diff options
author | Andrew Tridgell <tridge@samba.org> | 2003-12-01 04:13:43 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2003-12-01 04:13:43 +0000 |
commit | b4b0177fdb5f1704a7347552e48b2ab647a03d14 (patch) | |
tree | 685933c2327ddf0ec5323cfa206c8a73bab0a1c7 /source4/torture/rpc | |
parent | 5b46116923fb7c2945db128736b7f8113ea1a160 (diff) | |
download | samba-b4b0177fdb5f1704a7347552e48b2ab647a03d14.tar.gz samba-b4b0177fdb5f1704a7347552e48b2ab647a03d14.tar.bz2 samba-b4b0177fdb5f1704a7347552e48b2ab647a03d14.zip |
added netr_ServerAuthenticate() and test code
I would like the netlogon test suite to eventually do a new domain
join using a fake workstation name, then remove itself afterwards, but
for now I'm assuming we are already joined to the domain when the
testsuite runs. This means you need to use the Samba3 net command to
do a join before running RPC-NETLOGON
(This used to be commit 8c7a9446a0892a4f7722cced5019667f7a9fafdd)
Diffstat (limited to 'source4/torture/rpc')
-rw-r--r-- | source4/torture/rpc/netlogon.c | 43 |
1 files changed, 35 insertions, 8 deletions
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c index 0f22b1a44b..68937a4947 100644 --- a/source4/torture/rpc/netlogon.c +++ b/source4/torture/rpc/netlogon.c @@ -65,22 +65,26 @@ static BOOL test_LogonUasLogoff(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) } -static BOOL test_Challenge(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) +static BOOL test_Authenticate(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) { NTSTATUS status; struct netr_ServerReqChallenge r; - struct netr_Credential creds; + struct netr_ServerAuthenticate a; + struct netr_Credential client_chal, server_chal, cred2; + uint8 session_key[8]; + const char *plain_pass; + uint8 mach_pwd[16]; printf("Testing ServerReqChallenge"); - ZERO_STRUCT(creds); + ZERO_STRUCT(client_chal); - generate_random_buffer(creds.cred, sizeof(creds.cred), False); + generate_random_buffer(client_chal.data, sizeof(client_chal.data), False); r.in.server_name = NULL; r.in.computer_name = lp_netbios_name(); - r.in.credential = &creds; - r.out.credential = &creds; + r.in.credential = &client_chal; + r.out.credential = &server_chal; status = dcerpc_netr_ServerReqChallenge(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -88,8 +92,31 @@ static BOOL test_Challenge(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) return False; } + plain_pass = secrets_fetch_machine_password(); + if (!plain_pass) { + printf("Unable to fetch machine password!\n"); + return False; + } + + E_md4hash(plain_pass, mach_pwd); + cred_session_key(&client_chal, &server_chal, mach_pwd, session_key); + + cred_create(session_key, &client_chal, 0, &cred2); + + a.in.server_name = NULL; + a.in.username = talloc_asprintf(mem_ctx, "%s$", lp_netbios_name()); + a.in.secure_challenge_type = 2; + a.in.computer_name = lp_netbios_name(); + a.in.client_challenge = &cred2; + a.out.client_challenge = &cred2; + + status = dcerpc_netr_ServerAuthenticate(p, mem_ctx, &a); + if (!NT_STATUS_IS_OK(status)) { + printf("ServerAuthenticate - %s\n", nt_errstr(status)); + return False; + } + return True; - } @@ -120,7 +147,7 @@ BOOL torture_rpc_netlogon(int dummy) ret = False; } - if (!test_Challenge(p, mem_ctx)) { + if (!test_Authenticate(p, mem_ctx)) { ret = False; } |