From: Andreas Schneider <asn@samba.org>
Date: Mon, 18 Mar 2024 17:45:19 +0000 (+0100)
Subject: s4:torture: Use dcerpc_lsa_OpenPolicy3_r()
X-Git-Tag: tdb-1.4.11~1253
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=354f61d868db1193fce0516adeaed23dbc49206e;p=thirdparty%2Fsamba.git

s4:torture: Use dcerpc_lsa_OpenPolicy3_r()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/torture/rpc/forest_trust.c b/source4/torture/rpc/forest_trust.c
index e7b641e161a..0a09bb12da6 100644
--- a/source4/torture/rpc/forest_trust.c
+++ b/source4/torture/rpc/forest_trust.c
@@ -47,29 +47,57 @@ static bool test_get_policy_handle(struct torture_context *tctx,
 				   uint32_t access_mask,
 				   struct policy_handle **handle  )
 {
-	struct policy_handle *h;
-	struct lsa_OpenPolicy2 pr;
-	struct lsa_ObjectAttribute attr;
+	struct policy_handle *h = NULL;
+	struct lsa_ObjectAttribute attr = {
+		.len = 0,
+	};
+	union lsa_revision_info in_rinfo = {
+		.info1 = {
+			.revision = 1,
+			.supported_features = LSA_FEATURE_TDO_AUTH_INFO_AES_CIPHER,
+		},
+	};
+	union lsa_revision_info out_rinfo = {
+		.info1.revision = 0,
+	};
+	uint32_t out_version = 0;
+	struct lsa_OpenPolicy3 r = {
+		.in = {
+			.system_name = "\\",
+			.attr = &attr,
+			.access_mask = access_mask,
+			.in_version = 1,
+			.in_revision_info = &in_rinfo,
+		},
+		.out = {
+			.out_version = &out_version,
+			.out_revision_info = &out_rinfo,
+		}
+	};
 	NTSTATUS status;
 
-	h = talloc(tctx, struct policy_handle);
-	torture_assert(tctx, h != NULL, "talloc(tctx, struct policy_handle)");
-
-	attr.len = 0;
-	attr.root_dir = NULL;
-	attr.object_name = NULL;
-	attr.attributes = 0;
-	attr.sec_desc = NULL;
-	attr.sec_qos = NULL;
-
-	pr.in.system_name = "\\";
-	pr.in.attr = &attr;
-	pr.in.access_mask = access_mask;
-	pr.out.handle = h;
-
-	status = dcerpc_lsa_OpenPolicy2_r(p->binding_handle, tctx, &pr);
-	torture_assert_ntstatus_ok(tctx, status, "OpenPolicy2 failed");
-	torture_assert_ntstatus_ok(tctx, pr.out.result, "OpenPolicy2 failed");
+	*handle = NULL;
+
+	h = talloc_zero(tctx, struct policy_handle);
+	torture_assert_not_null(tctx, h, "talloc_zero(tctx, struct policy_handle)");
+	r.out.handle = h;
+
+	status = dcerpc_lsa_OpenPolicy3_r(p->binding_handle, tctx, &r);
+	torture_assert_ntstatus_ok(tctx, status, "OpenPolicy3 failed");
+	torture_assert_ntstatus_ok(tctx, r.out.result, "OpenPolicy3 failed");
+
+	torture_assert_int_equal(tctx,
+				 out_version,
+				 1,
+				 "Invalid version");
+	torture_assert_int_equal(tctx,
+				 out_rinfo.info1.revision,
+				 1,
+				 "Invalid revision");
+	torture_assert_int_equal(tctx,
+				 out_rinfo.info1.supported_features,
+				 LSA_FEATURE_TDO_AUTH_INFO_AES_CIPHER,
+				 "Invalid supported feature set");
 
 	*handle = h;
 	return true;