o

�/a
�@s�dZd
dl
Z
d
dlZd
dlmZ
d
dlmZ
d
dlmZm	Z	
d
dl
mZmZm
Z

d
dlmZmZ
d
dlmZmZmZ
d
d	lmZmZ
d
d
lmZmZ
Gdd�de�ZdS)
z Tests for samba.dcerpc.dnsserver�N)
�system_session)
�SamDB)�
ndr_unpack�ndr_pack)�dnsp�	dnsserver�security)�RpcInterfaceTestCase�env_get_var_value)�record_from_string�flag_from_string�ARecord)�sd_utils�
descriptor)�WERRORError�werrorcsf
eZ
dZed
d��
Z�f
dd�Z�f
dd�Zdd�Zd	d
�Zdd�Z	d
d�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Z	dNd d!�
Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd*d+�Zd,d-�Zd.ejfd/d0�
Zd1ejfd2d3�
Zejf
d4d5�
Zd.ejfd6d7�
Zd.ejfd8d9�
Zd:d;�Z d<d=�Z!d>d?�Z"d@dA�Z#dBdC�Z$dDdE�Z%dFdG�Z&dHdI�Z'dJdK�Z(dLdM�Z)�Z*S)O�DnsserverTestsc
	Cs�d
dddddddd	d
g	}
gd�
}dg
}g}d
g
}g}|D]}|�d|�

|�d|�

q|
D]}|�d|�

|�d|�

q0ddggd�
|
|
|
||gd�
d�|_
ddggd�
|||||d�|_ddddg}	gd�
}
|	|
d�|_dS)N�SAMDOM.EXAMPLE.COMz
1.EXAMPLE.COMz
%sEXAMPLE.COMz�1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.�EXAMPLEz
.COMz!@#$%^&*()_u
HIGHÿBYTEz
@.EXAMPLE.COM�
.)z...z.EXAMPLE.COMz	.EXAMPLE.�zSAMDOM..EXAMPLE.COMzSAMDOM.EXAMPLE.COM 65535z$SAMDOM.EXAMPLE.COM 65535 65535 65535z%s 1z%s 0 0 0z192.168.0.1z255.255.255.255)z'1234:5678:9ABC:DEF0:0000:0000:0000:0000�'0000:0000:0000:0000:0000:0000:0000:0000z'1234:5678:9ABC:DEF0:1234:5678:9ABC:DEF0z1234:1234:1234::z1234:1234:1234:1234:1234::z1234:5678:9ABC:DEF0::z0000:0000::0000z#1234::5678:9ABC:0000:0000:0000:0000�::1�::z1:1:1:1:1:1:1:1)�textrz@#!�

)�
A�AAAA�PTR�CNAME�NS�MX�SRV�TXTz
192.168.0.500z255.255.255.255/32)z'GGGG:1234:5678:9ABC:0000:0000:0000:0000z)0000:0000:0000:0000:0000:0000:0000:0000/1z'AAAA:AAAA:AAAA:AAAA:G000:0000:0000:1234z,1234:5678:9ABC:DEF0:1234:5678:9ABC:DEF0:1234z"1234:5678:9ABC:DEF0:1234:5678:9ABCz1111::1111::1111)rrrrr r!r"zSAMDOM.EXAMPLE.COM -1zSAMDOM.EXAMPLE.COM 65536�
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA)zSAMDOM.EXAMPLE.COM 0 65536 0zSAMDOM.EXAMPLE.COM 0 0 65536zSAMDOM.EXAMPLE.COM 65536 0 0)r!r")�append�good_records�bad_records�invalid_records)�cls�good_dns�bad_dns�good_mx�bad_mx�good_srv�bad_srv�bad_dn�good_dn�
invalid_mx�invalid_srv�r4�>/usr/lib/python3/dist-packages/samba/tests/dcerpc/dnsserver.py�
setUpClass#sd







