diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-04-10 22:23:02 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:11:29 -0500 |
commit | fc1b6bae230c583cdf2f06dae63d221849b33655 (patch) | |
tree | a4341b2a3880a859d2110e6a761615d3e8c17864 /source4/torture/rpc | |
parent | 3ae4d872f5292f5620fc2d75b3c5434c52d726a1 (diff) | |
download | samba-fc1b6bae230c583cdf2f06dae63d221849b33655.tar.gz samba-fc1b6bae230c583cdf2f06dae63d221849b33655.tar.bz2 samba-fc1b6bae230c583cdf2f06dae63d221849b33655.zip |
r6286: Add back metze's test of setting a trust password to ''. I removed
this because I don't want our torture suite to leave behind accounts
with known passwords if it is stopped in the wrong place. It is now
run behind the -X (dangerous) wrapper.
Andrew Bartlett
(This used to be commit 057a81d81ed8dfaf323be118e32df2cf1c92cc09)
Diffstat (limited to 'source4/torture/rpc')
-rw-r--r-- | source4/torture/rpc/netlogon.c | 38 |
1 files changed, 33 insertions, 5 deletions
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c index 72d039fc42..de0649d17b 100644 --- a/source4/torture/rpc/netlogon.c +++ b/source4/torture/rpc/netlogon.c @@ -371,11 +371,6 @@ static BOOL test_SetPassword2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) memcpy(r.in.new_password.data, password_buf.data, 512); r.in.new_password.length = IVAL(password_buf.data, 512); - /* by changing the machine password to "" - * we check if the server uses password restrictions - * for ServerPasswordSet2 - * (win2k3 accepts "") - */ printf("Testing ServerPasswordSet2 on machine account\n"); printf("Changing machine account password to '%s'\n", password); @@ -393,6 +388,39 @@ static BOOL test_SetPassword2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) machine_password = password; + if (!lp_parm_bool(-1, "torture", "dangerous", False)) { + printf("Not testing ability to set password to '', enable dangerous tests to perform this test\n"); + } else { + /* by changing the machine password to "" + * we check if the server uses password restrictions + * for ServerPasswordSet2 + * (win2k3 accepts "") + */ + password = ""; + encode_pw_buffer(password_buf.data, password, STR_UNICODE); + creds_arcfour_crypt(creds, password_buf.data, 516); + + memcpy(r.in.new_password.data, password_buf.data, 512); + r.in.new_password.length = IVAL(password_buf.data, 512); + + printf("Testing ServerPasswordSet2 on machine account\n"); + printf("Changing machine account password to '%s'\n", password); + + creds_client_authenticator(creds, &r.in.credential); + + status = dcerpc_netr_ServerPasswordSet2(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("ServerPasswordSet2 - %s\n", nt_errstr(status)); + return False; + } + + if (!creds_client_check(creds, &r.out.return_authenticator.cred)) { + printf("Credential chaining failed\n"); + } + + machine_password = password; + } + if (!test_SetupCredentials(p, mem_ctx, TEST_MACHINE_NAME, machine_password, &creds)) { printf("ServerPasswordSet failed to actually change the password\n"); return False; |