120 lines
3.8 KiB
Diff
120 lines
3.8 KiB
Diff
From e3c6cd617dc324d86212a50555adbeffb966555c Mon Sep 17 00:00:00 2001
|
|
From: Andreas Schneider <asn@samba.org>
|
|
Date: Wed, 24 Jul 2019 16:01:02 +0200
|
|
Subject: [PATCH 050/187] s4:torture: Use init_samr_CryptPassword in
|
|
test_ChangePasswordUser3
|
|
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
(cherry picked from commit 5b7c21fca576bf6e44233d69b47273058b9197c8)
|
|
---
|
|
source4/torture/rpc/samr.c | 64 +++++++++++++++++++++++++++++---------
|
|
1 file changed, 49 insertions(+), 15 deletions(-)
|
|
|
|
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
|
|
index 307b0b03594..55059a26b43 100644
|
|
--- a/source4/torture/rpc/samr.c
|
|
+++ b/source4/torture/rpc/samr.c
|
|
@@ -2472,6 +2472,8 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, struct torture_context *tct
|
|
NTTIME t;
|
|
struct samr_DomInfo1 *dominfo = NULL;
|
|
struct userPwdChangeFailureInformation *reject = NULL;
|
|
+ DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
|
|
+ NTSTATUS status;
|
|
|
|
torture_comment(tctx, "Testing ChangePasswordUser3\n");
|
|
|
|
@@ -2500,12 +2502,22 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, struct torture_context *tct
|
|
E_deshash(oldpass, old_lm_hash);
|
|
E_deshash(newpass, new_lm_hash);
|
|
|
|
- encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
|
|
- arcfour_crypt(lm_pass.data, old_nt_hash, 516);
|
|
+ status = init_samr_CryptPassword(newpass,
|
|
+ &session_key,
|
|
+ &lm_pass);
|
|
+ torture_assert_ntstatus_ok(tctx,
|
|
+ status,
|
|
+ "init_samr_CryptPassword");
|
|
+
|
|
E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
|
|
|
|
- encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
|
|
- arcfour_crypt(nt_pass.data, old_nt_hash, 516);
|
|
+ status = init_samr_CryptPassword(newpass,
|
|
+ &session_key,
|
|
+ &nt_pass);
|
|
+ torture_assert_ntstatus_ok(tctx,
|
|
+ status,
|
|
+ "init_samr_CryptPassword");
|
|
+
|
|
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
|
|
|
|
/* Break the verification */
|
|
@@ -2534,16 +2546,28 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, struct torture_context *tct
|
|
ret = false;
|
|
}
|
|
|
|
- encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
|
|
- arcfour_crypt(lm_pass.data, old_nt_hash, 516);
|
|
+ status = init_samr_CryptPassword(newpass,
|
|
+ &session_key,
|
|
+ &lm_pass);
|
|
+ torture_assert_ntstatus_ok(tctx,
|
|
+ status,
|
|
+ "init_samr_CryptPassword");
|
|
+
|
|
E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
|
|
|
|
- encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
|
|
- /* Break the NT hash */
|
|
- old_nt_hash[0]++;
|
|
- arcfour_crypt(nt_pass.data, old_nt_hash, 516);
|
|
+ /* Break the session key */
|
|
+ session_key.data[0]++;
|
|
+
|
|
+ status = init_samr_CryptPassword(newpass,
|
|
+ &session_key,
|
|
+ &nt_pass);
|
|
+ torture_assert_ntstatus_ok(tctx,
|
|
+ status,
|
|
+ "init_samr_CryptPassword");
|
|
+
|
|
/* Unbreak it again */
|
|
- old_nt_hash[0]--;
|
|
+ session_key.data[0]--;
|
|
+
|
|
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
|
|
|
|
r.in.server = &server;
|
|
@@ -2590,12 +2614,22 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, struct torture_context *tct
|
|
E_deshash(oldpass, old_lm_hash);
|
|
E_deshash(newpass, new_lm_hash);
|
|
|
|
- encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
|
|
- arcfour_crypt(lm_pass.data, old_nt_hash, 516);
|
|
+ status = init_samr_CryptPassword(newpass,
|
|
+ &session_key,
|
|
+ &lm_pass);
|
|
+ torture_assert_ntstatus_ok(tctx,
|
|
+ status,
|
|
+ "init_samr_CryptPassword");
|
|
+
|
|
E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
|
|
|
|
- encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
|
|
- arcfour_crypt(nt_pass.data, old_nt_hash, 516);
|
|
+ status = init_samr_CryptPassword(newpass,
|
|
+ &session_key,
|
|
+ &nt_pass);
|
|
+ torture_assert_ntstatus_ok(tctx,
|
|
+ status,
|
|
+ "init_samr_CryptPassword");
|
|
+
|
|
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
|
|
|
|
r.in.server = &server;
|
|
--
|
|
2.23.0
|
|
|