�	







�




�
�



�

�
�zDnsserverTests.setUpClassc

s�tt
|���
tjd
|_td�
��|_t	�	d|j|�
�|���|_t
dtjd|�
�t�|��d�|_d|_t	��}
|j|
_tj|
_d|
_d	|
_d	|
_t	j|
_|j�t	jd|jddd
t	j|
�
dS)N�	DC_SERVER�REALMzncacn_ip_tcp:%s[sign]z	ldap://%s�DC_SERVER_IP)�url�lp�session_info�credentials�zoner
�
�
ZoneCreate)�superr�setUp�os�environ�serverr
�lowerr>r�get_loadparm�get_credentials�connrr�samdb�custom_zone�!DNS_RPC_ZONE_CREATE_INFO_LONGHORN�pszZoneNamer�DNS_ZONE_TYPE_PRIMARY�
dwZoneType�fAging�
fDsIntegrated�
fLoadExisting�DNS_DP_DOMAIN_DEFAULT�	dwDpFlags�DnssrvOperation2�DNS_CLIENT_VERSION_LONGHORN�DNSSRV_TYPEID_ZONE_CREATE)�self�zone_create_info�
�	__class__r4r5rBts:





�


�














�zDnsserverTests.setUpc


s4|j�
tjd
|j|jd
dtjd�
tt|��	�
dS)Nr
�DeleteZoneFromDs)
rIrUrrVrErK�DNSSRV_TYPEID_NULLrAr�tearDown�
rXrZr4r5r^�s








�zDnsserverTests.tearDownc
Cs>
d
}
d}|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
|j
||
�
|j�tjd|j|j
d	d
t|�
tjd
d
�
\}}|�	t
|j�
d�
|�	|jdjj
d�
|�	|jd
jj
d�
|�	|jdjj
d�
|�	|jdjj
d�
|�	|jdjj
d�
|�	|jdjj
d�
d
S)�,
        Confirm the zone is sorted
        �
192.168.50.50r�
atestrecord-1�
atestrecord-2�
atestrecord-3�
atestrecord-4�
atestrecord-0r
�
@N�rr?������
add_recordrKrI�DnssrvEnumRecords2rrVrEr�DNS_RPC_VIEW_AUTHORITY_DATA�assertEqual�len�rec�dnsNodeName�str�rX�
record_str�record_type_str�
_�resultr4r4r5�test_enum_is_sorted�s4















�





z"DnsserverTests.test_enum_is_sortedc
Cs�
d
}
d}|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
|j
d||
�
|�|j
|j
d�\}}t�|jt|�
�}|�d	d
|j
�
|j�||�
|j	�
tjd	|j
|j
ddt|�
tjdd�
\}}|�t|j�
d
�
|�|jd	jjd�
|�|jdjjd�
|�|jdjjd�
|�|jdjjd�
|�|jdjjd�
|�|jdjjd�
|jdjj|j
dkr�|�|jdjj|j
�
dSdS)r`rarrbrcrdrerf�
1r
�dcrgN�rr?rirjrkrlrh)rnrK�get_record_from_db�ldb�DnrJru�
set_component�renamerIrorrVrErrprqrrrsrt)rXrwrx�dn�record�new_dnryrzr4r4r5�!test_enum_is_sorted_with_zone_dup�sB

















�






�z0DnsserverTests.test_enum_is_sorted_with_zone_dupc
Cs�d
}
d}|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|j�tjd	|j|j
d
dt|�
tjdd�
\}}|�	t
|j�
d�
|�	|jd	jj
d
�
dS)z}
        Confirm the zone returns the selected prefix first but no more
        as Samba is flappy for the full sort
        rar�atestrecord-1.a.b�atestrecord-2.a.b�atestrecord-3.a.b�atestrecord-4.a.b�atestrecord-0.a.b�atestrecord-0.b.br
�a.bNrhrrmrvr4r4r5�)test_enum_is_sorted_children_prefix_first�s*















�
z8DnsserverTests.test_enum_is_sorted_children_prefix_firstc
Cs<
d
}
d}|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|�|j
d||
�
|j�tjd	|j|j
d
dt|�
tjdd�
\}}|�	t
|j�
d�
|�	|jd	jj
d
�
|�	|jdjj
d�
|�	|jdjj
d�
|�	|jdjj
d�
|�	|jdjj
d�
|�	|jdjj
d�
dS)r`rarr�r�r�r�r�r�r
r�Nrhrr?rfrirbrjrcrkrdrlrermrvr4r4r5�test_enum_is_sorted_children
s4















