LCOV - code coverage report
Current view: top level - source4/torture/winbind - struct_based.c (source / functions) Hit Total Coverage
Test: coverage report for support-claim-type-attributes 6b5c566e Lines: 433 555 78.0 %
Date: 2023-11-21 12:31:41 Functions: 29 29 100.0 %

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             :    SMB torture tester - winbind struct based protocol
       4             :    Copyright (C) Stefan Metzmacher 2007
       5             :    Copyright (C) Michael Adam 2007
       6             : 
       7             :    This program is free software; you can redistribute it and/or modify
       8             :    it under the terms of the GNU General Public License as published by
       9             :    the Free Software Foundation; either version 3 of the License, or
      10             :    (at your option) any later version.
      11             : 
      12             :    This program is distributed in the hope that it will be useful,
      13             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :    GNU General Public License for more details.
      16             : 
      17             :    You should have received a copy of the GNU General Public License
      18             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      19             : */
      20             : 
      21             : #include "includes.h"
      22             : #include "torture/torture.h"
      23             : #include "nsswitch/libwbclient/wbclient.h"
      24             : #include "nsswitch/winbind_nss_config.h"
      25             : #include "nsswitch/winbind_struct_protocol.h"
      26             : #include "nsswitch/libwbclient/wbclient_internal.h"
      27             : #include "libcli/security/security.h"
      28             : #include "librpc/gen_ndr/netlogon.h"
      29             : #include "param/param.h"
      30             : #include "../libcli/auth/pam_errors.h"
      31             : #include "torture/winbind/proto.h"
      32             : #include "lib/util/string_wrappers.h"
      33             : 
      34             : #define DO_STRUCT_REQ_REP_EXT(op,req,rep,expected,strict,warnaction,cmt) do { \
      35             :         const char *__cmt = (cmt); \
      36             :         wbcErr __wbc_status = WBC_ERR_UNKNOWN_FAILURE; \
      37             :         NSS_STATUS __got, __expected = (expected); \
      38             :         __wbc_status = wbcRequestResponse(NULL, op, req, rep); \
      39             :         switch (__wbc_status) { \
      40             :         case WBC_ERR_SUCCESS: \
      41             :                 __got = NSS_STATUS_SUCCESS; \
      42             :                 break; \
      43             :         case WBC_ERR_WINBIND_NOT_AVAILABLE: \
      44             :                 __got = NSS_STATUS_UNAVAIL; \
      45             :                 break; \
      46             :         case WBC_ERR_DOMAIN_NOT_FOUND: \
      47             :                 __got = NSS_STATUS_NOTFOUND; \
      48             :                 break; \
      49             :         default: \
      50             :                 torture_result(torture, TORTURE_FAIL, \
      51             :                                 __location__ ": " __STRING(op) \
      52             :                                 " returned unmapped %s, expected nss %d%s%s", \
      53             :                                 wbcErrorString(__wbc_status), __expected, \
      54             :                                 (__cmt) ? ": " : "", \
      55             :                                 (__cmt) ? (__cmt) : ""); \
      56             :                 return false; \
      57             :         } \
      58             :         if (__got != __expected) { \
      59             :                 if (strict) { \
      60             :                         torture_result(torture, TORTURE_FAIL, \
      61             :                                 __location__ ": " __STRING(op) \
      62             :                                 " returned %s, got %d , expected %d%s%s", \
      63             :                                 wbcErrorString(__wbc_status), __got, __expected, \
      64             :                                 (__cmt) ? ": " : "", \
      65             :                                 (__cmt) ? (__cmt) : ""); \
      66             :                         return false; \
      67             :                 } else { \
      68             :                         torture_warning(torture, \
      69             :                                 __location__ ": " __STRING(op) \
      70             :                                 " returned %s, got %d , expected %d%s%s", \
      71             :                                 wbcErrorString(__wbc_status), __got, __expected, \
      72             :                                 (__cmt) ? ": " : "", \
      73             :                                 (__cmt) ? (__cmt) : ""); \
      74             :                         warnaction; \
      75             :                 } \
      76             :         } \
      77             : } while(0)
      78             : 
      79             : #undef _STRUCT_NOOP
      80             : #define _STRUCT_NOOP do {} while(0);
      81             : #define DO_STRUCT_REQ_REP(op,req,rep) do { \
      82             :         DO_STRUCT_REQ_REP_EXT(op,req,rep,NSS_STATUS_SUCCESS,true, _STRUCT_NOOP, NULL); \
      83             : } while (0)
      84             : 
      85           6 : static bool torture_winbind_struct_interface_version(struct torture_context *torture)
      86             : {
      87           0 :         struct winbindd_request req;
      88           0 :         struct winbindd_response rep;
      89             : 
      90           6 :         ZERO_STRUCT(req);
      91           6 :         ZERO_STRUCT(rep);
      92             : 
      93           6 :         torture_comment(torture, "Running WINBINDD_INTERFACE_VERSION (struct based)\n");
      94             : 
      95           6 :         DO_STRUCT_REQ_REP(WINBINDD_INTERFACE_VERSION, &req, &rep);
      96             : 
      97           6 :         torture_assert_int_equal(torture,
      98             :                                  rep.data.interface_version,
      99             :                                  WINBIND_INTERFACE_VERSION,
     100             :                                  "winbind server and client doesn't match");
     101             : 
     102           6 :         return true;
     103             : }
     104             : 
     105           6 : static bool torture_winbind_struct_ping(struct torture_context *torture)
     106             : {
     107           6 :         struct timeval tv = timeval_current();
     108           6 :         int timelimit = torture_setting_int(torture, "timelimit", 5);
     109           6 :         uint32_t total = 0;
     110             : 
     111           6 :         torture_comment(torture,
     112             :                         "Running WINBINDD_PING (struct based) for %d seconds\n",
     113             :                         timelimit);
     114             : 
     115      137773 :         while (timeval_elapsed(&tv) < timelimit) {
     116      137767 :                 DO_STRUCT_REQ_REP(WINBINDD_PING, NULL, NULL);
     117      137767 :                 total++;
     118             :         }
     119             : 
     120           6 :         torture_comment(torture,
     121             :                         "%u (%.1f/s) WINBINDD_PING (struct based)\n",
     122           6 :                         total, total / timeval_elapsed(&tv));
     123             : 
     124           6 :         return true;
     125             : }
     126             : 
     127             : 
     128        1560 : static char winbind_separator(struct torture_context *torture)
     129             : {
     130           0 :         struct winbindd_response rep;
     131             : 
     132        1560 :         ZERO_STRUCT(rep);
     133             : 
     134        1560 :         DO_STRUCT_REQ_REP(WINBINDD_INFO, NULL, &rep);
     135             : 
     136        1560 :         return rep.data.info.winbind_separator;
     137             : }
     138             : 
     139           6 : static bool torture_winbind_struct_info(struct torture_context *torture)
     140             : {
     141           0 :         struct winbindd_response rep;
     142           0 :         const char *separator;
     143             : 
     144           6 :         ZERO_STRUCT(rep);
     145             : 
