The branch, master has been updated via 5462d27 s4-torture: add test for winspool_AsyncGetPrinterDriverDirectory() via 39ac61b s4-torture: add test for winspool_AsyncDeletePrintDriverPackage via 3268150 s4-torture: add test for winspool_AsyncCorePrinterDriverInstalled via 887e00c s4-torture: add test for spoolss vs. iremotewinspool context handles via 20b4b2b s4-torture: add test for winspool_AsyncGetPrinterData via 2c0350a s4-torture: add test for winspool_AsyncEnumPrinters via b933b8e s4-torture: add test for winspool_AsyncUploadPrinterDriverPackage via 01f8593 s4-torture: add test for winspool_SyncUnRegisterForRemoteNotifications. via 4b7097f s4-torture: add test for winspool_SyncRegisterForRemoteNotifications. via 8d0ad41 s4-torture: add IRemoteWinspool rpc testsuite. via b53b3b8 s4-torture: add torture_rpc_connection_with_binding() via 8f4e426 wbinfo: Use ntlmv2 by default for wbinfo -a via 15fa802 s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT port. from cc081c7 s3-epmapper: Ignore epm_Map object guid
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 5462d2727db2a09cb73b00a51bf4d896c70f3498 Author: Günther Deschner <g...@samba.org> Date: Tue Nov 8 11:32:20 2016 +0100 s4-torture: add test for winspool_AsyncGetPrinterDriverDirectory() Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Nov 15 05:09:31 CET 2016 on sn-devel-144 commit 39ac61b993d43603640a9a1a538594b7af461798 Author: Günther Deschner <g...@samba.org> Date: Wed Nov 2 12:30:58 2016 +0100 s4-torture: add test for winspool_AsyncDeletePrintDriverPackage Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 3268150b19256c5c4dd1398d78d24643d9f6542d Author: Günther Deschner <g...@samba.org> Date: Fri Oct 28 22:49:21 2016 +0200 s4-torture: add test for winspool_AsyncCorePrinterDriverInstalled Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 887e00cb0f993139fad722df9ba43fd7052fcf91 Author: Günther Deschner <g...@samba.org> Date: Mon Sep 5 22:49:39 2016 +0200 s4-torture: add test for spoolss vs. iremotewinspool context handles This test demonstrates that one cannot use a handle retrieved via iremotewinspool in a spoolss context. Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 20b4b2bdca670ec3b51a643a5f439d2948ee8176 Author: Günther Deschner <g...@samba.org> Date: Thu Sep 1 13:57:50 2016 +0200 s4-torture: add test for winspool_AsyncGetPrinterData Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 2c0350a04a1214e444d3544a923694d198cc16ec Author: Günther Deschner <g...@samba.org> Date: Thu Aug 25 17:31:47 2016 +0200 s4-torture: add test for winspool_AsyncEnumPrinters Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b933b8ee86ef65f726899f718c07ae792a024580 Author: Günther Deschner <g...@samba.org> Date: Tue Aug 23 22:58:26 2016 +0200 s4-torture: add test for winspool_AsyncUploadPrinterDriverPackage Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 01f859386d3e9650bb8c5cc82ac7e220a3808929 Author: Günther Deschner <g...@samba.org> Date: Tue Aug 23 18:39:48 2016 +0200 s4-torture: add test for winspool_SyncUnRegisterForRemoteNotifications. Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 4b7097f833ebbab9be7b780adcc3cf0cfe74fe36 Author: Günther Deschner <g...@samba.org> Date: Thu May 16 18:21:30 2013 +0200 s4-torture: add test for winspool_SyncRegisterForRemoteNotifications. Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 8d0ad4126c1b4fdadd7cc0346ab29b70f8bafc28 Author: Günther Deschner <g...@samba.org> Date: Tue Jan 15 15:23:58 2013 +0100 s4-torture: add IRemoteWinspool rpc testsuite. Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b53b3b8e327c5f7983be8f2e403aa252145487a4 Author: Günther Deschner <g...@samba.org> Date: Thu Oct 27 14:12:35 2016 +0200 s4-torture: add torture_rpc_connection_with_binding() Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 8f4e426f33fbbca0c363592c315fcb4ffd79fd67 Author: Volker Lendecke <v...