�





z+DnsserverTests.test_enum_is_sorted_childrenc
Cs�d
}
d}|�|j
d||
�
|�|j
d�\}}d|_|j�||g
�}|du
r*|�d�

|�|j
d|�
|j|j
d||
dd�
|�|j
d||
�
|�|j
d|d�
dS)	zX
        See what happens when we set a record's rank to
        DNS_RANK_NONE.
        rar�
testrecordr
Nz2Unable to update dns record to have DNS_RANK_NONE.F�
�	assertion)	rnrKr�rankrJ�dns_replace_by_dn�fail�assert_num_records�
delete_record)rXrwrxr�r��resr4r4r5�test_rank_none8
s









zDnsserverTests.test_rank_nonec
Cs�d
}
|�|j
dd|
�
|�|j
d�\}}tj|_d|_|j�||g
�
|�	|j
ddd�
|�	|j
ddd�
|�
|j
d�}|�t|�
d�
|d}|�|jtj�
|�
|jd�
|j|j
dd|
dd	�
d
S)z0What happens with a zero EntombedTime tombstone?rar�rr
�ALLr?g�؅W4vCFr�N)rnrKrr�DNS_TYPE_TOMBSTONE�wType�datarJr�r��ldap_get_recordsrqrr�
assertGreaterr�)rXrwr�r��records�
rr4r4r5�"test_dns_tombstoned_zero_timestampM
s 









�z1DnsserverTests.test_dns_tombstoned_zero_timestampc
Cs�d
}
|�|j
dd|
�
|�|j
d�\}}tj|_d|_|j�||g
�
|�	|j
ddd�
|�	|j
ddd�
|j
|j
dd|
dd	�
|�	|j
ddd�
|�	|j
ddd�
d
S)zgSee what happens when we set a record to be tombstoned with an
        EntombedTime timestamp.
        rar�rl�x�hHr?�	TOMBSTONEr
Tr�N)rnrKrrr�r�r�rJr�r�r�)rXrwr�r�r4r4r5�%test_dns_tombstoned_nonzero_timestamp}
s	





�
z4DnsserverTests.test_dns_tombstoned_nonzero_timestampc	Cs�|jj
d
|j��tjddg
d�}d}|D]}d|
t|j�
vr%|j}
n
q|dur0td|
�
�
|jj
|tjdd	g
d�}|D]}|t|j�
vrXtt	j
|d	d
�}|j|f
Sq>dS)z0
        Returns (dn of record, record)
        zDC=DomainDnsZones,%sz(objectClass=dnsZone)�cn��base�scope�
expression�attrsNzDC=%s,zCouldn't find zone '%s'.z(objectClass=dnsNode)�	dnsRecordr
)rJ�search�get_default_basednr��
SCOPE_SUBTREErur��AssertionErrorrr�DnssrvRpcRecord)	rX�	zone_name�record_name�zones�zone_dnr>r��old_packed_recordrsr4r4r5r�
s,

�



�


�


��z!DnsserverTests.get_record_from_dbcCsVd
|
�d|j�
���}d|�d�}|jj|tj|dg
d�}|d�d�
}dd	�|D�
S)
NzDC=z#,CN=MicrosoftDNS,DC=DomainDNSZones,z(&(objectClass=dnsNode)(name=z))r�r�r
c
Ssg|]}
tt
j|
��qSr4)rrr�)�.0r�r4r4r5�
<listcomp>�
sz3DnsserverTests.ldap_get_records.<locals>.<listcomp>)rJr�r�r�r��get)rXr>�namer��expr�nodesr�r4r4r5r��
s

�



�
zDnsserverTests.ldap_get_recordsc

Cs0d
g
}
ddg}dgd�
i
}dg
gd�
dg
d	g
d
g
d�}dD]
}|
||<|||<q|D]P}||D]I}|�|j
d
||d�
|D]}|j|j
d
||dd�
|�|j
d
|�
q?|�|j
d
||d�
|D]}|�|j
d
||d�
|�|j
d
||�
qbq0q*|D]�}||D]�}d}	|D]0}|	d}	z|�|j
d
||�
|j|j
d
||	d�
Wq�ty�
}

z	td||
|f�
�
d}
~
w
w|D]}|�|j
d
||�
|dkr�q�q�|�|j
d
||d�
|D].}||dkr�q�z
|j|j
d
||dd�
Wq�t�
y
}

