summaryrefslogtreecommitdiff
path: root/source4/torture
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2003-12-01 04:13:43 +0000
committerAndrew Tridgell <tridge@samba.org>2003-12-01 04:13:43 +0000
commitb4b0177fdb5f1704a7347552e48b2ab647a03d14 (patch)
tree685933c2327ddf0ec5323cfa206c8a73bab0a1c7 /source4/torture
parent5b46116923fb7c2945db128736b7f8113ea1a160 (diff)
downloadsamba-b4b0177fdb5f1704a7347552e48b2ab647a03d14.tar.gz
samba-b4b0177fdb5f1704a7347552e48b2ab647a03d14.tar.bz2
samba-b4b0177fdb5f1704a7347552e48b2ab647a03d14.zip
added netr_ServerAuthenticate() and test code
I would like the netlogon test suite to eventually do a new domain join using a fake workstation name, then remove itself afterwards, but for now I'm assuming we are already joined to the domain when the testsuite runs. This means you need to use the Samba3 net command to do a join before running RPC-NETLOGON (This used to be commit 8c7a9446a0892a4f7722cced5019667f7a9fafdd)
Diffstat (limited to 'source4/torture')
-rw-r--r--source4/torture/rpc/netlogon.c43
1 files changed, 35 insertions, 8 deletions
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 0f22b1a44b..68937a4947 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -65,22 +65,26 @@ static BOOL test_LogonUasLogoff(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
}
-static BOOL test_Challenge(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
+static BOOL test_Authenticate(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
struct netr_ServerReqChallenge r;
- struct netr_Credential creds;
+ struct netr_ServerAuthenticate a;
+ struct netr_Credential client_chal, server_chal, cred2;
+ uint8 session_key[8];
+ const char *plain_pass;
+ uint8 mach_pwd[16];
printf("Testing ServerReqChallenge");
- ZERO_STRUCT(creds);
+ ZERO_STRUCT(client_chal);
- generate_random_buffer(creds.cred, sizeof(creds.cred), False);
+ generate_random_buffer(client_chal.data, sizeof(client_chal.data), False);
r.in.server_name = NULL;
r.in.computer_name = lp_netbios_name();
- r.in.credential = &creds;
- r.out.credential = &creds;
+ r.in.credential = &client_chal;
+ r.out.credential = &server_chal;
status = dcerpc_netr_ServerReqChallenge(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -88,8 +92,31 @@ static BOOL test_Challenge(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
return False;
}
+ plain_pass = secrets_fetch_machine_password();
+ if (!plain_pass) {
+ printf("Unable to fetch machine password!\n");
+ return False;
+ }
+
+ E_md4hash(plain_pass, mach_pwd);
+ cred_session_key(&client_chal, &server_chal, mach_pwd, session_key);
+
+ cred_create(session_key, &client_chal, 0, &cred2);
+
+ a.in.server_name = NULL;
+ a.in.username = talloc_asprintf(mem_ctx, "%s$", lp_netbios_name());
+ a.in.secure_challenge_type = 2;
+ a.in.computer_name = lp_netbios_name();
+ a.in.client_challenge = &cred2;
+ a.out.client_challenge = &cred2;
+
+ status = dcerpc_netr_ServerAuthenticate(p, mem_ctx, &a);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ServerAuthenticate - %s\n", nt_errstr(status));
+ return False;
+ }
+
return True;
-
}
@@ -120,7 +147,7 @@ BOOL torture_rpc_netlogon(int dummy)
ret = False;
}
- if (!test_Challenge(p, mem_ctx)) {
+ if (!test_Authenticate(p, mem_ctx)) {
ret = False;
}