@samba.org> Date: Mon Nov 14 16:38:29 2016 +0100 wbinfo: Use ntlmv2 by default for wbinfo -a Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 15fa802c771513fa535f9c825bcbdcdcc73ae66a Author: Noel Power <noel.po...@suse.com> Date: Thu Nov 10 08:27:57 2016 +0000 s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT port. If 'disable netbios' is true 'smbclient -L //server' will try use the NBT port to list the servers and 'smbclient -M //server' use the netbios messaging WinPopup facility, we should honour the config and not do that. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12418 Signed-off-by: Noel Power <noel.po...@suse.com> Reviewed-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: docs-xml/manpages/wbinfo.1.xml | 11 +- nsswitch/wbinfo.c | 9 +- selftest/skip | 1 + source3/client/client.c | 11 +- source4/torture/rpc/iremotewinspool.c | 941 ++++++++++++++++++++++++++++++++++ source4/torture/rpc/rpc.c | 22 +- source4/torture/rpc/torture_rpc.h | 4 + source4/torture/wscript_build | 2 + 8 files changed, 992 insertions(+), 9 deletions(-) create mode 100644 source4/torture/rpc/iremotewinspool.c Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/wbinfo.1.xml b/docs-xml/manpages/wbinfo.1.xml index 48d2f74..f31de7e 100644 --- a/docs-xml/manpages/wbinfo.1.xml +++ b/docs-xml/manpages/wbinfo.1.xml @@ -49,6 +49,7 @@ <arg choice="opt">-m</arg> <arg choice="opt">-n name</arg> <arg choice="opt">-N netbios-name</arg> + <arg choice="opt">--ntlmv1</arg> <arg choice="opt">--ntlmv2</arg> <arg choice="opt">--online-status</arg> <arg choice="opt">--own-domain</arg> @@ -330,8 +331,16 @@ </varlistentry> <varlistentry> + <term>--ntlmv1</term> + <listitem><para>Use NTLMv1 cryptography for user authentication. + </para></listitem> + </varlistentry> + + <varlistentry> <term>--ntlmv2</term> - <listitem><para>Use NTLMv2 cryptography for user authentication. + <listitem><para>Use NTLMv2 cryptography for user + authentication. NTLMv2 is the default method, this + option is only maintained for compatibility. </para></listitem> </varlistentry> diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c index f7b5ace..80b245a 100644 --- a/nsswitch/wbinfo.c +++ b/nsswitch/wbinfo.c @@ -2228,6 +2228,7 @@ enum { OPT_CHANGE_USER_PASSWORD, OPT_CCACHE_SAVE, OPT_SID_TO_FULLNAME, + OPT_NTLMV1, OPT_NTLMV2, OPT_PAM_LOGON, OPT_LOGOFF, @@ -2249,7 +2250,7 @@ int main(int argc, const char **argv, char **envp) int int_subarg = -1; int result = 1; bool verbose = false; - bool use_ntlmv2 = false; + bool use_ntlmv2 = true; bool use_lanman = false; char *logoff_user = getenv("USER"); int logoff_uid = geteuid(); @@ -2343,6 +2344,8 @@ int main(int argc, const char **argv, char **envp) { "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL }, { "verbose", 0, POPT_ARG_NONE, 0, OPT_VERBOSE, "Print additional information per command", NULL }, { "change-user-password", 0, POPT_ARG_STRING, &string_arg, OPT_CHANGE_USER_PASSWORD, "Change the password for a user", NULL }, + { "ntlmv1", 0, POPT_ARG_NONE, 0, OPT_NTLMV1, + "Use NTLMv1 cryptography for user authentication", NULL}, { "ntlmv2", 0, POPT_ARG_NONE, 0, OPT_NTLMV2, "Use NTLMv2 cryptography for user authentication", NULL}, { "lanman", 0, POPT_ARG_NONE, 0, OPT_LANMAN, "Use lanman cryptography for user authentication", NULL}, POPT_COMMON_VERSION @@ -2371,8 +2374,8 @@ int main(int argc, const char **argv, char **envp) case OPT_VERBOSE: verbose = true; break; - case OPT_NTLMV2: - use_ntlmv2 = true; + case OPT_NTLMV1: + use_ntlmv2 = false; break; case OPT_LANMAN: use_lanman = true; diff --git a/selftest/skip b/selftest/skip index ba6718a..ebef0e8 100644 --- a/selftest/skip +++ b/selftest/skip @@ -111,6 +111,7 @@ ^samba4.rpc.dfs # Not provided by Samba 4 ^samba4.rpc.witness # Not provided by Samba 4 ^samba4.rpc.clusapi # clusapi server support not yet provided +^samba4.rpc.iremotewinspool.