ztd|d||
f�
�
d}
~
w
w|�|j
d
||d�
q�q}dS)z�
        Make sure that records which should be distinct from each other or duplicate
        to each other behave as expected.
        )rzSAMDOM.EXAMPLE.COzEXAMPLE.COMzSAMDOM.EXAMPLE)rzsamdom.example.comzSAMDOM.example.COM)zEXAMPLE.rr))�AAAA::zaaaa::)r�zAAAA:0000::)r�z'AAAA:0000:0000:0000:0000:0000:0000:0000)r�zAAAA:0:0:0:0:0:0:0)z0123::z123::)rz::0r)z192.168.1.0z192.168.1.1z192.168.2.0z192.169.1.0z193.168.1.0))zAAAA::1234:5678:9ABCz::AAAA:1234:5678:9ABC)z1000::z::1000)rz::11z::1111)z1234::z0234::)zSAMDOM.EXAMPLE.COM 1 1 1zSAMDOM.EXAMPLE.COM 1 1 0zSAMDOM.EXAMPLE.COM 1 0 1zSAMDOM.EXAMPLE.COM 0 1 1zSAMDOM.EXAMPLE.COM 2 1 0zSAMDOM.EXAMPLE.COM 2 2 2)zSAMDOM.EXAMPLE.COM 1zSAMDOM.EXAMPLE.COM 0)zA RECORDzB RECORDza record)rrr"r!r#)rrr r�r
Fr�r?�
�expected_numzkFailed to add %s, which should be distinct from all others in the set. Original error: %s
Distinct set: %s.NrzCManaged to remove %s by attempting to remove %s. Original error: %s)rnrKr�r�r�)rX�distinct_dns�
duplicate_dns�
duplicates�distinctrx�duplicate_tupler��distinct_tuple�
i�
er4r4r5�test_duplicate_matching�
sz
��

�









��








���

�







�����z&DnsserverTests.test_duplicate_matchingc
CsT|jD]$}
|j|
D]}|�
|jd
|
|�
|�|jd
|
�
|�|jd
|
|�
q
qdS)zb
        Make sure that we can add, update and delete a variety
        of valid records.
        r�N�r&rnrKr�r�)rXrxrwr4r4r5�test_accept_valid_commandss




��z)DnsserverTests.test_accept_valid_commandsr
r>r�c	Cs
|�|	|
�}|�
|d
|�
|\}}
|�|
|
jd||
j|
f�
|�||
jd||
j|f�
|�||
jd||
j|f�
|�||
jd||
j|f�
|�||
jd||
j|f�
|�|��|
j	��d||
j	��|��f�
|�||
j
d||
j
|f�
|�||
jd	||
j|f�
dS)
Nz/Expected record %s but was not found over LDAP.z:Unexpected data length for record %s. Got %s, expected %s.z3Unexpected rank for record %s. Got %s, expected %s.z4Unexpected flags for record %s. Got %s, expected %s.z;Unexpected time to live for record %s. Got %s, expected %s.z9Unexpected dwReserved for record %s. Got %s, expected %s.z3Unexpected data for record %s. Got %s, expected %s.z4Unexpected wType for record %s. Got %s, expected %s.z8Unexpected timestamp for record %s. Got %s, expected %s.)r�assertIsNotNonerq�wDataLengthr��flags�dwTtlSeconds�
dwReservedrFr�r��dwTimeStamp)rXr�r�r�r�r�r�r�r�r>�rec_namer��rec_dnrsr4r4r5�check_paramss






,

 
zDnsserverTests.check_paramsc

	Cs�|�|j
d
dd�
|�ddddddd�
|�|j
d
dd�
|�|j
d
d	d
�
|�ddddddd
�
|�|j
d
d	d
�
|�|j
d
dd�
|�ddddddd�
|�|j
d
dd�
dS)zx
        Make sure that, when we add records to the database,
        they're added with reasonable parameters.
        r�rrark��r
i�r?rzAAAA:AAAA::�z'AAAA:AAAA:0000:0000:0000:0000:0000:0000�r�	cnamedest�
rlN)rnrKr�r�r_r4r4r5�test_record_params-s







z!DnsserverTests.test_record_paramsc
CsN
d
}
|jD]F}|j|D]>}z"|j
|jd||dd�
|j|jd|d
d�
|j|jd||dd�
WqtyJ
}
zt|�

|
d}
WYd}~qd}~w
wq|jD]K}|j|D]C}|j|d
}|�
|jd||�
z
|j
|jd||dd�
Wnty�
}
zt|�

|
d}
WYd}~nd}~w
w|�|jd||�
qVqO|�|
d
kd|
�
dS)	z�
        Make sure that we can't add a variety of invalid records,
        and that we can't update valid records to invalid ones.
        r
r�Fr�r�r?Nz6Failed to reject invalid commands. Total failures: %d.)	r'rnrKr�r�r��printr&�
assertTrue)rX�num_failuresrxrwr��good_record_strr4r4r5�test_reject_invalid_commands<s6








