88 lines
3.0 KiB
Diff
88 lines
3.0 KiB
Diff
|
From d56d8f629ea89a9a3cc7aecc17331ac5c57a61fa Mon Sep 17 00:00:00 2001
|
||
|
|
From: Andreas Schneider <asn@samba.org>
|
||
|
|
Date: Wed, 24 Jul 2019 15:58:06 +0200
|
||
|
|
Subject: [PATCH 042/187] s4:torture: Use init_samr_CryptPassword in
|
||
|
|
test_SetUserPassEx
|
||
|
|
|
||
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
|
||
|
|
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
||
|
|
(cherry picked from commit e398ecbd8e32bb428073f3635d9178abfae28255)
|
||
|
|
---
|
||
|
|
source4/torture/rpc/samr.c | 33 +++++++++++++++++----------------
|
||
|
|
1 file changed, 17 insertions(+), 16 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
|
||
|
|
index 543ef64e9ac..0e9989449be 100644
|
||
|
|
--- a/source4/torture/rpc/samr.c
|
||
|
|
+++ b/source4/torture/rpc/samr.c
|
||
|
|
@@ -781,14 +781,12 @@ static bool test_SetUserPassEx(struct dcerpc_pipe *p, struct torture_context *tc
|
||
|
|
union samr_UserInfo u;
|
||
|
|
bool ret = true;
|
||
|
|
DATA_BLOB session_key;
|
||
|
|
- DATA_BLOB confounded_session_key = data_blob_talloc(tctx, NULL, 16);
|
||
|
|
- uint8_t confounder[16];
|
||
|
|
char *newpass;
|
||
|
|
struct dcerpc_binding_handle *b = p->binding_handle;
|
||
|
|
- gnutls_hash_hd_t hash_hnd;
|
||
|
|
struct samr_GetUserPwInfo pwp;
|
||
|
|
struct samr_PwInfo info;
|
||
|
|
int policy_min_pw_len = 0;
|
||
|
|
+
|
||
|
|
pwp.in.user_handle = handle;
|
||
|
|
pwp.out.info = &info;
|
||
|
|
|
||
|
|
@@ -807,7 +805,6 @@ static bool test_SetUserPassEx(struct dcerpc_pipe *p, struct torture_context *tc
|
||
|
|
s.in.info = &u;
|
||
|
|
s.in.level = 26;
|
||
|
|
|
||
|
|
- encode_pw_buffer(u.info26.password.data, newpass, STR_UNICODE);
|
||
|
|
u.info26.password_expired = 0;
|
||
|
|
|
||
|
|
status = dcerpc_fetch_session_key(p, &session_key);
|
||
|
|
@@ -817,15 +814,12 @@ static bool test_SetUserPassEx(struct dcerpc_pipe *p, struct torture_context *tc
|
||
|
|
return false;
|
||
|
|
}
|
||
|
|
|
||
|
|
- generate_random_buffer((uint8_t *)confounder, 16);
|
||
|
|
-
|
||
|
|
- gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
|
||
|
|
- gnutls_hash(hash_hnd, confounder, 16);
|
||
|
|
- gnutls_hash(hash_hnd, session_key.data, session_key.length);
|
||
|
|
- gnutls_hash_deinit(hash_hnd, confounded_session_key.data);
|
||
|
|
-
|
||
|
|
- arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
|
||
|
|
- memcpy(&u.info26.password.data[516], confounder, 16);
|
||
|
|
+ status = init_samr_CryptPasswordEx(newpass,
|
||
|
|
+ &session_key,
|
||
|
|
+ &u.info26.password);
|
||
|
|
+ torture_assert_ntstatus_ok(tctx,
|
||
|
|
+ status,
|
||
|
|
+ "init_samr_CryptPasswordEx failed");
|
||
|
|
|
||
|
|
torture_comment(tctx, "Testing SetUserInfo level 26 (set password ex)\n");
|
||
|
|
|
||
|
|
@@ -843,10 +837,17 @@ static bool test_SetUserPassEx(struct dcerpc_pipe *p, struct torture_context *tc
|
||
|
|
}
|
||
|
|
|
||
|
|
/* This should break the key nicely */
|
||
|
|
- confounded_session_key.data[0]++;
|
||
|
|
+ session_key.data[0]++;
|
||
|
|
|
||
|
|
- arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
|
||
|
|
- memcpy(&u.info26.password.data[516], confounder, 16);
|
||
|
|
+ status = init_samr_CryptPasswordEx(newpass,
|
||
|
|
+ &session_key,
|
||
|
|
+ &u.info26.password);
|
||
|
|
+ torture_assert_ntstatus_ok(tctx,
|
||
|
|
+ status,
|
||
|
|
+ "init_samr_CryptPasswordEx failed");
|
||
|
|
+
|
||
|
|
+ /* Reset the key */
|
||
|
|
+ session_key.data[0]--;
|
||
|
|
|
||
|
|
torture_comment(tctx, "Testing SetUserInfo level 26 (set password ex) with wrong session key\n");
|
||
|
|
|
||
|
|
--
|
||
|
|
2.23.0
|
||
|
|
|