summaryrefslogtreecommitdiff
path: root/source4/torture/rpc
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-06-03 23:15:16 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:56:25 -0500
commit8087d844ef59a82617be51f7c887b9bafe362f80 (patch)
treee09e1761bc871b73eeaf5c25109e9d8daf207c1d /source4/torture/rpc
parent4309727424a0a27bbf5372789bc8644b96a28ba9 (diff)
downloadsamba-8087d844ef59a82617be51f7c887b9bafe362f80.tar.gz
samba-8087d844ef59a82617be51f7c887b9bafe362f80.tar.bz2
samba-8087d844ef59a82617be51f7c887b9bafe362f80.zip
r995: - renamed many of our crypto routines to use the industry standard
names rather than our crazy naming scheme. So DES is now called des_crypt() rather than smbhash() - added the code from the solution of the ADS crypto challenge that allows Samba to correctly handle a 128 bit session key in all of the netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard from PADL for solving this one! - restructured the server side rpc authentication to allow for other than NTLMSSP sign and seal. This commit just adds the structure, the next commit will add schannel server side support. - added 128 bit session key support to our client side code, and testing against w2k3 with smbtorture. Works well. (This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee)
Diffstat (limited to 'source4/torture/rpc')
-rw-r--r--source4/torture/rpc/netlogon.c12
-rw-r--r--source4/torture/rpc/samr.c18
2 files changed, 17 insertions, 13 deletions
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 58c071dcdb..bfa63c2af7 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -147,7 +147,7 @@ again:
return False;
}
- SamOEMhashBlob(u.info24.password.data, 516, &session_key);
+ arcfour_crypt_blob(u.info24.password.data, 516, &session_key);
status = dcerpc_samr_SetUserInfo(join.p, mem_ctx, &s);
if (!NT_STATUS_IS_OK(status)) {
@@ -274,7 +274,8 @@ static BOOL test_SetupCredentials(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
a.in.credentials = &credentials3;
a.out.credentials = &credentials3;
- creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3);
+ creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3,
+ NETLOGON_NEG_AUTH2_FLAGS);
printf("Testing ServerAuthenticate\n");
@@ -335,7 +336,8 @@ static BOOL test_SetupCredentials2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
a.in.credentials = &credentials3;
a.out.credentials = &credentials3;
- creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3);
+ creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3,
+ negotiate_flags);
printf("Testing ServerAuthenticate2\n");
@@ -374,6 +376,7 @@ static BOOL test_SetupCredentials3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
r.in.computer_name = TEST_MACHINE_NAME;
r.in.credentials = &credentials1;
r.out.credentials = &credentials2;
+
generate_random_buffer(credentials1.data, sizeof(credentials1.data), False);
status = dcerpc_netr_ServerReqChallenge(p, mem_ctx, &r);
@@ -400,7 +403,8 @@ static BOOL test_SetupCredentials3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
a.out.negotiate_flags = &negotiate_flags;
a.out.rid = &rid;
- creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3);
+ creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3,
+ negotiate_flags);
printf("Testing ServerAuthenticate3\n");
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 3a243abfce..dab1b3bed5 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -364,7 +364,7 @@ static BOOL test_SetUserPass(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return False;
}
- SamOEMhashBlob(u.info24.password.data, 516, &session_key);
+ arcfour_crypt_blob(u.info24.password.data, 516, &session_key);
printf("Testing SetUserInfo level 24 (set password)\n");
@@ -408,7 +408,7 @@ static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return False;
}
- SamOEMhashBlob(u.info23.password.data, 516, &session_key);
+ arcfour_crypt_blob(u.info23.password.data, 516, &session_key);
printf("Testing SetUserInfo level 23 (set password)\n");
@@ -459,7 +459,7 @@ static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
MD5Update(&ctx, session_key.data, session_key.length);
MD5Final(confounded_session_key.data, &ctx);
- SamOEMhashBlob(u.info26.password.data, 516, &confounded_session_key);
+ arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
memcpy(&u.info26.password.data[516], confounder, 16);
printf("Testing SetUserInfo level 26 (set password ex)\n");
@@ -513,7 +513,7 @@ static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
MD5Update(&ctx, session_key.data, session_key.length);
MD5Final(confounded_session_key.data, &ctx);
- SamOEMhashBlob(u.info25.password.data, 516, &confounded_session_key);
+ arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key);
memcpy(&u.info25.password.data[516], confounder, 16);
printf("Testing SetUserInfo level 25 (set password ex)\n");
@@ -810,7 +810,7 @@ static BOOL test_OemChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_c
E_deshash(newpass, new_lm_hash);
encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
- SamOEMhash(lm_pass.data, old_lm_hash, 516);
+ arcfour_crypt(lm_pass.data, old_lm_hash, 516);
E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
r.in.server = &server;
@@ -856,11 +856,11 @@ static BOOL test_ChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
E_deshash(newpass, new_lm_hash);
encode_pw_buffer(lm_pass.data, newpass, STR_ASCII|STR_TERMINATE);
- SamOEMhash(lm_pass.data, old_lm_hash, 516);
+ arcfour_crypt(lm_pass.data, old_lm_hash, 516);
E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
- SamOEMhash(nt_pass.data, old_nt_hash, 516);
+ arcfour_crypt(nt_pass.data, old_nt_hash, 516);
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
r.in.server = &server;
@@ -909,11 +909,11 @@ static BOOL test_ChangePasswordUser3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
E_deshash(newpass, new_lm_hash);
encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
- SamOEMhash(lm_pass.data, old_nt_hash, 516);
+ arcfour_crypt(lm_pass.data, old_nt_hash, 516);
E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
- SamOEMhash(nt_pass.data, old_nt_hash, 516);
+ arcfour_crypt(nt_pass.data, old_nt_hash, 516);
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
r.in.server = &server;