���








���
z+DnsserverTests.test_reject_invalid_commandsc
Cs�d
}
|jD�
]g}|j|d
}|�
|jd||�
|jD�
]G}||kr#q|j|d
}|dkp1|dk}|dkp9|dk}|dkpA|dk}|dkpI|dk}	|dkpQ|dk}
|dkpY|dk}|d	kpa|d	k}d
}
|dkrn|sn|snd}
|dkr||	sz|
sz|sz|r|d}
|r�|s�|s�|s�|r�d}
z|�
|jd||�
|
r�|
d
}
td||f�

Wn ty�
}
z|
s�|
d
}
td||f�

WYd}~nd}~w
w|
�
sEd
}d
}|	r�|
r�d
}|s�|s�|r�|dks�|dkr�d
}|dkr�|s�|r�d
}z|j|jd||d�
Wn!t�
y
}
z|
d
}
td||||f�

WYd}~nd}~w
wz|j|jd||d�
Wn!t�
yD
}
z|
d
}
td||||f�

WYd}~nd}~w
wz|�|jd||�
Wqt�
yc
}
zWYd}~qd}~w
w|�|jd||�
q|�|
d
kd|
�
dS)zv
        Attempt to add some values which have the same name as
        existing ones, just a different type.
        r
r�rrrrr!r"r#Fr Tr?z1Expected error when adding %s while a %s existed.z6Didn't expect error when adding %s while a %s existed.Nr�zPExpected %s %s records after adding a %s record and a %s record already existed.z>Failed collision and replacement behavior. Total failures: %d.)r&rnrKr�r�r�r�r�)rXr��record_type_str_1�record1�record_type_str_2�record2�has_a�has_aaaa�	has_cname�has_ptr�has_mx�has_srv�has_txt�add_error_okr��expected_num_type_1�expected_num_type_2r4r4r5�!test_add_duplicate_different_type\s�




















��



���









���





���


��z0DnsserverTests.test_add_duplicate_different_typec
Cs�|jd
d}
|�
|jdd
|
�
|jD]}|j|d}|j
|jd||dd�
|j|jd|dd�
qd}d}|j
|jd	d
|dd�
|j
|jdd|dd�
|�|jdd
|
�
d
S)z@
        Test some special properties of CNAME records.
        rr?r�r
Fr�r�ztestrecord 1�mxrecr!�nsrecr Nr�)rX�cname_recordrx�other_record�	mx_record�	ns_recordr4r4r5�_test_cname�s






zDnsserverTests._test_cnamec
Csh|jD].}
|j|
d
}|�
|jd|
|�
|j
|jd|
|dd�
|�|jd|
�
|�|jd|
|�
qdS)zK
        Make sure that we can't add duplicate values of any type.
        r
r�Fr�Nr�)rXrxr�r4r4r5�test_add_duplicate_value�s




�z'DnsserverTests.test_add_duplicate_valuec
Cs�|jD]Z}
t
d
t|j|
�
�D]M}|j|
|d
}|j|
|}|
dkr&q|
dkr,d
n
d}|�|jd|
|�
|�|jd|
|�
|j|jd|
|d�
|�|jd|
|�
|�|jd|
|�
qqdS)z�
        Attempt to add values with the same name and type in the same
        zone. This should work, and should result in both values
        existing (except with some types).
        r?rrir�r�N)r&�rangerrrnrKr�r�)rXrxr�r�r�r�r4r4r5�test_add_similar_value�s








��z%DnsserverTests.test_add_similar_valueTc
Cs�z|�|
||�\}}Wnt
y(
}	
z|rtd
||f�
�
WYd}	~	dSd}	~	w
wd}
|jdjD]}|j|kr<d}

n
q1|
rI|sItd||f�
�
|
sU|rWtd
||f�
�
dSdS)zo
        Asserts whether or not the given record with the given type exists in the
        given zone.
        zBRecord '%s' of type '%s' was not present when it should have been.NFr
TzARecord '%s' of type '%s' was present when it shouldn't have been.)�
query_records�RuntimeErrorr�rsr�r�)rXr>r�rx�expected_record_strr��client_versionryrzr��foundr�r4r4r5�
assert_record�s*




