r6032: Fix up SetServerPassword2 on NETLOGON for [bigendian]. Clearly nobody

has the patience to run test_w2k3.sh to completion :-) It looks to me that the Windows server runs the RC4 over the C struct, not the NDR data. Andrew Bartlett (This used to be commit c324d974134c35b4c50c91d5a932a63c78b67046)
author: Andrew Bartlett <abartlet@samba.org> 2005-03-24 06:30:38 +0000
committer: Gerald (Jerry) Carter <jerry@samba.org> 2007-10-10 13:11:16 -0500
commit: a19d002ceea84b0b7350b1b3ebf181a03ac5b494 (patch)
tree: 3d300530d2c61c0f13202781530d0f575fed636f
parent: 21d9419b1e4d6ef113a26382315ad96b3509d156 (diff)
download: samba-a19d002ceea84b0b7350b1b3ebf181a03ac5b494.tar.gz
samba-a19d002ceea84b0b7350b1b3ebf181a03ac5b494.tar.bz2
samba-a19d002ceea84b0b7350b1b3ebf181a03ac5b494.zip
3 files changed, 30 insertions, 45 deletions
diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl
index b99f13638d..c97a640d18 100644
--- a/source4/librpc/idl/netlogon.idl
+++ b/source4/librpc/idl/netlogon.idl
@@ -1014,6 +1014,11 @@ interface netlogon
 		[out,switch_is(level)] netr_DomainInfo info
 		);
 
+	typedef [flag(NDR_PAHEX)] struct {
+		uint16 data[256];
+		uint32 length;
+	} netr_CryptPassword;
+
 	/*****************/
 	/* Function 0x1e */
 	NTSTATUS netr_ServerPasswordSet2(
@@ -1022,7 +1027,7 @@ interface netlogon
 		[in]  netr_SchannelType secure_channel_type,
 		[in]  unistr computer_name,
 		[in]  netr_Authenticator credential,
-		[in]  samr_CryptPassword new_password,
+		[in]  netr_CryptPassword new_password,
 		[out] netr_Authenticator return_authenticator
 		);
 
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 0b6106d485..141aeef1bf 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1018,6 +1018,8 @@ static NTSTATUS netr_ServerPasswordSet2(struct dcesrv_call_state *dce_call, TALL
 	char new_pass[512];
 	uint32_t new_pass_len;
 
+	struct samr_CryptPassword password_buf;
+
 	const char *attrs[] = {"objectSid", NULL };
 
 	const char **domain_attrs = attrs;
@@ -1080,10 +1082,12 @@ static NTSTATUS netr_ServerPasswordSet2(struct dcesrv_call_state *dce_call, TALL
 	NT_STATUS_HAVE_NO_MEMORY(mod);
 	mod->dn = talloc_reference(mod, msgs[0]->dn);
     
-	creds_arcfour_crypt(pipe_state->creds, r->in.new_password.data, 516);
+	memcpy(password_buf.data, r->in.new_password.data, 512);
+	SIVAL(password_buf.data,512,r->in.new_password.length);
+	creds_arcfour_crypt(pipe_state->creds, password_buf.data, 516);
 
-	ret = decode_pw_buffer(r->in.new_password.data, new_pass, sizeof(new_pass),
-			      &new_pass_len, STR_UNICODE);
+	ret = decode_pw_buffer(password_buf.data, new_pass, sizeof(new_pass),
+			       &new_pass_len, STR_UNICODE);
 	if (!ret) {
 		DEBUG(3,("netr_ServerPasswordSet2: failed to decode password buffer\n"));
 		return NT_STATUS_ACCESS_DENIED;
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index c12560ad53..72d039fc42 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -294,37 +294,6 @@ static BOOL test_SetPassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
 	r.in.secure_channel_type = SEC_CHAN_BDC;
 	r.in.computer_name = TEST_MACHINE_NAME;
 
-	password = "";
-	E_md4hash(password, r.in.new_password.hash);
-
-	creds_des_encrypt(creds, &r.in.new_password);
-	/* by changing the machine password to ""
-	 * we check if the server uses password restrictions
-	 * for ServerPasswordSet2
-	 * (win2k3 accepts "")
-	 */
-	printf("Testing a second ServerPasswordSet on machine account\n");
-	printf("Changing machine account password to '%s'\n", password);
-
-	creds_client_authenticator(creds, &r.in.credential);
-
-	status = dcerpc_netr_ServerPasswordSet(p, mem_ctx, &r);
-	if (!NT_STATUS_IS_OK(status)) {
-		printf("ServerPasswordSet (2) - %s\n", nt_errstr(status));
-		return False;
-	}
-
-	if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
-		printf("Credential chaining failed\n");
-	}
-
-	machine_password = password;
-
-	if (!test_SetupCredentials(p, mem_ctx, TEST_MACHINE_NAME, machine_password, &creds)) {
-		printf("ServerPasswordSet failed to actually change the password\n");
-		return False;
-	}
-
 	password = generate_random_str(mem_ctx, 8);
 	E_md4hash(password, r.in.new_password.hash);
 