     146           6 :         torture_comment(torture, "Running WINBINDD_INFO (struct based)\n");
     147             : 
     148           6 :         DO_STRUCT_REQ_REP(WINBINDD_INFO, NULL, &rep);
     149             : 
     150           6 :         separator = torture_setting_string(torture,
     151             :                                            "winbindd_separator",
     152             :                                            lpcfg_winbind_separator(torture->lp_ctx));
     153             : 
     154           6 :         torture_assert_int_equal(torture,
     155             :                                  rep.data.info.winbind_separator,
     156             :                                  *separator,
     157             :                                  "winbind separator doesn't match");
     158             : 
     159           6 :         torture_comment(torture, "Samba Version '%s'\n",
     160             :                         rep.data.info.samba_version);
     161             : 
     162           6 :         return true;
     163             : }
     164             : 
     165           6 : static bool torture_winbind_struct_priv_pipe_dir(struct torture_context *torture)
     166             : {
     167           0 :         struct winbindd_response rep;
     168           0 :         const char *got_dir;
     169             : 
     170           6 :         ZERO_STRUCT(rep);
     171             : 
     172           6 :         torture_comment(torture, "Running WINBINDD_PRIV_PIPE_DIR (struct based)\n");
     173             : 
     174           6 :         DO_STRUCT_REQ_REP(WINBINDD_PRIV_PIPE_DIR, NULL, &rep);
     175             : 
     176           6 :         got_dir = (const char *)rep.extra_data.data;
     177             : 
     178           6 :         torture_assert(torture, got_dir, "NULL WINBINDD_PRIV_PIPE_DIR\n");
     179             : 
     180           6 :         SAFE_FREE(rep.extra_data.data);
     181           6 :         return true;
     182             : }
     183             : 
     184           6 : static bool torture_winbind_struct_netbios_name(struct torture_context *torture)
     185             : {
     186           0 :         struct winbindd_response rep;
     187           0 :         const char *expected;
     188             : 
     189           6 :         ZERO_STRUCT(rep);
     190             : 
     191           6 :         torture_comment(torture, "Running WINBINDD_NETBIOS_NAME (struct based)\n");
     192             : 
     193           6 :         DO_STRUCT_REQ_REP(WINBINDD_NETBIOS_NAME, NULL, &rep);
     194             : 
     195           6 :         expected = torture_setting_string(torture,
     196             :                                           "winbindd_netbios_name",
     197             :                                           lpcfg_netbios_name(torture->lp_ctx));
     198           6 :         expected = strupper_talloc(torture, expected);
     199             : 
     200           6 :         torture_assert_str_equal(torture,
     201             :                                  rep.data.netbios_name, expected,
     202             :                                  "winbindd's netbios name doesn't match");
     203             : 
     204           6 :         return true;
     205             : }
     206             : 
     207          12 : static bool get_winbind_domain(struct torture_context *torture, char **domain)
     208             : {
     209           0 :         struct winbindd_response rep;
     210             : 
     211          12 :         ZERO_STRUCT(rep);
     212             : 
     213          12 :         DO_STRUCT_REQ_REP(WINBINDD_DOMAIN_NAME, NULL, &rep);
     214             : 
     215          12 :         *domain = talloc_strdup(torture, rep.data.domain_name);
     216          12 :         torture_assert(torture, domain, "talloc error");
     217             : 
     218          12 :         return true;
     219             : }
     220             : 
     221           6 : static bool torture_winbind_struct_domain_name(struct torture_context *torture)
     222             : {
     223           0 :         const char *expected;
     224           0 :         char *domain;
     225             : 
     226           6 :         torture_comment(torture, "Running WINBINDD_DOMAIN_NAME (struct based)\n");
     227             : 
     228           6 :         expected = torture_setting_string(torture,
     229             :                                           "winbindd_netbios_domain",
     230             :                                           lpcfg_workgroup(torture->lp_ctx));
     231             : 
     232           6 :         get_winbind_domain(torture, &domain);
     233             : 
     234           6 :         torture_assert_str_equal(torture, domain, expected,
     235             :                                  "winbindd's netbios domain doesn't match");
     236             : 
     237           6 :         return true;
     238             : }
     239             : 
     240           6 : static bool torture_winbind_struct_check_machacc(struct torture_context *torture)
     241             : {
     242           0 :         bool ok;
     243           6 :         bool strict = torture_setting_bool(torture, "strict mode", false);
     244           0 :         struct winbindd_response rep;
     245             : 
     246           6 :         ZERO_STRUCT(rep);
     247             : 
     248           6 :         torture_comment(torture, "Running WINBINDD_CHECK_MACHACC (struct based)\n");
     249             : 
     250           6 :         ok = true;
     251           6 :         DO_STRUCT_REQ_REP_EXT(WINBINDD_CHECK_MACHACC, NULL, &rep,
     252             :                               NSS_STATUS_SUCCESS, strict, ok = false,
     253             :                               "WINBINDD_CHECK_MACHACC");
     254             : 
     255           6 :         if (!ok) {
     256           0 :                 torture_assert(torture,
     257             :                                strlen(rep.data.auth.nt_status_string)>0,
     258             :                                "Failed with empty nt_status_string");
     259             : 
     260           0 :                 torture_warning(torture,"%s:%s:%s:%d\n",
     261           0 :                                 nt_errstr(NT_STATUS(rep.data.auth.nt_status)),
     262             :                                 rep.data.auth.nt_status_string,
     263             :                                 rep.data.auth.error_string,
     264             :                                 rep.data.auth.pam_error);
     265           0 :                 return true;
     266             :         }
     267             : 
     268           6 :         torture_assert_ntstatus_ok(torture,
     269             :                                    NT_STATUS(rep.data.auth.nt_status),
     270             :                                    "WINBINDD_CHECK_MACHACC ok: nt_status");
     271             : 
     272           6 :         torture_assert_str_equal(torture,
     273             :                                  rep.data.auth.nt_status_string,
     274             :                                  nt_errstr(NT_STATUS_OK),
     275             :                                  "WINBINDD_CHECK_MACHACC ok:nt_status_string");
     276             : 
     277           6 :         torture_assert_str_equal(torture,
     278             :                                  rep.data.auth.error_string,
     279             :                                  get_friendly_nt_error_msg(NT_STATUS_OK),
     280             :                                  "WINBINDD_CHECK_MACHACC ok: error_string");
     281             : 
     282           6 :         torture_assert_int_equal(torture,
     283             :                                  rep.data.auth.pam_error,
     284             :                                  nt_status_to_pam(NT_STATUS_OK),
     285             :                                  "WINBINDD_CHECK_MACHACC ok: pam_error");
     286             : 
     287           6 :         return true;
     288             : }
     289             : 
     290             : struct torture_trust_domain {
     291             :         const char *netbios_name;
     292             :         const char *dns_name;
     293             :         struct dom_sid *sid;
     294             : };
     295             : 
     296          30 : static bool get_trusted_domains(struct torture_context *torture,
     297             :                                 struct torture_trust_domain **_d)
     298             : {