���




�


�zDnsserverTests.assert_recordr?c	Cstz"|�|
||�\}}t
|jd
j�
}||ks td||||f�
�
WdSty9


|d
ks6td|||f�
�
YdSw)zq
        Asserts that there are a given amount of records with the given type in
        the given zone.
        r
zLThere were %d records of type '%s' with the name '%s' when %d were expected.zLThere were no records of type '%s' with the name '%s' when %d were expected.N)r�rrrsr�r�r�)	rXr>r�rxr�r�ryrz�num_resultsr4r4r5r�s





��


���z!DnsserverTests.assert_num_recordscCs,|j�
|d
|j|
|dt|�
tjtjBdd�
S)Nr
)rIrorErrrp�DNS_RPC_VIEW_NO_CHILDREN)rXr>r�rxr�r4r4r5r�s










�zDnsserverTests.query_recordsc

Cs�t||d
d�}t
��}||_z|j�|d|j|
||d�
|s&td||f�
�
WdStyH
}	
z|r=td||t	|	�
f�
�
WYd}	~	dSd}	~	w
w)z�
        Attempts to add a map from the given name to a record of the given type,
        in the given zone.
        Also asserts whether or not the add was successful.
        This can also update existing records if they have the same name.
        �
 �
�sepr
NzFSuccessfully added record '%s' of type '%s', which should have failed.zTFailed to add record '%s' of type '%s', which should have succeeded. Error was '%s'.�
rr�DNS_RPC_RECORD_BUFrsrI�DnssrvUpdateRecord2rEr�r�ru)
rXr>r�rxrwr�r�r��add_rec_bufr�r4r4r5rn)s2








�

��


����zDnsserverTests.add_recordc

Cs�t||d
d�}t
��}||_z|j�|d|j|
|d|�
|s&td||f�
�
WdStyH
}	
z|r=td||t	|	�
f�
�
WYd}	~	dSd}	~	w
w)z�
        Attempts to delete a record with the given name, record and record type
        from the given zone.
        Also asserts whether or not the deletion was successful.
        r
r

r
NzHSuccessfully deleted record '%s' of type '%s', which should have failed.zWFailed to delete record '%s' of type '%s', which should have succeeded. Error was '%s'.r
)
rXr>r�rxrwr�r�r��del_rec_bufr�r4r4r5r�Es*








�
�

���zDnsserverTests.delete_recordc
Cs�|j�
tjd
|jdd�\}
}|�tj|
�
|j�
tjd
|jdd�\}
}|�tj|
�
|j�
tj	d
|jdd�\}
}|�tj
|
�
dS)Nr
�
ServerInfo)rI�DnssrvQuery2r�DNS_CLIENT_VERSION_W2KrErq�DNSSRV_TYPEID_SERVER_INFO_W2K�DNS_CLIENT_VERSION_DOTNET� DNSSRV_TYPEID_SERVER_INFO_DOTNETrV�DNSSRV_TYPEID_SERVER_INFO)rX�typeidrzr4r4r5�test_query2^s*





�




�




�zDnsserverTests.test_query2c

Cs�d
}
tj
}t��}d|_tj|_z|j�|j	|
dd||�}Wn!t
y?
}
z|jdtj
kr5WYd}~dSWYd}~nd}~w
w|��
dS)N�a-zone-that-does-not-exist�AllowUpdater?�ResetDwordPropertyr
)r�DNSSRV_TYPEID_NAME_AND_PARAM�DNS_RPC_NAME_AND_PARAM�pszNodeNamer�DNS_ZONE_UPDATE_SECURE�dwParamrI�DnssrvOperationrEr�argsr�"WERR_DNS_ERROR_ZONE_DOES_NOT_EXISTr�)rX�non_zoner
�name_and_paramr�r�r4r4r5�test_operation_invalidxs(












�

���z%DnsserverTests.test_operation_invalidc

Cs�tj
}
d
}tj}t��}d|_tj|_z|j�	|
d|j
|dd||�}Wn!tyD
}
z|jdt
jkr:WYd}~dSWYd}~nd}~w
w|��
dS)Nr
r
r
r?r
)rrVr
r
r
rr
r
rIrUrErr
rr
r�)rXr�r
r
r
r�r�r4r4r5�test_operation2_invalid�s.