@@ -383,6 +352,7 @@ static BOOL test_SetPassword2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
 	struct netr_ServerPasswordSet2 r;
 	const char *password;
 	struct creds_CredentialState *creds;
+	struct samr_CryptPassword password_buf;
 
 	if (!test_SetupCredentials(p, mem_ctx, TEST_MACHINE_NAME,
 				   machine_password, &creds)) {
@@ -394,23 +364,26 @@ static BOOL test_SetPassword2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
 	r.in.secure_channel_type = SEC_CHAN_BDC;
 	r.in.computer_name = TEST_MACHINE_NAME;
 
-	password = "";
-	encode_pw_buffer(r.in.new_password.data, password, STR_UNICODE);
-	creds_arcfour_crypt(creds, r.in.new_password.data, 516);
+	password = generate_random_str(mem_ctx, 8);
+	encode_pw_buffer(password_buf.data, password, STR_UNICODE);
+	creds_arcfour_crypt(creds, password_buf.data, 516);
+
+	memcpy(r.in.new_password.data, password_buf.data, 512);
+	r.in.new_password.length = IVAL(password_buf.data, 512);
 
 	/* by changing the machine password to ""
 	 * we check if the server uses password restrictions
 	 * for ServerPasswordSet2
 	 * (win2k3 accepts "")
 	 */
-	printf("Testing a second ServerPasswordSet2 on machine account\n");
+	printf("Testing ServerPasswordSet2 on machine account\n");
 	printf("Changing machine account password to '%s'\n", password);
 
 	creds_client_authenticator(creds, &r.in.credential);
 
 	status = dcerpc_netr_ServerPasswordSet2(p, mem_ctx, &r);
 	if (!NT_STATUS_IS_OK(status)) {
-		printf("ServerPasswordSet (2) - %s\n", nt_errstr(status));
+		printf("ServerPasswordSet2 - %s\n", nt_errstr(status));
 		return False;
 	}
 
@@ -427,17 +400,20 @@ static BOOL test_SetPassword2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
 
 	/* now try a random password */
 	password = generate_random_str(mem_ctx, 8);
-	encode_pw_buffer(r.in.new_password.data, password, STR_UNICODE);
-	creds_arcfour_crypt(creds, r.in.new_password.data, 516);
+	encode_pw_buffer(password_buf.data, password, STR_UNICODE);
+	creds_arcfour_crypt(creds, password_buf.data, 516);
 
-	printf("Testing ServerPasswordSet2 on machine account\n");
+	memcpy(r.in.new_password.data, password_buf.data, 512);
+	r.in.new_password.length = IVAL(password_buf.data, 512);
+
+	printf("Testing second ServerPasswordSet2 on machine account\n");
 	printf("Changing machine account password to '%s'\n", password);
 
 	creds_client_authenticator(creds, &r.in.credential);
 
 	status = dcerpc_netr_ServerPasswordSet2(p, mem_ctx, &r);
 	if (!NT_STATUS_IS_OK(status)) {
-		printf("ServerPasswordSet2 - %s\n", nt_errstr(status));
+		printf("ServerPasswordSet2 (2) - %s\n", nt_errstr(status));
 		return False;
 	}
 
@@ -456,7 +432,7 @@ static BOOL test_SetPassword2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
 
 	status = dcerpc_netr_ServerPasswordSet2(p, mem_ctx, &r);
 	if (!NT_STATUS_IS_OK(status)) {
-		printf("ServerPasswordSet (2) - %s\n", nt_errstr(status));
+		printf("ServerPasswordSet (3) - %s\n", nt_errstr(status));
 		return False;
 	}
author	Andrew Bartlett <abartlet@samba.org>	2005-03-24 06:30:38 +0000
committer	Gerald (Jerry) Carter <jerry@samba.org>	2007-10-10 13:11:16 -0500
commit	a19d002ceea84b0b7350b1b3ebf181a03ac5b494 (patch)
tree	3d300530d2c61c0f13202781530d0f575fed636f
parent	21d9419b1e4d6ef113a26382315ad96b3509d156 (diff)
download	samba-a19d002ceea84b0b7350b1b3ebf181a03ac5b494.tar.gz samba-a19d002ceea84b0b7350b1b3ebf181a03ac5b494.tar.bz2 samba-a19d002ceea84b0b7350b1b3ebf181a03ac5b494.zip