summaryrefslogtreecommitdiff
path: root/source4/torture/rap
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2010-05-12 00:18:42 +0200
committerGünther Deschner <gd@samba.org>2010-05-12 00:21:20 +0200
commit73d654ec2fcadf3c195017349ad4a727c8179f35 (patch)
tree1dafc436df8e1739eac10eea2499c272e2fb55ec /source4/torture/rap
parentb73b237a6b5e2a596c89608301454f0577f650ab (diff)
downloadsamba-73d654ec2fcadf3c195017349ad4a727c8179f35.tar.gz
samba-73d654ec2fcadf3c195017349ad4a727c8179f35.tar.bz2
samba-73d654ec2fcadf3c195017349ad4a727c8179f35.zip
s4-smbtorture: create/delete testusers via SAMR in RAP-SAM.
Unless we spent time researching the RAP useradd calls (and implement them in s3) it is far more easy to use existing SAMR calls to create and delete test users that are used for RAP change password operations. Guenther
Diffstat (limited to 'source4/torture/rap')
-rw-r--r--source4/torture/rap/sam.c93
1 files changed, 83 insertions, 10 deletions
diff --git a/source4/torture/rap/sam.c b/source4/torture/rap/sam.c
index 67cfeb8c73..d99c3487c3 100644
--- a/source4/torture/rap/sam.c
+++ b/source4/torture/rap/sam.c
@@ -29,15 +29,29 @@
#include "param/param.h"
#include "../lib/crypto/crypto.h"
#include "../libcli/auth/libcli_auth.h"
+#include "torture/rpc/torture_rpc.h"
-static bool test_userpasswordset2(struct torture_context *tctx,
- struct smbcli_state *cli)
+#define TEST_RAP_USER "torture_rap_user"
+
+static char *samr_rand_pass(TALLOC_CTX *mem_ctx, int min_len)
+{
+ size_t len = MAX(8, min_len);
+ char *s = generate_random_password(mem_ctx, len, len+6);
+ printf("Generated password '%s'\n", s);
+ return s;
+}
+
+static bool test_userpasswordset2_args(struct torture_context *tctx,
+ struct smbcli_state *cli,
+ const char *username,
+ const char **password)
{
struct rap_NetUserPasswordSet2 r;
+ char *newpass = samr_rand_pass(tctx, 8);
- r.in.UserName = "gd";
- r.in.OldPassword = "secret";
- r.in.NewPassword = "newpwd";
+ r.in.UserName = username;
+ r.in.OldPassword = *password;
+ r.in.NewPassword = newpass;
r.in.EncryptedPassword = 0;
r.in.RealPasswordLength = strlen(r.in.NewPassword);
@@ -46,21 +60,51 @@ static bool test_userpasswordset2(struct torture_context *tctx,
torture_assert_ntstatus_ok(tctx,
smbcli_rap_netuserpasswordset2(cli->tree, lp_iconv_convenience(tctx->lp_ctx), tctx, &r),
"smbcli_rap_netuserpasswordset2 failed");
+ if (!W_ERROR_IS_OK(W_ERROR(r.out.status))) {
+ torture_warning(tctx, "RAP NetUserPasswordSet2 gave: %s\n",
+ win_errstr(W_ERROR(r.out.status)));
+ } else {
+ *password = newpass;
+ }
return true;
}
-static bool test_oemchangepassword(struct torture_context *tctx,
- struct smbcli_state *cli)
+static bool test_userpasswordset2(struct torture_context *tctx,
+ struct smbcli_state *cli)
+{
+ struct test_join *join_ctx;
+ const char *password;
+ bool ret;
+
+ join_ctx = torture_create_testuser_max_pwlen(tctx, TEST_RAP_USER,
+ torture_setting_string(tctx, "workgroup", NULL),
+ ACB_NORMAL,
+ &password, 14);
+ if (join_ctx == NULL) {
+ torture_fail(tctx, "failed to create user\n");
+ }
+
+ ret = test_userpasswordset2_args(tctx, cli, TEST_RAP_USER, &password);
+
+ torture_leave_domain(tctx, join_ctx);
+
+ return ret;
+}
+
+static bool test_oemchangepassword_args(struct torture_context *tctx,
+ struct smbcli_state *cli,
+ const char *username,
+ const char **password)
{
struct rap_NetOEMChangePassword r;
- const char *oldpass = "secret";
- const char *newpass = "newpwd";
+ const char *oldpass = *password;
+ char *newpass = samr_rand_pass(tctx, 9);
uint8_t old_pw_hash[16];
uint8_t new_pw_hash[16];
- r.in.UserName = "gd";
+ r.in.UserName = username;
E_deshash(oldpass, old_pw_hash);
E_deshash(newpass, new_pw_hash);
@@ -74,10 +118,39 @@ static bool test_oemchangepassword(struct torture_context *tctx,
torture_assert_ntstatus_ok(tctx,
smbcli_rap_netoemchangepassword(cli->tree, lp_iconv_convenience(tctx->lp_ctx), tctx, &r),
"smbcli_rap_netoemchangepassword failed");
+ if (!W_ERROR_IS_OK(W_ERROR(r.out.status))) {
+ torture_warning(tctx, "RAP NetOEMChangePassword gave: %s\n",
+ win_errstr(W_ERROR(r.out.status)));
+ } else {
+ *password = newpass;
+ }
return true;
}
+static bool test_oemchangepassword(struct torture_context *tctx,
+ struct smbcli_state *cli)
+{
+
+ struct test_join *join_ctx;
+ const char *password;
+ bool ret;
+
+ join_ctx = torture_create_testuser_max_pwlen(tctx, TEST_RAP_USER,
+ torture_setting_string(tctx, "workgroup", NULL),
+ ACB_NORMAL,
+ &password, 14);
+ if (join_ctx == NULL) {
+ torture_fail(tctx, "failed to create user\n");
+ }
+
+ ret = test_oemchangepassword_args(tctx, cli, TEST_RAP_USER, &password);
+
+ torture_leave_domain(tctx, join_ctx);
+
+ return ret;
+}
+
struct torture_suite *torture_rap_sam(TALLOC_CTX *mem_ctx)
{
struct torture_suite *suite = torture_suite_create(mem_ctx, "SAM");