�

���z&DnsserverTests.test_operation2_invalidc

Cs�tj
}
d
}t��}||_tj|_tj|_d|_	tj
|_|j�
|
d|jdddtj|�
tjtjB}|j�|
d|jddtj|�\}}|�d|j�
|j�
|
d|j|ddtjd�
|j�|
d|jddtj|�\}}|�d|j�
dS)Nz1.168.192.in-addr.arpar
r@�	EnumZonesr?r\)rrVrLrMrrNrOr
�fAllowUpdaterPrSrTrIrUrErW�DNS_ZONE_REQUEST_REVERSE�DNS_ZONE_REQUEST_PRIMARY�DnssrvComplexOperation2�DNSSRV_TYPEID_DWORDrq�dwZoneCountr])rXr��rev_zone�zone_create�request_filterryr�r
r4r4r5�test_operation2�s^













�	
�





�






�	





�zDnsserverTests.test_operation2c
	Cs�tj
}
tjtjB}|j�|
d
|jddtj|�\}}|�tj	|�
|�d|j
�
tjtjB}|j�|
d
|jddtj|�\}}|�tj	|�
|�d
|j
�
dS)Nr
r 
rj)rrV�DNS_ZONE_REQUEST_FORWARDr#
rIr$
rEr%
rq�DNSSRV_TYPEID_ZONE_LISTr&
r"
)rXr�r)
r
r�r4r4r5�test_complexoperation2�s6


�





�

�





�
z%DnsserverTests.test_complexoperation2c
CsNtj
}
tj}tjtjB}|j�|
d
|jddd||dd�
\}}|�	d|j
�
dS)Nr
z..RootHintsr�)rrVr�DNS_TYPE_NS�DNS_RPC_VIEW_ROOT_HINT_DATA�DNS_RPC_VIEW_ADDITIONAL_DATArIrorErq�count)rXr��record_type�select_flagsry�	roothintsr4r4r5�test_enumrecords2�s"



�








�
z DnsserverTests.test_enumrecords2c
Cs�
tj
}
tj}tj}d
}td�
}td�
}t��}||_|j�	|
d|j
|j||d�
|j�|
d|j
|j|d||dd�
\}}	|�
d|	j�
|�
d|	jdj�
|�
tj|	jdjdj�
|�
d|	jdjdj�
t��}||_t��}
||
_|j�	|
d|j
|j|||
�
|j�|
d|j
|j|d||dd�
\}}	|�
d|	j�
|�
d|	jdj�
|�
tj|	jdjdj�
|�
d|	jdjdj�
t��}
||
_|j�	|
d|j
|j|d|
�
|�t|jj|
d|j
|j|d||dd�
dS)N�dummyz1.2.3.4z5.6.7.8r
r?)rrVr�
DNS_TYPE_Arpr
r
rsrIr
rEr>rorqr2
�wRecordCountr�r�r��assertRaisesr�)rXr�r3
r4
r�rs�rec2r
ryrzr
�buflenr4r4r5�test_updaterecords2s�













�








�













�








�











�









�z"DnsserverTests.test_updaterecords2c

Cs
|jj
d
|j��tjdddgd�}
|�t|
�
d�
|�d|
d�
|
ddd}t�	|j�
}t
tj|�}t�
|j���
}|jj
|j��tjdd	g
d�}tt
tj
|dd	d��
}t�d
|d|i
�}t�t
tj|��
}	t�|	||�}
|�|
dd
|
|	�|j�
|�|j�
f�
dS)z_
        Make sure that security descriptors of the msdcs zone is
        as expected.
        zDC=ForestDnsZones,%sz&(&(objectClass=dnsZone)(name=_msdcs*))�nTSecurityDescriptor�objectClassr�r?r
�(sAMAccountName=DnsAdmins)�	objectSidz�O:SYG:BAD:AI(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;CC;;;AU)(A;;RPLCLORC;;;WD)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPWPCRCCDCLCRCWOWDSDDTSW;;;ED)�	DnsAdminsrzOSD of msdcs zone different to expected.
Difference was:
%s
Expected: %s
Got: %sN)rJr�r�r�r�rqrr�assertInr�SDUtilsrrr�dom_sid�get_domain_sidru�sddl2binary�get_clean_sd�get_diff_sds�as_sddl�
domain_sid)rXr��tmp�utils�sdrK
r��	dns_admin�	packed_sd�expected_sd�diffr4r4r5�#test_security_descriptor_msdcs_zonecs4