*\(ad_dc_ntvfs\)$ # Not provided by Samba 4 ^samba4.*.base.samba3.* # Samba3-specific test ^samba4.*.raw.samba3.* # Samba3-specific test ^samba4.rpc..*samba3.* # Samba3-specific test diff --git a/source3/client/client.c b/source3/client/client.c index 78862ee..ecfd27c 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -5598,6 +5598,10 @@ static int do_host_query(const char *query_host) } } + if (lp_disable_netbios()) { + goto out; + } + if (port != NBT_SMB_PORT) { /* Workgroups simply don't make sense over anything @@ -5621,7 +5625,7 @@ static int do_host_query(const char *query_host) cli_set_timeout(cli, io_timeout*1000); list_servers(lp_workgroup()); - +out: cli_shutdown(cli); return(0); @@ -5676,6 +5680,11 @@ static int do_message_op(struct user_auth_info *a_info) { NTSTATUS status; + if (lp_disable_netbios()) { + d_printf("NetBIOS over TCP disabled.\n"); + return 1; + } + status = cli_connect_nb(desthost, have_ip ? &dest_ss : NULL, port ? port : NBT_SMB_PORT, name_type, lp_netbios_name(), SMB_SIGNING_DEFAULT, 0, &cli); diff --git a/source4/torture/rpc/iremotewinspool.c b/source4/torture/rpc/iremotewinspool.c new file mode 100644 index 0000000..d419e9c --- /dev/null +++ b/source4/torture/rpc/iremotewinspool.c @@ -0,0 +1,941 @@ +/* + Unix SMB/CIFS implementation. + test suite for iremotewinspool rpc operations + + Copyright (C) Guenther Deschner 2013 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "torture/torture.h" +#include "librpc/gen_ndr/ndr_winspool.h" +#include "librpc/gen_ndr/ndr_winspool_c.h" +#include "librpc/gen_ndr/ndr_spoolss_c.h" +#include "torture/rpc/torture_rpc.h" +#include "libcli/registry/util_reg.h" + +struct test_iremotewinspool_context { + struct GUID object_uuid; + struct dcerpc_pipe *iremotewinspool_pipe; + struct policy_handle server_handle; + const char *environment; +}; + +static bool test_AsyncOpenPrinter_byprinter(struct torture_context *tctx, + struct test_iremotewinspool_context *ctx, + struct dcerpc_pipe *p, + const char *printer_name, + struct policy_handle *handle) +{ + struct dcerpc_binding_handle *b = p->binding_handle; + struct spoolss_DevmodeContainer devmode_ctr; + struct spoolss_UserLevelCtr client_info_ctr; + struct spoolss_UserLevel1 level1; + uint32_t access_mask = SERVER_ALL_ACCESS; + struct winspool_AsyncOpenPrinter r; + + ZERO_STRUCT(devmode_ctr); + + level1.size = 28; + level1.client = talloc_asprintf(tctx, "\\\\%s", "mthelena"); + level1.user = "GD"; + level1.build = 1381; + level1.major = 3; + level1.minor = 0; + level1.processor = PROCESSOR_ARCHITECTURE_AMD64; + + client_info_ctr.level = 1; + client_info_ctr.user_info.level1 = &level1; + + r.in.pPrinterName = printer_name; + r.in.pDatatype = NULL; + r.in.pDevModeContainer = &devmode_ctr; + r.in.AccessRequired = access_mask; + r.in.pClientInfo = &client_info_ctr; + r.out.pHandle = handle; + + torture_assert_ntstatus_ok(tctx, + dcerpc_winspool_AsyncOpenPrinter_r(b, tctx, &r), + "AsyncOpenPrinter failed"); + torture_assert_werr_ok(tctx, r.out.result, + "AsyncOpenPrinter failed"); + + return true; +} + +static bool test_AsyncClosePrinter_byhandle(struct torture_context *tctx, + struct test_iremotewinspool_context *ctx, + struct dcerpc_pipe *p, + struct policy_handle *handle) +{ + struct dcerpc_binding_handle *b = p->binding_handle; + + struct winspool_AsyncClosePrinter r; + + r.in.phPrinter = handle; + r.out.phPrinter = handle; + + torture_assert_ntstatus_ok(tctx, + dcerpc_winspool_AsyncClosePrinter_r(b, tctx, &r), + "AsyncClosePrinter failed"); + torture_assert_werr_ok(tctx, r.out.result, + "AsyncClosePrinter failed"); + + return true; +} + +static bool test_AsyncGetPrinterData_checktype(struct torture_context *tctx, + struct dcerpc_binding_handle *b, + struct policy_handle *handle, + const char *value_name, + enum winreg_Type *expected_type, + enum winreg_Type *type_p, + uint8_t **data_p, + uint32_t *needed_p) +{ + struct winspool_AsyncGetPrinterData r; + enum winreg_Type type; + uint32_t needed; + + r.in.hPrinter = *handle; + r.in.pValueName = value_name; + r.in.nSize = 0; + r.out.pType = &type; + r.out.pData = talloc_zero_array(tctx, uint8_t, r.in.nSize); + r.out.pcbNeeded = &needed; + + torture_comment(tctx, "Testing AsyncGetPrinterData(%s)\n", + r.in.pValueName); + + torture_assert_ntstatus_ok(tctx, + dcerpc_winspool_AsyncGetPrinterData_r(b, tctx, &r), + "AsyncGetPrinterData failed"); + + if (W_ERROR_EQUAL(r.out.result, WERR_MORE_DATA)) { + if (expected_type) { + torture_assert_int_equal(tctx, type, *expected_type, "unexpected type"); + } + r.in.nSize = needed; + r.out.pData = talloc_zero_array(tctx, uint8_t, r.in.nSize); + + torture_assert_ntstatus_ok(tctx, + dcerpc_winspool_AsyncGetPrinterData_r(b, tctx, &r), + "AsyncGetPrinterData failed"); + } + + torture_assert_werr_ok(tctx, r.out.result, + "AsyncGetPrinterData failed"); + + if (type_p) { + *type_p = type; + } + + if (data_p) { + *data_p = r.out.pData; + } + + if (needed_p) { + *needed_p = needed; + } + + return true; +} + +static bool test_AsyncGetPrinterData_args(struct torture_context *tctx, + struct dcerpc_binding_handle *b, + struct policy_handle *handle, + const char *value_name, + enum winreg_Type *type_p, + uint8_t **data_p, + uint32_t *needed_p) +{ + return test_AsyncGetPrinterData_checktype(tctx, b, handle, + value_name, + NULL, + type_p, data_p, needed_p); +} + +static bool test_get_environment(struct torture_context *tctx, + struct dcerpc_binding_handle *b, + struct policy_handle *handle, + const char **architecture) +{ + DATA_BLOB blob; + enum winreg_Type type; + uint8_t *data; + uint32_t needed; + + torture_assert(tctx, + test_AsyncGetPrinterData_args(tctx, b, handle, "Architecture", &type, &data, &needed), + "failed to get Architecture"); + + torture_assert_int_equal(tctx, type, REG_SZ, "unexpected type"); + + blob = data_blob_const(data, needed); + + torture_assert(tctx, + pull_reg_sz(tctx, &blob, architecture), + "failed to pull environment"); + + return true; +} + +static bool torture_rpc_iremotewinspool_setup_common(struct torture_context *tctx, + struct test_iremotewinspool_context *t) +{ + const char *printer_name; + struct dcerpc_binding *binding; + + torture_assert_ntstatus_ok(tctx, + GUID_from_string(IREMOTEWINSPOOL_OBJECT_GUID, &t->object_uuid), + "failed to parse GUID"); + + torture_assert_ntstatus_ok(tctx, + torture_rpc_binding(tctx, &binding), + "failed to retrieve torture binding"); + + torture_assert_ntstatus_ok(tctx, + dcerpc_binding_set_object(binding, t->object_uuid), + "failed to set object_uuid"); + + torture_assert_ntstatus_ok(tctx, + torture_rpc_connection_with_binding(tctx, binding, &t->iremotewinspool_pipe, &ndr_table_iremotewinspool), + "Error connecting to server"); + + printer_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(t->iremotewinspool_pipe)); + + torture_assert(tctx, + test_AsyncOpenPrinter_byprinter(tctx, t, + t->iremotewinspool_pipe, printer_name, + &t->server_handle), + "failed to open printserver"); + torture_assert(tctx, + test_get_environment(tctx, + t->iremotewinspool_pipe->binding_handle, + &t->server_handle, &t->environment), + "failed to get environment"); + + return true; +} + +static bool torture_rpc_iremotewinspool_setup(struct torture_context *tctx, + void **data) +{ + struct test_iremotewinspool_context *t; + + *data = t = talloc_zero(tctx, struct test_iremotewinspool_context); + + return torture_rpc_iremotewinspool_setup_common(tctx, t); +} + +static bool torture_rpc_iremotewinspool_teardown_common(struct torture_context *tctx, + struct test_iremotewinspool_context *t) +{ + + test_AsyncClosePrinter_byhandle(tctx, t, t->iremotewinspool_pipe, &t->server_handle); + + return true; +} + +static bool torture_rpc_iremotewinspool_teardown(struct torture_context *tctx, + void *data) +{ + struct test_iremotewinspool_context *t = talloc_get_type(data, struct test_iremotewinspool_context); + bool ret; + + ret = torture_rpc_iremotewinspool_teardown_common(tctx, t); + talloc_free(t); + + return ret; +} + +static bool test_AsyncClosePrinter(struct torture_context *tctx, + void *private_data) +{ + struct test_iremotewinspool_context *ctx = + talloc_get_type_abort(private_data, struct test_iremotewinspool_context); + + struct dcerpc_pipe *p = ctx->iremotewinspool_pipe; + const char *printer_name; + struct policy_handle handle; + + printer_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); + + torture_assert(tctx, + test_AsyncOpenPrinter_byprinter(tctx, ctx, p, printer_name, &handle), + "failed to test AsyncOpenPrinter"); + + torture_assert(tctx, + test_AsyncClosePrinter_byhandle(tctx, ctx, p, &handle), + "failed to test AsyncClosePrinter"); + + return true; +} + +static bool test_AsyncOpenPrinter(struct torture_context *tctx, + void *private_data) +{ + struct test_iremotewinspool_context *ctx = + talloc_get_type_abort(private_data, struct test_iremotewinspool_context); + + struct dcerpc_pipe *p = ctx->iremotewinspool_pipe; + const char *printer_name; + struct policy_handle handle; + + printer_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); + + torture_assert(tctx, + test_AsyncOpenPrinter_byprinter(tctx, ctx, p, printer_name, &handle), + "failed to test AsyncOpenPrinter"); + + test_AsyncClosePrinter_byhandle(tctx, ctx, p, &handle); + + return true; +} + +static struct spoolss_NotifyOption *setup_printserver_NotifyOption(struct torture_context *tctx) +{ + struct spoolss_NotifyOption *o; + + o = talloc_zero(tctx, struct spoolss_NotifyOption); + if (o == NULL) { + return NULL; + } + + o->version = 2; + o->flags = PRINTER_NOTIFY_OPTIONS_REFRESH; + + o->count = 2; + o->types = talloc_zero_array(o, struct spoolss_NotifyOptionType, o->count); + if (o->types == NULL) { + talloc_free(o); + return NULL; + } + + o->types[0].type = PRINTER_NOTIFY_TYPE; + o->types[0].count = 1; + o->types[0].fields = talloc_array(o->types, union spoolss_Field, o->types[0].count); + if (o->types[0].fields == NULL) { + talloc_free(o); + return NULL; + } + o->types[0].fields[0].field = PRINTER_NOTIFY_FIELD_SERVER_NAME; + + o->types[1].type = JOB_NOTIFY_TYPE; + o->types[1].count = 1; + o->types[1].fields = talloc_array(o->types, union spoolss_Field, o->types[1].count); + if (o->types[1].fields == NULL) { + talloc_free(o); + return NULL; + } + o->types[1].fields[0].field = JOB_NOTIFY_FIELD_MACHINE_NAME; + + return o; +} + +static bool test_SyncUnRegisterForRemoteNotifications_args(struct torture_context *tctx, + struct dcerpc_pipe *p, + struct policy_handle *notify_handle) +{ + struct winspool_SyncUnRegisterForRemoteNotifications r; + struct dcerpc_binding_handle *b = p->binding_handle; + + r.in.phRpcHandle = notify_handle; + r.out.phRpcHandle = notify_handle; + + torture_assert_ntstatus_ok(tctx, + dcerpc_winspool_SyncUnRegisterForRemoteNotifications_r(b, tctx, &r), + "SyncUnRegisterForRemoteNotifications failed"); + torture_assert_hresult_ok(tctx, r.out.result, + "SyncUnRegisterForRemoteNotifications failed"); + + return true; +} + +static bool test_SyncRegisterForRemoteNotifications_args(struct torture_context *tctx, + struct dcerpc_pipe *p, + struct policy_handle *server_handle, + struct policy_handle *notify_handle); + +static bool test_SyncUnRegisterForRemoteNotifications(struct torture_context *tctx, + void *private_data) +{ + struct test_iremotewinspool_context *ctx = -- Samba Shared Repository