summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2007-03-05 09:54:37 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:49:14 -0500
commit099a3a7f5224861e04dffbece1db806f35d51fa3 (patch)
tree2a645501aaaf1c6d1634d6a5cc4f088fb1907653
parent6bca66d7d199f5b4a0225ad6659dbb2a0a94b232 (diff)
downloadsamba-099a3a7f5224861e04dffbece1db806f35d51fa3.tar.gz
samba-099a3a7f5224861e04dffbece1db806f35d51fa3.tar.bz2
samba-099a3a7f5224861e04dffbece1db806f35d51fa3.zip
r21697: Try to cover the 'bad session key' codepaths too.
Andrew Bartlett (This used to be commit 33cfe1ca221de9ef9dec264772fb299125c39447)
-rw-r--r--source4/torture/rpc/samr.c54
1 files changed, 54 insertions, 0 deletions
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 28dd03e803..e76599b3e4 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -580,6 +580,28 @@ static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
*password = newpass;
}
+ encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE);
+
+ status = dcerpc_fetch_session_key(p, &session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("SetUserInfo level %u - no session key - %s\n",
+ s.in.level, nt_errstr(status));
+ return False;
+ }
+
+ /* This should break the key nicely */
+ session_key.length--;
+ arcfour_crypt_blob(u.info23.password.data, 516, &session_key);
+
+ printf("Testing SetUserInfo level 23 (set password) with wrong password\n");
+
+ status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+ printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+ s.in.level, nt_errstr(status));
+ ret = False;
+ }
+
return ret;
}
@@ -641,6 +663,23 @@ static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
*password = newpass;
}
+ /* This should break the key nicely */
+ confounded_session_key.data[0]++;
+
+ arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
+ memcpy(&u.info26.password.data[516], confounder, 16);
+
+ printf("Testing SetUserInfo level 26 (set password ex) with wrong session key\n");
+
+ status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+ printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+ s.in.level, nt_errstr(status));
+ ret = False;
+ } else {
+ *password = newpass;
+ }
+
return ret;
}
@@ -705,6 +744,21 @@ static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
*password = newpass;
}
+ /* This should break the key nicely */
+ confounded_session_key.data[0]++;
+
+ arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key);
+ memcpy(&u.info25.password.data[516], confounder, 16);
+
+ printf("Testing SetUserInfo level 25 (set password ex) with wrong session key\n");
+
+ status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+ printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+ s.in.level, nt_errstr(status));
+ ret = False;
+ }
+
return ret;
}