�





��



�
�z2DnsserverTests.test_security_descriptor_msdcs_zonec
Cs�d
}
t�
�}tj|_d|_d|_d|_|
|_tj	|_
|j�tj
d|jdddtj|�
|j��}|�d�

|jj|tjd|
dg
d	�}|�t|�
d�
|dj}|�d|d�
|ddd}t�|j�
}ttj|�}t�|j� ��
}	|jj|j��tjd
dg
d	�}
t!ttj|
ddd��
}t�"d|	d
|i
�}t�#ttj|��
}
t�$|	d
|i
�}t�#ttj|��
}t�%|	�
}t�#ttj|��
}zyt�&|jdt!|�
�}|�'�|
f|�'�|f|�'�|fg}|D]G\}}|jj|tj(dg
d�}|�d|d�
|ddd}t�|j�
}ttj|�}t�)|||	�}|�|dd|||�*|j+�
|�*|j+�
f�
q�W|j�tj
d|j|
ddtj,d�
dS|j�tj
d|j|
ddtj,d�
w)zb
        Make sure that security descriptors of forest dns zones are
        as expected.
        �test_forest_zoner
r?Nr@zDC=ForestDnsZones�	(name=%s)r>
r�r@
rA
��O:DAG:DAD:AI(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;CC;;;AU)(A;;RPLCLORC;;;WD)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPWPCRCCDCLCRCWOWDSDDTSW;;;ED)rB
�CN=MicrosoftDNS,%s�r�r�r�rzrSecurity descriptor of forest DNS zone with DN '%s' different to expected. Difference was:
%s
Expected: %s
Got: %sr\)-rrLrrNrOrPrQrRrM�DNS_DP_FOREST_DEFAULTrTrIrUrVrErWrJr��	add_childr�r�r�rqrrr�rC
rrD
rrrrE
rF
rurG
rH
�'get_dns_forest_microsoft_dns_descriptor�get_dns_partition_descriptorr��get_linearized�
SCOPE_BASErI
rJ
rK
r])rX�forest_zonerY�partition_dnr��
current_dnrL
rM
rN
rK
r�rO
rP
rQ
�packed_msdns�expected_msdns_sd�packed_part_sd�expected_part_sd�msdns_dn�security_desc_dict�key�sec_descrR
r4r4r5�$test_security_descriptor_forest_zone�s�













�
	




�








��
�



�






�

�




��







�






�z3DnsserverTests.test_security_descriptor_forest_zonec
Cs|j�
�}
|
�d
�

|jj|
tjd|jdg
d�}|�t|�
d�
|dj	}|�
d|d�
|ddd}t�|j�
}t
tj|�}|�|j�
}t�|j���
}|jj|j�
�tjddg
d�}	tt
tj|	ddd��
}
t�d	|d
|
i
�}t�t
tj|��
}t�|d
|
i
�}
t�t
tj|
��
}t�|�
}t�t
tj|��
}t�|jdt|
�
�}|��|f|��|f|
��|fg}|D]G\}}|jj|tjdg
d�}|�
d|d�
|ddd}t�|j�
}t
tj|�}t�|||�}|�|d
d|||�|j�
|�|j�
f�
q�dS)zb
        Make sure that security descriptors of domain dns zones are
        as expected.
        zDC=DomainDnsZonesrU
r>
r�r?r
r@
rA
rV
rB
rW
rX
rzrSecurity descriptor of domain DNS zone with DN '%s' different to expected. Difference was:
%s
Expected: %s
Got: %sN)rJr�rZ
r�r�r�rKrqrrr�rC
rrD
rrrrJ
rK
rE
rF
rurG
rH
�'get_dns_domain_microsoft_dns_descriptorr\
r�r]
r^
rI
)rXr`
r�ra
rL
rM
rN
�sddlrK
r�rO
rP
rQ
rb
rc
rd
re
rf
rg
rh
ri
rR
r4r4r5�$test_security_descriptor_domain_zone�sb





�








��
�



�





�

�




��z3DnsserverTests.test_security_descriptor_domain_zone)r
r>r�)+�__name__�
__module__�__qualname__�classmethodr6rBr^r{r�r�r�r�r�r�rr�r�r�r�r�r�r�r�r�r�rrVr�r�r�rnr�r
r
r
r*
r-
r6
r=
rS
rj
rm
�
__classcell__r4r4rZr5r!sX

P#/)0
U
� X
�

�
�
�3^'Zr)�__doc__rCr��
samba.authr�samba.samdbr�	samba.ndrrr�samba.dcerpcrrr�samba.testsr	r
�samba.dnsserverrrr
�sambarrrrrr4r4r4r5�<module>
s