFER_TOO_SMALL,
359	"GetLogInformation failed");
360
361	r.in.buf_size = bytes_needed;
362	r.out.buffer = talloc_array(tctx, uint8_t, bytes_needed);
363
364	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_GetLogInformation_r(b, tctx, &r),
365	"GetLogInformation failed");
366
367	torture_assert_ntstatus_ok(tctx, r.out.result, "GetLogInformation failed");
368
369	cr.in.handle = cr.out.handle = &handle;
370
371	torture_assert_ntstatus_ok(tctx,
372	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
373	"CloseEventLog failed");
374	torture_assert_ntstatus_ok(tctx, cr.out.result,
375	"CloseEventLog failed");
376
377	return true;
378	}
379
380
381	static bool test_OpenEventLog(struct torture_context *tctx,
382	struct dcerpc_pipe *p)
383	{
384	struct policy_handle handle;
385	struct eventlog_CloseEventLog cr;
386	struct dcerpc_binding_handle *b = p->binding_handle;
387
388	if (!get_policy_handle(tctx, b, &handle))
389	return false;
390
391	cr.in.handle = cr.out.handle = &handle;
392
393	torture_assert_ntstatus_ok(tctx,
394	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
395	"CloseEventLog failed");
396	torture_assert_ntstatus_ok(tctx, cr.out.result,
397	"CloseEventLog failed");
398
399	return true;
400	}
401
402	static bool test_BackupLog(struct torture_context *tctx,
403	struct dcerpc_pipe *p)
404	{
405	struct policy_handle handle, backup_handle;
406	struct eventlog_BackupEventLogW r;
407	struct eventlog_OpenBackupEventLogW br;
408	struct eventlog_CloseEventLog cr;
409	const char *tmp;
410	struct lsa_String backup_filename;
411	struct eventlog_OpenUnknown0 unknown0;
412	struct dcerpc_binding_handle *b = p->binding_handle;
413
414	if (torture_setting_bool(tctx, "samba3", false)) {
415	torture_skip(tctx, "skipping BackupLog test against samba");
416	}
417
418	if (!get_policy_handle(tctx, b, &handle))
419	return false;
420
421	tmp = talloc_asprintf(tctx, "C:\\%s", TEST_BACKUP_NAME);
422	init_lsa_String(&backup_filename, tmp);
423
424	r.in.handle = &handle;
425	r.in.backup_filename = &backup_filename;
426
427	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_BackupEventLogW_r(b, tctx, &r),
428	"BackupEventLogW failed");
429	torture_assert_ntstatus_equal(tctx, r.out.result,
430	NT_STATUS_OBJECT_PATH_SYNTAX_BAD, "BackupEventLogW failed");
431
432	tmp = talloc_asprintf(tctx, "\\??\\C:\\%s", TEST_BACKUP_NAME);
433	init_lsa_String(&backup_filename, tmp);
434
435	r.in.handle = &handle;
436	r.in.backup_filename = &backup_filename;
437
438	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_BackupEventLogW_r(b, tctx, &r),
439	"BackupEventLogW failed");
440	torture_assert_ntstatus_ok(tctx, r.out.result, "BackupEventLogW failed");
441
442	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_BackupEventLogW_r(b, tctx, &r),
443	"BackupEventLogW failed");
444	torture_assert_ntstatus_equal(tctx, r.out.result,
445	NT_STATUS_OBJECT_NAME_COLLISION, "BackupEventLogW failed");
446
447	cr.in.handle = cr.out.handle = &handle;
448
449	torture_assert_ntstatus_ok(tctx,
450	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
451	"BackupLog failed");
452	torture_assert_ntstatus_ok(tctx, cr.out.result,
453	"BackupLog failed");
454
455	unknown0.unknown0 = 0x005c;
456	unknown0.unknown1 = 0x0001;
457
458	br.in.unknown0 = &unknown0;
459	br.in.backup_logname = &backup_filename;
460	br.in.major_version = 1;
461	br.in.minor_version = 1;
462	br.out.handle = &backup_handle;
463
464	torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_OpenBackupEventLogW_r(b, tctx, &br),
465	"OpenBackupEventLogW failed");
466
467	torture_assert_ntstatus_ok(tctx, br.out.result, "OpenBackupEventLogW failed");
468
469	cr.in.handle = cr.out.handle = &backup_handle;
470
471	torture_assert_ntstatus_ok(tctx,
472	dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
473	"CloseEventLog failed");
474	torture_assert_ntstatus_ok(tctx, cr.out.result,
475	"CloseEventLog failed");
476
477	return true;
478	}
479
480	struct torture_suite torture_rpc_eventlog(TALLOC_CTX mem_ctx)
481	{
482	struct torture_suite *suite;
483	struct torture_rpc_tcase *tcase;
484	struct torture_test *test;
485
486	suite = torture_suite_create(mem_ctx, "eventlog");
487	tcase = torture_suite_add_rpc_iface_tcase(suite, "eventlog",
488	&ndr_table_eventlog);
489
490	torture_rpc_tcase_add_test(tcase, "OpenEventLog", test_OpenEventLog);
491	test = torture_rpc_tcase_add_test(tcase, "ClearEventLog",
492	test_ClearEventLog);
493	test->dangerous = true;
494	torture_rpc_tcase_add_test(tcase, "GetNumRecords", test_GetNumRecords);
495	torture_rpc_tcase_add_test(tcase, "ReadEventLog", test_ReadEventLog);
496	torture_rpc_tcase_add_test(tcase, "ReportEventLog", test_ReportEventLog);
497	torture_rpc_tcase_add_test(tcase, "FlushEventLog", test_FlushEventLog);
498	torture_rpc_tcase_add_test(tcase, "GetLogIntormation", test_GetLogInformation);
499	torture_rpc_tcase_add_test(tcase, "BackupLog", test_BackupLog);
500
501	return suite;
502	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/server/source4/torture/rpc/eventlog.c

Download in other formats: