diff options
author | Günther Deschner <gd@samba.org> | 2012-12-05 18:06:54 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-12-09 19:39:08 +0100 |
commit | 6aec126566d01dd9ddbbd5488f73b61729094a52 (patch) | |
tree | 03b2401725efa25cc97081bebc2b40c443b85d51 | |
parent | 83b00afe9f2116ef04378c251070143595450a3e (diff) | |
download | samba-6aec126566d01dd9ddbbd5488f73b61729094a52.tar.gz samba-6aec126566d01dd9ddbbd5488f73b61729094a52.tar.bz2 samba-6aec126566d01dd9ddbbd5488f73b61729094a52.zip |
s4-torture: validate owf password hash and negotiate AES in forest trust test.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r-- | source4/torture/rpc/forest_trust.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/source4/torture/rpc/forest_trust.c b/source4/torture/rpc/forest_trust.c index f416054abc..220828083a 100644 --- a/source4/torture/rpc/forest_trust.c +++ b/source4/torture/rpc/forest_trust.c @@ -597,6 +597,7 @@ static bool test_validate_trust(struct torture_context *tctx, struct netr_GetForestTrustInformation fr; struct lsa_ForestTrustInformation *forest_trust_info; int i; + struct samr_Password nt_hash; status = dcerpc_parse_binding(tctx, binding, &b); torture_assert_ntstatus_ok(tctx, status, "Bad binding string"); @@ -630,7 +631,7 @@ static bool test_validate_trust(struct torture_context *tctx, return false; } - if (!test_SetupCredentials3(pipe, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, + if (!test_SetupCredentials3(pipe, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS | NETLOGON_NEG_SUPPORTS_AES, credentials, &creds)) { torture_comment(tctx, "test_SetupCredentials3 failed.\n"); return false; @@ -670,6 +671,16 @@ static bool test_validate_trust(struct torture_context *tctx, return false; } + E_md4hash(cli_credentials_get_password(credentials), nt_hash.hash); + + netlogon_creds_des_decrypt(creds, &new_owf_password); + + dump_data(1, new_owf_password.hash, 16); + dump_data(1, nt_hash.hash, 16); + + torture_assert_mem_equal(tctx, new_owf_password.hash, nt_hash.hash, 16, + "received unexpected owf password\n"); + netlogon_creds_client_authenticator(creds, &a); fr.in.server_name = talloc_asprintf(tctx, "\\\\%s", |