summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2012-12-05 18:06:54 +0100
committerStefan Metzmacher <metze@samba.org>2012-12-09 19:39:08 +0100
commit6aec126566d01dd9ddbbd5488f73b61729094a52 (patch)
tree03b2401725efa25cc97081bebc2b40c443b85d51
parent83b00afe9f2116ef04378c251070143595450a3e (diff)
downloadsamba-6aec126566d01dd9ddbbd5488f73b61729094a52.tar.gz
samba-6aec126566d01dd9ddbbd5488f73b61729094a52.tar.bz2
samba-6aec126566d01dd9ddbbd5488f73b61729094a52.zip
s4-torture: validate owf password hash and negotiate AES in forest trust test.
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r--source4/torture/rpc/forest_trust.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/source4/torture/rpc/forest_trust.c b/source4/torture/rpc/forest_trust.c
index f416054abc..220828083a 100644
--- a/source4/torture/rpc/forest_trust.c
+++ b/source4/torture/rpc/forest_trust.c
@@ -597,6 +597,7 @@ static bool test_validate_trust(struct torture_context *tctx,
struct netr_GetForestTrustInformation fr;
struct lsa_ForestTrustInformation *forest_trust_info;
int i;
+ struct samr_Password nt_hash;
status = dcerpc_parse_binding(tctx, binding, &b);
torture_assert_ntstatus_ok(tctx, status, "Bad binding string");
@@ -630,7 +631,7 @@ static bool test_validate_trust(struct torture_context *tctx,
return false;
}
- if (!test_SetupCredentials3(pipe, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
+ if (!test_SetupCredentials3(pipe, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS | NETLOGON_NEG_SUPPORTS_AES,
credentials, &creds)) {
torture_comment(tctx, "test_SetupCredentials3 failed.\n");
return false;
@@ -670,6 +671,16 @@ static bool test_validate_trust(struct torture_context *tctx,
return false;
}
+ E_md4hash(cli_credentials_get_password(credentials), nt_hash.hash);
+
+ netlogon_creds_des_decrypt(creds, &new_owf_password);
+
+ dump_data(1, new_owf_password.hash, 16);
+ dump_data(1, nt_hash.hash, 16);
+
+ torture_assert_mem_equal(tctx, new_owf_password.hash, nt_hash.hash, 16,
+ "received unexpected owf password\n");
+
netlogon_creds_client_authenticator(creds, &a);
fr.in.server_name = talloc_asprintf(tctx, "\\\\%s",