summaryrefslogtreecommitdiff
path: root/source4/torture/rpc
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-12-12 22:52:46 +1100
committerAndrew Bartlett <abartlet@samba.org>2011-12-12 12:57:08 +0100
commit47a4388b91db76879716d57a2615303f94c559b4 (patch)
treef0fd4b6e03510249c60b74530801896e78369be9 /source4/torture/rpc
parent29635c93d7a3e7d6297c065b56ece9650f6e4ee8 (diff)
downloadsamba-47a4388b91db76879716d57a2615303f94c559b4.tar.gz
samba-47a4388b91db76879716d57a2615303f94c559b4.tar.bz2
samba-47a4388b91db76879716d57a2615303f94c559b4.zip
s4-torture Do not use a fixed password for forest trust tests
It is much better to always use random passwords. Andrew Bartlett
Diffstat (limited to 'source4/torture/rpc')
-rw-r--r--source4/torture/rpc/forest_trust.c20
1 files changed, 13 insertions, 7 deletions
diff --git a/source4/torture/rpc/forest_trust.c b/source4/torture/rpc/forest_trust.c
index b7fdd2a4b8..f416054abc 100644
--- a/source4/torture/rpc/forest_trust.c
+++ b/source4/torture/rpc/forest_trust.c
@@ -36,7 +36,6 @@
#define TEST_DOM_DNS "torturedom.samba.example.com"
#define TEST_DOM_SID "S-1-5-21-97398-379795-10000"
#define TEST_MACHINE_NAME "lsatestmach"
-#define TPASS "1234567890"
static bool test_get_policy_handle(struct torture_context *tctx,
@@ -577,7 +576,8 @@ static bool test_validate_trust(struct torture_context *tctx,
const char *trusting_dom_name,
const char *trusting_dom_dns_name,
const char *trusted_dom_name,
- const char *trusted_dom_dns_name)
+ const char *trusted_dom_dns_name,
+ const char *trust_password)
{
struct netr_ServerGetTrustInfo r;
@@ -613,7 +613,7 @@ static bool test_validate_trust(struct torture_context *tctx,
CRED_SPECIFIED);
cli_credentials_set_realm(credentials, trusting_dom_dns_name,
CRED_SPECIFIED);
- cli_credentials_set_password(credentials, TPASS, CRED_SPECIFIED);
+ cli_credentials_set_password(credentials, trust_password, CRED_SPECIFIED);
cli_credentials_set_workstation(credentials,
trusted_dom_name, CRED_SPECIFIED);
cli_credentials_set_secure_channel_type(credentials, SEC_CHAN_DOMAIN);
@@ -795,10 +795,14 @@ static bool testcase_ForestTrusts(struct torture_context *tctx,
union lsa_PolicyInformation *dom1_info_dns = NULL;
union lsa_PolicyInformation *dom2_info_dns = NULL;
const char *binding = torture_setting_string(tctx, "binding", NULL);
+ char *test_password;
torture_comment(tctx, "Testing Forest Trusts\n");
- if (!get_trust_domain_passwords_auth_blob(tctx, TPASS, &auth_blob)) {
+ test_password = generate_random_password(tctx, 32, 64);
+ torture_assert(tctx, test_password != NULL, "test password must be generated");
+
+ if (!get_trust_domain_passwords_auth_blob(tctx, test_password, &auth_blob)) {
torture_comment(tctx,
"get_trust_domain_passwords_auth_blob failed\n");
return false;
@@ -809,6 +813,8 @@ static bool testcase_ForestTrusts(struct torture_context *tctx,
* generate a usable blob due to errors in the IDL */
auth_blob.data = talloc_memdup(tctx, my_blob, sizeof(my_blob));
auth_blob.length = sizeof(my_blob);
+
+ test_password = "1234567890"
#endif
domsid = dom_sid_parse_talloc(tctx, TEST_DOM_SID);
@@ -832,7 +838,7 @@ static bool testcase_ForestTrusts(struct torture_context *tctx,
if (!test_validate_trust(tctx, binding,
dom1_info_dns->dns.name.string,
dom1_info_dns->dns.dns_domain.string,
- TEST_DOM, TEST_DOM_DNS)) {
+ TEST_DOM, TEST_DOM_DNS, test_password)) {
ret = false;
}
@@ -911,7 +917,7 @@ static bool testcase_ForestTrusts(struct torture_context *tctx,
dom1_info_dns->dns.name.string,
dom1_info_dns->dns.dns_domain.string,
dom2_info_dns->dns.name.string,
- dom2_info_dns->dns.dns_domain.string)) {
+ dom2_info_dns->dns.dns_domain.string, test_password)) {
ret = false;
}
@@ -919,7 +925,7 @@ static bool testcase_ForestTrusts(struct torture_context *tctx,
dom2_info_dns->dns.name.string,
dom2_info_dns->dns.dns_domain.string,
dom1_info_dns->dns.name.string,
- dom1_info_dns->dns.dns_domain.string)) {
+ dom1_info_dns->dns.dns_domain.string, test_password)) {
ret = false;
}