summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-06-17 11:48:01 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:18:22 -0500
commitb0f5ac82484f6ce4b2ef1e92ec8fe5d826540f6c (patch)
treee11f49ea4a153766b60a6238e725677c773f4040
parentdd39c8cedf939a26409467968317c3fd5edd3e3f (diff)
downloadsamba-b0f5ac82484f6ce4b2ef1e92ec8fe5d826540f6c.tar.gz
samba-b0f5ac82484f6ce4b2ef1e92ec8fe5d826540f6c.tar.bz2
samba-b0f5ac82484f6ce4b2ef1e92ec8fe5d826540f6c.zip
r7684: Add a test aimed at checking we have agreement between client and
server as to the CIFS session key. JRA had pain with this being wrong against NT4 (without spnego), hence this specific test. Andrew Bartlett (This used to be commit 47f433708ba38db9bf569567cc048e65f2786ebe)
-rwxr-xr-xsource4/script/tests/selftest.sh1
-rwxr-xr-xsource4/script/tests/test_rpc.sh18
-rwxr-xr-xsource4/script/tests/test_session_key.sh33
-rw-r--r--source4/torture/rpc/lsa.c34
-rw-r--r--source4/torture/torture.c1
5 files changed, 87 insertions, 0 deletions
diff --git a/source4/script/tests/selftest.sh b/source4/script/tests/selftest.sh
index 9ffb283886..c40d59759f 100755
--- a/source4/script/tests/selftest.sh
+++ b/source4/script/tests/selftest.sh
@@ -87,6 +87,7 @@ START=`date`
failed=0
$SRCDIR/script/tests/test_ldap.sh localhost || failed=`expr $failed + $?`
$SRCDIR/script/tests/test_rpc.sh localhost $USERNAME $PASSWORD $DOMAIN $ADDARG || failed=`expr $failed + $?`
+ $SRCDIR/script/tests/test_session_key.sh localhost $USERNAME $PASSWORD $DOMAIN $ADDARG || failed=`expr $failed + $?`
$SRCDIR/script/tests/test_binding_string.sh localhost $USERNAME $PASSWORD $DOMAIN $ADDARG || failed=`expr $failed + $?`
$SRCDIR/script/tests/test_echo.sh localhost $USERNAME $PASSWORD $DOMAIN $ADDARG || failed=`expr $failed + $?`
$SRCDIR/script/tests/test_posix.sh //localhost/tmp $USERNAME $PASSWORD "" $ADDARG || failed=`expr $failed + $?`
diff --git a/source4/script/tests/test_rpc.sh b/source4/script/tests/test_rpc.sh
index d7272b0e6e..e2cf7c8c03 100755
--- a/source4/script/tests/test_rpc.sh
+++ b/source4/script/tests/test_rpc.sh
@@ -5,6 +5,9 @@
ncacn_np_tests="RPC-SPOOLSS RPC-SCHANNEL RPC-ECHO RPC-DSSETUP RPC-ALTERCONTEXT RPC-MULTIBIND"
ncalrpc_tests="RPC-SCHANNEL RPC-ECHO RPC-DSSETUP RPC-ALTERCONTEXT RPC-MULTIBIND"
ncacn_ip_tcp_tests="RPC-SCHANNEL RPC-ECHO RPC-DSSETUP RPC-ALTERCONTEXT RPC-MULTIBIND"
+slow_ncacn_np_tests="RPC-SAMLOGON"
+slow_ncalrpc_tests="RPC-SAMLOGON"
+slow_ncacn_ip_tcp_tests="RPC-SAMLOGON"
if [ $# -lt 4 ]; then
cat <<EOF
@@ -42,3 +45,18 @@ for bindoptions in connect sign seal sign,seal spnego spnego,sign spnego,seal va
done
testok $0 $failed
+
+#for bindoptions in connect validate padcheck bigendian bigendian,seal; do
+# for transport in ncalrpc ncacn_np ncacn_ip_tcp; do
+# case $transport in
+# ncalrpc) tests=$slow_ncalrpc_tests ;;
+# ncacn_np) tests=$slow_ncacn_np_tests ;;