     299           0 :         struct winbindd_request req;
     300           0 :         struct winbindd_response rep;
     301          30 :         struct torture_trust_domain *d = NULL;
     302          30 :         uint32_t dcount = 0;
     303           0 :         char line[256];
     304           0 :         const char *extra_data;
     305             : 
     306          30 :         ZERO_STRUCT(req);
     307          30 :         ZERO_STRUCT(rep);
     308             : 
     309          30 :         DO_STRUCT_REQ_REP(WINBINDD_LIST_TRUSTDOM, &req, &rep);
     310             : 
     311          30 :         extra_data = (char *)rep.extra_data.data;
     312          30 :         torture_assert(torture, extra_data != NULL,
     313             :                        "Trust list was NULL: the list of trusted domain "
     314             :                        "should be returned, with at least 2 entries "
     315             :                        "(BUILTIN, and the local domain)");
     316             : 
     317         130 :         while (next_token(&extra_data, line, "\n", sizeof(line))) {
     318           0 :                 char *p, *lp;
     319             : 
     320         100 :                 d = talloc_realloc(torture, d,
     321             :                                    struct torture_trust_domain,
     322             :                                    dcount + 2);
     323         100 :                 ZERO_STRUCT(d[dcount+1]);
     324             : 
     325         100 :                 lp = line;
     326         100 :                 p = strchr(lp, '\\');
     327         100 :                 torture_assert(torture, p, "missing 1st '\\' in line");
     328         100 :                 *p = 0;
     329         100 :                 d[dcount].netbios_name = talloc_strdup(d, lp);
     330         100 :                 torture_assert(torture, strlen(d[dcount].netbios_name) > 0,
     331             :                                "empty netbios_name");
     332             : 
     333         100 :                 lp = p+1;
     334         100 :                 p = strchr(lp, '\\');
     335         100 :                 torture_assert(torture, p, "missing 2nd '\\' in line");
     336         100 :                 *p = 0;
     337         100 :                 d[dcount].dns_name = talloc_strdup(d, lp);
     338             :                 /* it's ok to have an empty dns_name */
     339             : 
     340         100 :                 lp = p+1;
     341         100 :                 d[dcount].sid = dom_sid_parse_talloc(d, lp);
     342         100 :                 torture_assert(torture, d[dcount].sid,
     343             :                                "failed to parse sid");
     344             : 
     345         100 :                 dcount++;
     346             :         }
     347          30 :         SAFE_FREE(rep.extra_data.data);
     348             : 
     349          30 :         torture_assert(torture, dcount >= 2,
     350             :                        "The list of trusted domain should contain 2 entries "
     351             :                        "(BUILTIN, and the local domain)");
     352             : 
     353          30 :         *_d = d;
     354          30 :         return true;
     355             : }
     356             : 
     357           6 : static bool torture_winbind_struct_list_trustdom(struct torture_context *torture)
     358             : {
     359           0 :         struct winbindd_request req;
     360           0 :         struct winbindd_response rep;
     361           0 :         char *list1;
     362           0 :         char *list2;
     363           0 :         bool ok;
     364           6 :         struct torture_trust_domain *listd = NULL;
     365           0 :         uint32_t i;
     366             : 
     367           6 :         torture_comment(torture, "Running WINBINDD_LIST_TRUSTDOM (struct based)\n");
     368             : 
     369           6 :         ZERO_STRUCT(req);
     370           6 :         ZERO_STRUCT(rep);
     371             : 
     372           6 :         req.data.list_all_domains = false;
     373             : 
     374           6 :         DO_STRUCT_REQ_REP(WINBINDD_LIST_TRUSTDOM, &req, &rep);
     375             : 
     376           6 :         list1 = (char *)rep.extra_data.data;
     377             : 
     378           6 :         torture_comment(torture, "%s\n", list1);
     379             : 
     380           6 :         ZERO_STRUCT(req);
     381           6 :         ZERO_STRUCT(rep);
     382             : 
     383           6 :         req.data.list_all_domains = true;
     384             : 
     385           6 :         DO_STRUCT_REQ_REP(WINBINDD_LIST_TRUSTDOM, &req, &rep);
     386             : 
     387           6 :         list2 = (char *)rep.extra_data.data;
     388             : 
     389             :         /*
     390             :          * The list_all_domains parameter should be ignored
     391             :          */
     392           6 :         torture_assert_str_equal(torture, list2, list1, "list_all_domains not ignored");
     393             : 
     394           6 :         SAFE_FREE(list1);
     395           6 :         SAFE_FREE(list2);
     396             : 
     397           6 :         ok = get_trusted_domains(torture, &listd);
     398           6 :         torture_assert(torture, ok, "failed to get trust list");
     399             : 
     400          26 :         for (i=0; listd && listd[i].netbios_name; i++) {
     401          20 :                 if (i == 0) {
     402           0 :                         struct dom_sid *builtin_sid;
     403             : 
     404           6 :                         builtin_sid = dom_sid_parse_talloc(torture, SID_BUILTIN);
     405             : 
     406           6 :                         torture_assert_str_equal(torture,
     407             :                                                  listd[i].netbios_name,
     408             :                                                  NAME_BUILTIN,
     409             :                                                  "first domain should be 'BUILTIN'");
     410             : 
     411           6 :                         torture_assert_str_equal(torture,
     412             :                                                  listd[i].dns_name,
     413             :                                                  "",
     414             :                                                  "BUILTIN domain should not have a dns name");
     415             : 
     416           6 :                         ok = dom_sid_equal(builtin_sid,
     417           6 :                                            listd[i].sid);
     418           6 :                         torture_assert(torture, ok, "BUILTIN domain should have S-1-5-32");
     419             : 
     420           6 :                         continue;
     421             :                 }
     422             : 
     423             :                 /*
     424             :                  * TODO: verify the content of the 2nd and 3rd (in member server mode)
     425             :                  *       domain entries
     426             :                  */
     427             :         }
     428             : 
     429           6 :         return true;
     430             : }
     431             : 
     432           6 : static bool torture_winbind_struct_domain_info(struct torture_context *torture)
     433             : {
     434           0 :         bool ok;
     435           6 :         struct torture_trust_domain *listd = NULL;
     436           0 :         uint32_t i;
     437             : 
     438           6 :         torture_comment(torture, "Running WINBINDD_DOMAIN_INFO (struct based)\n");
     439             : 
     440           6 :         ok = get_trusted_domains(torture, &listd);
     441           6 :         torture_assert(torture, ok, "failed to get trust list");
     442             : 
     443          26 :         for (i=0; listd && listd[i].netbios_name; i++) {
     444          40 :                 torture_comment(torture, "LIST[%u] '%s' => '%s' [%s]\n",
     445             :                                 (unsigned)i,
     446          20 :                                 listd[i].netbios_name,
     447          20 :                                 listd[i].dns_name,
     448          20 :                                 dom_sid_string(torture, listd[i].sid));
     449             :         }
     450             : 
     451          20 :         for (i=0; listd && listd[i].netbios_name; i++) {
     452           0 :                 struct winbindd_request req;
     453           0 :                 struct winbindd_response rep;
     454           0 :                 struct dom_sid *sid;
     455          16 :                 char *flagstr = talloc_strdup(torture," ");
     456             : 
     457          16 :                 ZERO_STRUCT(req);
     458          16 :                 ZERO_STRUCT(rep);
     459             : 
     460          16 :                 fstrcpy(req.domain_name, listd[i].netbios_name);
     461             : 
     462          18 :                 DO_STRUCT_REQ_REP(WINBINDD_DOMAIN_INFO, &req, &rep);
     463             : 
     464          16 :                 if (rep.data.domain_info.primary) {
     465           6 :                         flagstr = talloc_strdup_append(flagstr, "PR ");
     466             :                 }
     467             : 
     468          16 :                 if (rep.data.domain_info.active_directory) {
     469           4 :                         torture_assert(torture,
     470             :                                        strlen(rep.data.domain_info.alt_name)>0,
     471             :                                        "Active Directory without DNS name");
     472           4 :                         flagstr = talloc_strdup_append(flagstr, "AD ");
     473             :                 }
     474             : 
     475          16 :                 if (rep.data.domain_info.native_mode) {
     476           2 :                         torture_assert(torture,
     477             :                                        rep.data.domain_info.active_directory,
     478             :                                        "Native-Mode, but no Active Directory");
     479           2 :                         flagstr = talloc_strdup_append(flagstr, "NA ");
     480             :                 }
     481             : 
     482          16 :                 torture_comment(torture, "DOMAIN[%u] '%s' => '%s' [%s] [%s]\n",
     483             :                                 (unsigned)i,
     484             :                                 rep.data.domain_info.name,
     485             :                                 rep.data.domain_info.alt_name,
     486             :                                 flagstr,
     487             :                                 rep.data.domain_info.sid);
     488             : 
     489          16 :                 sid = dom_sid_parse_talloc(torture, rep.data.domain_info.sid);
     490          16 :                 torture_assert(torture, sid, "Failed to parse SID");
     491             : 
     492          16 :                 ok = dom_sid_equal(listd[i].sid, sid);
     493          16 :                 torture_assert(torture, ok, talloc_asprintf(torture, "SID's doesn't match [%s] != [%s]",
     494             :                                dom_sid_string(torture, listd[i].sid),
     495             :                                dom_sid_string(torture, sid)));
     496             : 
     497          16 :                 torture_assert_str_equal(torture,
     498             :                                          rep.data.domain_info.name,
     499             :                                          listd[i].netbios_name,
     500             :                                          "Netbios domain name doesn't match");
     501             : 
     502          16 :                 torture_assert_str_equal(torture,
     503             :                                          rep.data.domain_info.alt_name,
     504             :                                          listd[i].dns_name,
     505             :                                          "DNS domain name doesn't match");
     506             :         }
     507             : 
     508           4 :         return true;
     509             : }
     510             : 
     511           6 : static bool torture_winbind_struct_getdcname(struct torture_context *torture)
     512             : {
     513           0 :         bool ok;
     514           6 :         bool strict = torture_setting_bool(torture, "strict mode", false);
     515           6 :         const char *domain_name = torture_setting_string(torture,
     516             :                                         "winbindd_netbios_domain",
     517             :                                         lpcfg_workgroup(torture->lp_ctx));
     518           6 :         struct torture_trust_domain *listd = NULL;
     519           6 :         uint32_t i, count = 0;
     520             : 
     521           6 :         torture_comment(torture, "Running WINBINDD_GETDCNAME (struct based)\n");
     522             : 
     523           6 :         ok = get_trusted_domains(torture, &listd);
     524           6 :         torture_assert(torture, ok, "failed to get trust list");
     525             : 
     526          14 :         for (i=0; listd && listd[i].netbios_name; i++) {
     527           0 :                 struct winbindd_request req;
     528           0 :                 struct winbindd_response rep;
     529             : 
     530             :                 /* getdcname is not expected to work on "BUILTIN" or our own
     531             :                  * domain */
     532          18 :                 if (strequal(listd[i].netbios_name, "BUILTIN") ||
     533           6 :                     strequal(listd[i].netbios_name, domain_name)) {
     534           8 :                         continue;
     535             :                 }
     536             : 
     537           4 :                 ZERO_STRUCT(req);
     538           4 :                 ZERO_STRUCT(rep);
     539             : 
     540           4 :                 fstrcpy(req.domain_name, listd[i].netbios_name);
     541             : 
     542           4 :                 ok = true;
     543           4 :                 DO_STRUCT_REQ_REP_EXT(WINBINDD_GETDCNAME, &req, &rep,
     544             :                                       NSS_STATUS_SUCCESS,
     545             :                                       (i <2 || strict), ok = false,
     546             :                                       talloc_asprintf(torture, "DOMAIN '%s'",
     547             :                                                       req.domain_name));
     548           0 :                 if (!ok) continue;
     549             : 
     550             :                 /* TODO: check rep.data.dc_name; */
     551           0 :                 torture_comment(torture, "DOMAIN '%s' => DCNAME '%s'\n",
     552             :                                 req.domain_name, rep.data.dc_name);
     553           0 :                 count++;
     554             :         }
     555             : 
     556           2 :         if (strict) {
     557           0 :                 torture_assert(torture, count > 0,
     558             :                                "WiNBINDD_GETDCNAME was not tested");
     559             :         }
     560           2 :         return true;
     561             : }
     562             : 
     563           6 : static bool torture_winbind_struct_dsgetdcname(struct torture_context *torture)
     564             : {
     565           0 :         bool ok;
     566           6 :         bool strict = torture_setting_bool(torture, "strict mode", false);
     567           6 :         struct torture_trust_domain *listd = NULL;
     568           0 :         uint32_t i;
     569           6 :         uint32_t count = 0;
     570             : 
     571           6 :         torture_comment(torture, "Running WINBINDD_DSGETDCNAME (struct based)\n");
     572             : 
     573           6 :         ok = get_trusted_domains(torture, &listd);
     574           6 :         torture_assert(torture, ok, "failed to get trust list");
     575             : 
     576          26 :         for (i=0; listd && listd[i].netbios_name; i++) {
     577           0 :                 struct winbindd_request req;
     578           0 :                 struct winbindd_response rep;
     579             : 
     580          20 :                 ZERO_STRUCT(req);
     581          20 :                 ZERO_STRUCT(rep);
     582             : 
     583          28 :                 if (strlen(listd[i].dns_name) == 0) continue;
     584             : 
     585             :                 /*
     586             :                  * TODO: remove this and let winbindd give no dns name
     587             :                  *       for NT4 domains
     588             :                  */
     589           8 :                 if (strcmp(listd[i].dns_name, listd[i].netbios_name) == 0) {
     590           0 :                         continue;
     591             :                 }
     592             : 
     593           8 :                 fstrcpy(req.domain_name, listd[i].dns_name);
     594             : 
     595             :                 /* TODO: test more flag combinations */
     596           8 :                 req.flags = DS_DIRECTORY_SERVICE_REQUIRED;
     597             : 
     598           8 :                 ok = true;
     599           8 :                 DO_STRUCT_REQ_REP_EXT(WINBINDD_DSGETDCNAME, &req, &rep,
     600             :                                       NSS_STATUS_SUCCESS,
     601             :                                       strict, ok = false,
     602             :                                       talloc_asprintf(torture, "DOMAIN '%s'",
     603             :                                                       req.domain_name));
     604           8 :                 if (!ok) continue;
     605             : 
     606             :                 /* TODO: check rep.data.dc_name; */
     607           0 :                 torture_comment(torture, "DOMAIN '%s' => DCNAME '%s'\n",
     608             :                                 req.domain_name, rep.data.dc_name);
     609             : 
     610           0 :                 count++;
     611             :         }
     612             : 
     613           6 :         if (count == 0) {
     614           6 :                 torture_warning(torture, "WINBINDD_DSGETDCNAME"
     615             :                                 " was not tested with %d non-AD domains",
     616             :                                 i);
     617             :         }
     618             : 
     619           6 :         if (strict) {
     620           0 :                 torture_assert(torture, count > 0,
     621             :                                "WiNBINDD_DSGETDCNAME was not tested");
     622             :         }
     623             : 
     624           6 :         return true;
     625             : }
     626             : 
     627          12 : static bool get_user_list(struct torture_context *torture, char ***users)
     628             : {
     629           0 :         struct winbindd_request req;
     630           0 :         struct winbindd_response rep;
     631          12 :         char **u = NULL;
     632           0 :         uint32_t count;
     633           0 :         char name[256];
     634           0 :         const char *extra_data;
     635             : 
     636          12 :         ZERO_STRUCT(req);
     637          12 :         ZERO_STRUCT(rep);
     638             : 
     639          12 :         DO_STRUCT_REQ_REP(WINBINDD_LIST_USERS, &req, &rep);
     640             : 
     641          12 :         extra_data = (char *)rep.extra_data.data;
     642          12 :         torture_assert(torture, extra_data, "NULL extra data");
     643             : 
     644          12 :         for(count = 0;
     645         832 :             next_token(&extra_data, name, ",", sizeof(name));
     646         820 :             count++)
     647             :         {
     648         820 :                 u = talloc_realloc(torture, u, char *, count + 2);
     649         820 :                 u[count+1] = NULL;
     650         820 :                 u[count] = talloc_strdup(u, name);
     651             :         }
     652             : 
     653          12 :         SAFE_FREE(rep.extra_data.data);
     654             : 
     655          12 :         *users = u;
     656          12 :         return true;
     657             : }
     658             : 
     659           6 : static bool torture_winbind_struct_list_users(struct torture_context *torture)
     660             : {
     661           0 :         char **users;
     662           0 :         uint32_t count;
     663           0 :         bool ok;
     664             : 
     665           6 :         torture_comment(torture, "Running WINBINDD_LIST_USERS (struct based)\n");
     666             : 
     667           6 :         ok = get_user_list(torture, &users);
     668           6 :         torture_assert(torture, ok, "failed to get user list");
     669             : 
     670         416 :         for (count = 0; users[count]; count++) { }
     671             : 
     672           6 :         torture_comment(torture, "got %d users\n", count);
     673             : 
     674           6 :         return true;
     675             : }
     676             : 
     677          12 : static bool get_group_list(struct torture_context *torture,
     678             :                            unsigned int *num_entries,
     679             :                            char ***groups)
     680             : {
     681           0 :         struct winbindd_request req;
     682           0 :         struct winbindd_response rep;
     683          12 :         char **g = NULL;
     684           0 :         uint32_t count;
     685           0 :         char name[256];
     686           0 :         const char *extra_data;
     687             : 
     688          12 :         ZERO_STRUCT(req);
     689          12 :         ZERO_STRUCT(rep);
     690             : 
     691          12 :         DO_STRUCT_REQ_REP(WINBINDD_LIST_GROUPS, &req, &rep);
     692          12 :         extra_data = (char *)rep.extra_data.data;
     693             : 
     694          12 :         *num_entries = rep.data.num_entries;
     695             : 
     696          12 :         if (*num_entries == 0) {
     697           0 :                 torture_assert(torture, extra_data == NULL,
     698             :                                "extra data is null for >0 reported entries\n");
     699           0 :                 *groups = NULL;
     700           0 :                 return true;
     701             :         }
     702             : 
     703          12 :         torture_assert(torture, extra_data, "NULL extra data");
     704             : 
     705          12 :         for(count = 0;
     706         872 :             next_token(&extra_data, name, ",", sizeof(name));
     707         860 :             count++)
     708             :         {
     709         860 :                 g = talloc_realloc(torture, g, char *, count + 2);
     710         860 :                 g[count+1] = NULL;
     711         860 :                 g[count] = talloc_strdup(g, name);
     712             :         }
     713             : 
     714          12 :         SAFE_FREE(rep.extra_data.data);
     715             : 
     716          12 :         torture_assert_int_equal(torture, *num_entries, count,
     717             :                                  "Wrong number of group entries reported.");
     718             : 
     719          12 :         *groups = g;
     720          12 :         return true;
     721             : }
     722             : 
     723           6 : static bool torture_winbind_struct_list_groups(struct torture_context *torture)
     724             : {
     725           0 :         char **groups;
     726           0 :         uint32_t count;
     727           0 :         bool ok;
     728             : 
     729           6 :         torture_comment(torture, "Running WINBINDD_LIST_GROUPS (struct based)\n");
     730             : 
     731           6 :         ok = get_group_list(torture, &count, &groups);
     732           6 :         torture_assert(torture, ok, "failed to get group list");
     733             : 
     734           6 :         torture_comment(torture, "got %d groups\n", count);
     735             : 
     736           6 :         return true;
     737             : }
     738             : 
     739             : struct torture_domain_sequence {
     740             :         const char *netbios_name;
     741             :         uint32_t seq;
     742             : };
     743             : 
     744           6 : static bool get_sequence_numbers(struct torture_context *torture,
     745             :                                  struct torture_domain_sequence **seqs)
     746             : {
     747           0 :         struct winbindd_request req;
     748           0 :         struct winbindd_response rep;
     749           0 :         const char *extra_data;
     750           0 :         char line[256];
     751           6 :         uint32_t count = 0;
     752           6 :         struct torture_domain_sequence *s = NULL;
     753             : 
     754           6 :         ZERO_STRUCT(req);
     755           6 :         ZERO_STRUCT(rep);
     756             : 
     757           6 :         DO_STRUCT_REQ_REP(WINBINDD_SHOW_SEQUENCE, &req, &rep);
     758             : 
     759           6 :         extra_data = (char *)rep.extra_data.data;
     760           6 :         torture_assert(torture, extra_data, "NULL sequence list");
     761             : 
     762          26 :         while (next_token(&extra_data, line, "\n", sizeof(line))) {
     763           0 :                 char *p, *lp;
     764           0 :                 uint32_t seq;
     765             : 
     766          20 :                 s = talloc_realloc(torture, s, struct torture_domain_sequence,
     767             :                                    count + 2);
     768          20 :                 ZERO_STRUCT(s[count+1]);
     769             : 
     770          20 :                 lp = line;
     771          20 :                 p = strchr(lp, ' ');
     772          20 :                 torture_assert(torture, p, "invalid line format");
     773          20 :                 *p = 0;
     774          20 :                 s[count].netbios_name = talloc_strdup(s, lp);
     775             : 
     776          20 :                 lp = p+1;
     777          20 :                 torture_assert(torture, strncmp(lp, ": ", 2) == 0,
     778             :                                "invalid line format");
     779          20 :                 lp += 2;
     780          20 :                 if (strcmp(lp, "DISCONNECTED") == 0) {
     781           0 :                         seq = (uint32_t)-1;
     782             :                 } else {
     783          20 :                         seq = (uint32_t)strtol(lp, &p, 10);
     784          20 :                         torture_assert(torture, (*p == '\0'),
     785             :                                        "invalid line format");
     786          20 :                         torture_assert(torture, (seq != (uint32_t)-1),
     787             :                                        "sequence number -1 encountered");
     788             :                 }
     789          20 :                 s[count].seq = seq;
     790             : 
     791          20 :                 count++;
     792             :         }
     793           6 :         SAFE_FREE(rep.extra_data.data);
     794             : 
     795           6 :         torture_assert(torture, count >= 2, "The list of domain sequence "
     796             :                        "numbers should contain 2 entries");
     797             : 
     798           6 :         *seqs = s;
     799           6 :         return true;
     800             : }
     801             : 
     802           6 : static bool torture_winbind_struct_show_sequence(struct torture_context *torture)
     803             : {
     804           0 :         bool ok;
     805           0 :         uint32_t i;
     806           6 :         struct torture_trust_domain *domlist = NULL;
     807           6 :         struct torture_domain_sequence *s = NULL;
     808             : 
     809           6 :         torture_comment(torture, "Running WINBINDD_SHOW_SEQUENCE (struct based)\n");
     810             : 
     811           6 :         ok = get_sequence_numbers(torture, &s);
     812           6 :         torture_assert(torture, ok, "failed to get list of sequence numbers");
     813             : 
     814           6 :         ok = get_trusted_domains(torture, &domlist);
     815           6 :         torture_assert(torture, ok, "failed to get trust list");
     816             : 
     817          26 :         for (i=0; domlist[i].netbios_name; i++) {
     818           0 :                 struct winbindd_request req;
     819           0 :                 struct winbindd_response rep;
     820           0 :                 uint32_t seq;
     821             : 
     822          20 :                 torture_assert(torture, s[i].netbios_name,
     823             :                                "more domains received in second run");
     824          20 :                 torture_assert_str_equal(torture, domlist[i].netbios_name,
     825             :                                          s[i].netbios_name,
     826             :                                          "inconsistent order of domain lists");
     827             : 
     828          20 :                 ZERO_STRUCT(req);
     829          20 :                 ZERO_STRUCT(rep);
     830          20 :                 fstrcpy(req.domain_name, domlist[i].netbios_name);
     831             : 
     832          20 :                 ok = true;
     833          20 :                 DO_STRUCT_REQ_REP_EXT(WINBINDD_SHOW_SEQUENCE, &req, &rep,
     834             :                                       NSS_STATUS_SUCCESS,
     835             :                                       false, ok = false,
     836             :                                       "WINBINDD_SHOW_SEQUENCE");
     837          20 :                 if (ok == false) {
     838           0 :                         torture_warning(torture,
     839             :                                         "WINBINDD_SHOW_SEQUENCE on "
     840             :                                         "domain %s failed\n",
     841             :                                         req.domain_name);
     842             : 
     843             :                         /*
     844             :                          * Only fail for the first two domain that we
     845             :                          * check specially below, otherwise we fail on
     846             :                          * trusts generated by the LSA torture test
     847             :                          * that do not really exist.
     848             :                          */
     849           0 :                         if (i > 1) {
     850             :                                 /*
     851             :                                  * Do not confirm the sequence numbers
     852             :                                  * below
     853             :                                  */
     854           0 :                                 return true;
     855             :                         }
     856             : 
     857           0 :                         torture_comment(torture,
     858             :                                         "Full trust list for "
     859             :                                         "WINBINDD_SHOW_SEQUENCE "
     860             :                                         "test was:\n");
     861           0 :                         for (i=0; domlist[i].netbios_name; i++) {
     862           0 :                                 torture_comment(torture,
     863             :                                                 "%s\n",
     864           0 :                                                 domlist[i].netbios_name);
     865             :                         }
     866             : 
     867           0 :                         return false;
     868             :                 }
     869             : 
     870          20 :                 seq = rep.data.sequence_number;
     871             : 
     872          20 :                 if (i == 0) {
     873           6 :                         torture_assert(torture, (seq != (uint32_t)-1),
     874             :                                        "BUILTIN domain disconnected");
     875          14 :                 } else if (i == 1) {
     876           6 :                         torture_assert(torture, (seq != (uint32_t)-1),
     877             :                                        "local domain disconnected");
     878             :                 }
     879             : 
     880             : 
     881          20 :                 if (seq == (uint32_t)-1) {
     882           0 :                         torture_comment(torture, " * %s : DISCONNECTED\n",
     883             :                                         req.domain_name);
     884             :                 } else {
     885          20 :                         torture_comment(torture, " * %s : %d\n",
     886             :                                         req.domain_name, seq);
     887             :                 }
     888          20 :                 torture_assert(torture, (seq >= s[i].seq),
     889             :                                "illegal sequence number encountered");
     890             :         }
     891             : 
     892           6 :         return true;
     893             : }
     894             : 
     895           6 : static bool torture_winbind_struct_setpwent(struct torture_context *torture)
     896             : {
     897           0 :         struct winbindd_request req;
     898           0 :         struct winbindd_response rep;
     899             : 
     900           6 :         torture_comment(torture, "Running WINBINDD_SETPWENT (struct based)\n");
     901             : 
     902           6 :         ZERO_STRUCT(req);
     903           6 :         ZERO_STRUCT(rep);
     904             : 
     905           6 :         DO_STRUCT_REQ_REP(WINBINDD_SETPWENT, &req, &rep);
     906             : 
     907           6 :         return true;
     908             : }
     909             : 
     910           6 : static bool torture_winbind_struct_getpwent(struct torture_context *torture)
     911             : {
     912           0 :         struct winbindd_request req;
     913           0 :         struct winbindd_response rep;
     914           0 :         struct winbindd_pw *pwent;
     915             : 
     916           6 :         torture_comment(torture, "Running WINBINDD_GETPWENT (struct based)\n");
     917             : 
     918           6 :         torture_comment(torture, " - Running WINBINDD_SETPWENT first\n");
     919           6 :         ZERO_STRUCT(req);
     920           6 :         ZERO_STRUCT(rep);
     921           6 :         DO_STRUCT_REQ_REP(WINBINDD_SETPWENT, &req, &rep);
     922             : 
     923           6 :         torture_comment(torture, " - Running WINBINDD_GETPWENT now\n");
     924           6 :         ZERO_STRUCT(req);
     925           6 :         ZERO_STRUCT(rep);
     926           6 :         req.data.num_entries = 1;
     927           6 :         if (torture_setting_bool(torture, "samba3", false)) {
     928           0 :                 DO_STRUCT_REQ_REP_EXT(WINBINDD_GETPWENT, &req, &rep,
     929             :                                       NSS_STATUS_SUCCESS, false, _STRUCT_NOOP,
     930             :                                       NULL);
     931             :         } else {
     932           6 :                 DO_STRUCT_REQ_REP(WINBINDD_GETPWENT, &req, &rep);
     933             :         }
     934           6 :         pwent = (struct winbindd_pw *)rep.extra_data.data;
     935           6 :         if (!torture_setting_bool(torture, "samba3", false)) {
     936           6 :                 torture_assert(torture, (pwent != NULL), "NULL pwent");
     937             :         }
     938           6 :         if (pwent) {
     939           6 :                 torture_comment(torture, "name: %s, uid: %d, gid: %d, shell: %s\n",
     940           6 :                                 pwent->pw_name, pwent->pw_uid, pwent->pw_gid,
     941           6 :                                 pwent->pw_shell);
     942             :         }
     943             : 
     944           6 :         return true;
     945             : }
     946             : 
     947           6 : static bool torture_winbind_struct_endpwent(struct torture_context *torture)
     948             : {
     949           0 :         struct winbindd_request req;
     950           0 :         struct winbindd_response rep;
     951             : 
     952           6 :         torture_comment(torture, "Running WINBINDD_ENDPWENT (struct based)\n");
     953             : 
     954           6 :         ZERO_STRUCT(req);
     955           6 :         ZERO_STRUCT(rep);
     956             : 
     957           6 :         DO_STRUCT_REQ_REP(WINBINDD_ENDPWENT, &req, &rep);
     958             : 
     959           6 :         return true;
     960             : }
     961             : 
     962             : /* Copy of parse_domain_user from winbindd_util.c.  Parse a string of the
     963             :    form DOMAIN/user into a domain and a user */
     964             : 
     965         782 : static bool parse_domain_user(struct torture_context *torture,
     966             :                               const char *domuser, fstring domain,
     967             :                               fstring user)
     968             : {
     969         782 :         char *p = strchr(domuser, winbind_separator(torture));
     970         782 :         char *dom = NULL;
     971             : 
     972         782 :         if (!p) {
     973             :                 /* Maybe it was a UPN? */
     974           0 :                 if ((p = strchr(domuser, '@')) != NULL) {
     975           0 :                         fstrcpy(domain, "");
     976           0 :                         fstrcpy(user, domuser);
     977           0 :                         return true;
     978             :                 }
     979             : 
     980           0 :                 fstrcpy(user, domuser);
     981           0 :                 get_winbind_domain(torture, &dom);
     982           0 :                 fstrcpy(domain, dom);
     983           0 :                 return true;
     984             :         }
     985             : 
     986         782 :         fstrcpy(user, p+1);
     987         782 :         fstrcpy(domain, domuser);
     988         782 :         domain[PTR_DIFF(p, domuser)] = 0;
     989             : 
     990         782 :         return true;
     991             : }
     992             : 
     993          12 : static bool lookup_name_sid_list(struct torture_context *torture, char **list)
     994             : {
     995           0 :         uint32_t count;
     996             : 
     997         790 :         for (count = 0; list[count]; count++) {
     998           0 :                 struct winbindd_request req;
     999           0 :                 struct winbindd_response rep;
    1000           0 :                 char *sid;
    1001           0 :                 char *name;
    1002         782 :                 const char *domain_name = torture_setting_string(torture,
    1003             :                                                 "winbindd_domain_without_prefix",
    1004             :                                                 NULL);
    1005             : 
    1006         782 :                 ZERO_STRUCT(req);
    1007         782 :                 ZERO_STRUCT(rep);
    1008             : 
    1009         782 :                 parse_domain_user(torture, list[count], req.data.name.dom_name,
    1010             :                                   req.data.name.name);
    1011             : 
    1012         786 :                 DO_STRUCT_REQ_REP(WINBINDD_LOOKUPNAME, &req, &rep);
    1013             : 
    1014         782 :                 sid = talloc_strdup(torture, rep.data.sid.sid);
    1015             : 
    1016         782 :                 ZERO_STRUCT(req);
    1017         782 :                 ZERO_STRUCT(rep);
    1018             : 
    1019         782 :                 fstrcpy(req.data.sid, sid);
    1020             : 
    1021         782 :                 DO_STRUCT_REQ_REP(WINBINDD_LOOKUPSID, &req, &rep);
    1022             : 
    1023         812 :                 if (domain_name != NULL &&
    1024          30 :                     strequal(rep.data.name.dom_name, domain_name))
    1025             :                 {
    1026           4 :                         name = talloc_asprintf(torture, "%s",
    1027             :                                                rep.data.name.name);
    1028             :                 } else {
    1029         778 :                         name = talloc_asprintf(torture, "%s%c%s",
    1030             :                                                rep.data.name.dom_name,
    1031         778 :                                                winbind_separator(torture),
    1032             :                                                rep.data.name.name);
    1033             :                 }
    1034             : 
    1035         782 :                 torture_assert_casestr_equal(torture, list[count], name,
    1036             :                                          "LOOKUP_SID after LOOKUP_NAME != id");
    1037             : 
    1038             : #if 0
    1039             :                 torture_comment(torture, " %s -> %s -> %s\n", list[count],
    1040             :                                 sid, name);
    1041             : #endif
    1042             : 
    1043         778 :                 talloc_free(sid);
    1044         778 :                 talloc_free(name);
    1045             :         }
    1046             : 
    1047           8 :         return true;
    1048             : }
    1049             : 
    1050          12 : static bool name_is_in_list(const char *name, char **list)
    1051             : {
    1052           0 :         uint32_t count;
    1053             : 
    1054         852 :         for (count = 0; list && list[count]; count++) {
    1055         840 :                 if (strequal(name, list[count])) {
    1056           0 :                         return true;
    1057             :                 }
    1058             :         }
    1059          12 :         return false;
    1060             : }
    1061             : 
    1062           6 : static bool torture_winbind_struct_lookup_name_sid(struct torture_context *torture)
    1063             : {
    1064           0 :         struct winbindd_request req;
    1065           0 :         struct winbindd_response rep;
    1066           6 :         const char *invalid_sid = "S-0-0-7";
    1067           6 :         char *domain = NULL;
    1068           6 :         const char *invalid_user = "no one";
    1069           0 :         char *invalid_name;
    1070           6 :         bool strict = torture_setting_bool(torture, "strict mode", false);
    1071           0 :         char **users;
    1072           0 :         char **groups;
    1073           0 :         uint32_t count, num_groups;
    1074           0 :         bool ok;
    1075             : 
    1076           6 :         torture_comment(torture, "Running WINBINDD_LOOKUP_NAME_SID (struct based)\n");
    1077             : 
    1078           6 :         ok = get_user_list(torture, &users);
    1079           6 :         torture_assert(torture, ok, "failed to retrieve list of users");
    1080           6 :         lookup_name_sid_list(torture, users);
    1081             : 
    1082           6 :         ok = get_group_list(torture, &num_groups, &groups);
    1083           6 :         torture_assert(torture, ok, "failed to retrieve list of groups");
    1084           6 :         if (num_groups > 0) {
    1085           6 :                 lookup_name_sid_list(torture, groups);
    1086             :         }
    1087             : 
    1088           6 :         ZERO_STRUCT(req);
    1089           6 :         ZERO_STRUCT(rep);
    1090             : 
    1091           6 :         fstrcpy(req.data.sid, invalid_sid);
    1092             : 
    1093           6 :         ok = true;
    1094           6 :         DO_STRUCT_REQ_REP_EXT(WINBINDD_LOOKUPSID, &req, &rep,
    1095             :                               NSS_STATUS_NOTFOUND,
    1096             :                               strict,
    1097             :                               ok=false,
    1098             :                               talloc_asprintf(torture,
    1099             :                                               "invalid sid %s was resolved",
    1100             :                                               invalid_sid));
    1101             : 
    1102           6 :         ZERO_STRUCT(req);
    1103           6 :         ZERO_STRUCT(rep);
    1104             : 
    1105             :         /* try to find an invalid name... */
    1106             : 
    1107           6 :         count = 0;
    1108           6 :         get_winbind_domain(torture, &domain);
    1109           0 :         do {
    1110           6 :                 count++;
    1111           6 :                 invalid_name = talloc_asprintf(torture, "%s/%s%u",
    1112             :                                                domain,
    1113             :                                                invalid_user, count);
    1114          12 :         } while(name_is_in_list(invalid_name, users) ||
    1115           6 :                 name_is_in_list(invalid_name, groups));
    1116             : 
    1117           6 :         fstrcpy(req.data.name.dom_name, domain);
    1118           6 :         fstrcpy(req.data.name.name,
    1119             :                 talloc_asprintf(torture, "%s%u", invalid_user,
    1120             :                                 count));
    1121             : 
    1122           6 :         ok = true;
    1123           6 :         DO_STRUCT_REQ_REP_EXT(WINBINDD_LOOKUPNAME, &req, &rep,
    1124             :                               NSS_STATUS_NOTFOUND,
    1125             :                               strict,
    1126             :                               ok=false,
    1127             :                               talloc_asprintf(torture,
    1128             :                                               "invalid name %s was resolved",
    1129             :                                               invalid_name));
    1130             : 
    1131           6 :         talloc_free(users);
    1132           6 :         talloc_free(groups);
    1133             : 
    1134           6 :         return true;
    1135             : }
    1136             : 
    1137           6 : static bool torture_winbind_struct_lookup_sids_invalid(
    1138             :         struct torture_context *torture)
    1139             : {
    1140           6 :         struct winbindd_request req = {0};
    1141           6 :         struct winbindd_response rep = {0};
    1142           6 :         bool strict = torture_setting_bool(torture, "strict mode", false);
    1143           0 :         bool ok;
    1144             : 
    1145           6 :         torture_comment(torture,
    1146             :                         "Running WINBINDD_LOOKUP_SIDS (struct based)\n");
    1147             : 
    1148           6 :         ok = true;
    1149           6 :         DO_STRUCT_REQ_REP_EXT(WINBINDD_LOOKUPSIDS, &req, &rep,
    1150             :                               NSS_STATUS_NOTFOUND,
    1151             :                               strict,
    1152             :                               ok=false,
    1153             :                               talloc_asprintf(
    1154             :                                       torture,
    1155             :                                       "invalid lookupsids succeeded"));
    1156             : 
    1157           6 :         return ok;
    1158             : }
    1159             : 
    1160        2358 : struct torture_suite *torture_winbind_struct_init(TALLOC_CTX *ctx)
    1161             : {
    1162        2358 :         struct torture_suite *suite = torture_suite_create(ctx, "struct");
    1163             : 
    1164        2358 :         torture_suite_add_simple_test(suite, "interface_version", torture_winbind_struct_interface_version);
    1165        2358 :         torture_suite_add_simple_test(suite, "ping", torture_winbind_struct_ping);
    1166        2358 :         torture_suite_add_simple_test(suite, "info", torture_winbind_struct_info);
    1167        2358 :         torture_suite_add_simple_test(suite, "priv_pipe_dir", torture_winbind_struct_priv_pipe_dir);
    1168        2358 :         torture_suite_add_simple_test(suite, "netbios_name", torture_winbind_struct_netbios_name);
    1169        2358 :         torture_suite_add_simple_test(suite, "domain_name", torture_winbind_struct_domain_name);
    1170        2358 :         torture_suite_add_simple_test(suite, "check_machacc", torture_winbind_struct_check_machacc);
    1171        2358 :         torture_suite_add_simple_test(suite, "list_trustdom", torture_winbind_struct_list_trustdom);
    1172        2358 :         torture_suite_add_simple_test(suite, "domain_info", torture_winbind_struct_domain_info);
    1173        2358 :         torture_suite_add_simple_test(suite, "getdcname", torture_winbind_struct_getdcname);
    1174        2358 :         torture_suite_add_simple_test(suite, "dsgetdcname", torture_winbind_struct_dsgetdcname);
    1175        2358 :         torture_suite_add_simple_test(suite, "list_users", torture_winbind_struct_list_users);
    1176        2358 :         torture_suite_add_simple_test(suite, "list_groups", torture_winbind_struct_list_groups);
    1177        2358 :         torture_suite_add_simple_test(suite, "show_sequence", torture_winbind_struct_show_sequence);
    1178        2358 :         torture_suite_add_simple_test(suite, "setpwent", torture_winbind_struct_setpwent);
    1179        2358 :         torture_suite_add_simple_test(suite, "getpwent", torture_winbind_struct_getpwent);
    1180        2358 :         torture_suite_add_simple_test(suite, "endpwent", torture_winbind_struct_endpwent);
    1181        2358 :         torture_suite_add_simple_test(suite, "lookup_name_sid", torture_winbind_struct_lookup_name_sid);
    1182        2358 :         torture_suite_add_simple_test(
    1183             :                 suite,
    1184             :                 "lookup_sids_invalid",
    1185             :                 torture_winbind_struct_lookup_sids_invalid);
    1186             : 
    1187        2358 :         suite->description = talloc_strdup(suite, "WINBIND - struct based protocol tests");
    1188             : 
    1189        2358 :         return suite;
    1190             : }

Generated by: LCOV version 1.14