summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-04-10 22:23:02 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:11:29 -0500
commitfc1b6bae230c583cdf2f06dae63d221849b33655 (patch)
treea4341b2a3880a859d2110e6a761615d3e8c17864
parent3ae4d872f5292f5620fc2d75b3c5434c52d726a1 (diff)
downloadsamba-fc1b6bae230c583cdf2f06dae63d221849b33655.tar.gz
samba-fc1b6bae230c583cdf2f06dae63d221849b33655.tar.bz2
samba-fc1b6bae230c583cdf2f06dae63d221849b33655.zip
r6286: Add back metze's test of setting a trust password to ''. I removed
this because I don't want our torture suite to leave behind accounts with known passwords if it is stopped in the wrong place. It is now run behind the -X (dangerous) wrapper. Andrew Bartlett (This used to be commit 057a81d81ed8dfaf323be118e32df2cf1c92cc09)
-rw-r--r--source4/torture/rpc/netlogon.c38
1 files changed, 33 insertions, 5 deletions
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 72d039fc42..de0649d17b 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -371,11 +371,6 @@ static BOOL test_SetPassword2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
memcpy(r.in.new_password.data, password_buf.data, 512);
r.in.new_password.length = IVAL(password_buf.data, 512);
- /* by changing the machine password to ""
- * we check if the server uses password restrictions
- * for ServerPasswordSet2
- * (win2k3 accepts "")
- */
printf("Testing ServerPasswordSet2 on machine account\n");
printf("Changing machine account password to '%s'\n", password);
@@ -393,6 +388,39 @@ static BOOL test_SetPassword2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
machine_password = password;
+ if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
+ printf("Not testing ability to set password to '', enable dangerous tests to perform this test\n");
+ } else {
+ /* by changing the machine password to ""
+ * we check if the server uses password restrictions
+ * for ServerPasswordSet2
+ * (win2k3 accepts "")
+ */
+ password = "";
+ encode_pw_buffer(password_buf.data, password, STR_UNICODE);
+ creds_arcfour_crypt(creds, password_buf.data, 516);
+
+ memcpy(r.in.new_password.data, password_buf.data, 512);
+ r.in.new_password.length = IVAL(password_buf.data, 512);
+
+ printf("Testing ServerPasswordSet2 on machine account\n");
+ printf("Changing machine account password to '%s'\n", password);
+
+ creds_client_authenticator(creds, &r.in.credential);
+
+ status = dcerpc_netr_ServerPasswordSet2(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ServerPasswordSet2 - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
+ printf("Credential chaining failed\n");
+ }
+
+ machine_password = password;
+ }
+
if (!test_SetupCredentials(p, mem_ctx, TEST_MACHINE_NAME, machine_password, &creds)) {
printf("ServerPasswordSet failed to actually change the password\n");
return False;