+# ncacn_ip_tcp) tests=$slow_ncacn_ip_tcp_tests ;;
+# esac
+# for t in $tests; do
+# name="$t on $transport with $bindoptions"
+# testit "$name" $VALGRIND bin/smbtorture $TORTURE_OPTIONS $transport:"$server[$bindoptions]" -U"$username"%"$password" -W $domain $t "$*" || failed=`expr $failed + 1`
+# done
+# done
+#done
+
diff --git a/source4/script/tests/test_session_key.sh b/source4/script/tests/test_session_key.sh
new file mode 100755
index 0000000000..48f3d19183
--- /dev/null
+++ b/source4/script/tests/test_session_key.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+if [ $# -lt 4 ]; then
+cat <<EOF
+Usage: test_session_key.sh SERVER USERNAME PASSWORD DOMAIN
+EOF
+exit 1;
+fi
+
+server="$1"
+username="$2"
+password="$3"
+domain="$4"
+shift 4
+
+incdir=`dirname $0`
+. $incdir/test_functions.sh
+
+failed=0
+transport="ncacn_np"
+ for ntlmoptions in \
+ "--option=usespnego=yes --option=ntlmssp_client:ntlm2=yes" \
+ "--option=usespnego=yes --option=ntlmssp_client:ntlm2=no" \
+ "--option=usespnego=yes --option=ntlmssp_client:ntlm2=yes --option=ntlmssp_client:128bit=no" \
+ "--option=usespnego=yes--option=ntlmssp_client:ntlm2=no --option=ntlmssp_client:128bit=no" \
+ "--option=usespnego=yes --option=ntlmssp_client:ntlm2=yes --option=ntlmssp_client:keyexchange=no" \
+ "--option=usespnego=yes --option=ntlmssp_client:ntlm2=no --option=ntlmssp_client:keyexchange=no" \
+ "--option=usespnego=no" \
+ ; do
+ name="$transport with $ntlmoptions"
+ testit "$name" bin/smbtorture $TORTURE_OPTIONS $transport:"$server[$bindoptions]" $ntlmoptions -U"$username"%"$password" -W $domain RPC-SECRETS "$*" || failed=`expr $failed + 1`
+ done
+testok $0 $failed
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index f723f68a02..543ea4f48a 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -1680,3 +1680,37 @@ BOOL torture_rpc_lsa(void)
return ret;
}
+
+
+BOOL torture_rpc_lsa_secrets(void)
+{
+ NTSTATUS status;
+ struct dcerpc_pipe *p;
+ TALLOC_CTX *mem_ctx;
+ BOOL ret = True;
+ struct policy_handle handle;
+
+ mem_ctx = talloc_init("torture_rpc_lsa_secrets");
+
+ status = torture_rpc_connection(mem_ctx,
+ &p,
+ DCERPC_LSARPC_NAME,
+ DCERPC_LSARPC_UUID,
+ DCERPC_LSARPC_VERSION);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_free(mem_ctx);
+ return False;
+ }
+
+ if (!test_lsa_OpenPolicy2(p, mem_ctx, &handle)) {
+ ret = False;
+ }
+
+ if (!test_CreateSecret(p, mem_ctx, &handle)) {
+ ret = False;
+ }
+
+ talloc_free(mem_ctx);
+
+ return ret;
+}
diff --git a/source4/torture/torture.c b/source4/torture/torture.c
index c96f862142..5036822aa4 100644
--- a/source4/torture/torture.c
+++ b/source4/torture/torture.c
@@ -2280,6 +2280,7 @@ static struct {
/* rpc testers */
{"RPC-LSA", torture_rpc_lsa, 0},
+ {"RPC-SECRETS", torture_rpc_lsa_secrets, 0},
{"RPC-ECHO", torture_rpc_echo, 0},
{"RPC-DFS", torture_rpc_dfs, 0},
{"RPC-SPOOLSS", torture_rpc_spoolss, 0},