summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/build/pidl/parser.pm12
-rw-r--r--source4/libcli/auth/credentials.c11
-rw-r--r--source4/librpc/idl/netlogon.idl25
-rw-r--r--source4/librpc/ndr/libndr.h4
-rw-r--r--source4/passdb/secrets.c2
-rw-r--r--source4/torture/rpc/lsa.c5
-rw-r--r--source4/torture/rpc/netlogon.c102
-rw-r--r--source4/torture/rpc/samr.c11
8 files changed, 122 insertions, 50 deletions
diff --git a/source4/build/pidl/parser.pm b/source4/build/pidl/parser.pm
index 095c083514..1ba1a57cab 100644
--- a/source4/build/pidl/parser.pm
+++ b/source4/build/pidl/parser.pm
@@ -405,6 +405,12 @@ sub ParseElementPrintScalar($$)
return;
}
+ if (my $value = util::has_property($e, "value")) {
+ pidl "\tif (ndr->flags & LIBNDR_PRINT_SET_VALUES) {\n";
+ pidl "\t\t$cprefix$var_prefix$e->{NAME} = $value;\n";
+ pidl "\t}\n";
+ }
+
if (util::is_fixed_array($e)) {
ParseElementPrintBuffer($e, $var_prefix);
} elsif (util::has_direct_buffers($e)) {
@@ -1100,7 +1106,11 @@ sub ParseFunctionPrint($)
pidl "\n{\n";
pidl "\tndr_print_struct(ndr, name, \"$fn->{NAME}\");\n";
pidl "\tndr->depth++;\n";
-
+
+ pidl "\tif (flags & NDR_SET_VALUES) {\n";
+ pidl "\t\tndr->flags |= LIBNDR_PRINT_SET_VALUES;\n";
+ pidl "}\n";
+
pidl "\tif (flags & NDR_IN) {\n";
pidl "\t\tndr_print_struct(ndr, \"in\", \"$fn->{NAME}\");\n";
pidl "\tndr->depth++;\n";
diff --git a/source4/libcli/auth/credentials.c b/source4/libcli/auth/credentials.c
index 80ea2e9583..1749037e8f 100644
--- a/source4/libcli/auth/credentials.c
+++ b/source4/libcli/auth/credentials.c
@@ -109,3 +109,14 @@ void creds_authenticator(struct netr_CredentialState *creds,
next->cred = creds->cred2;
next->timestamp = creds->sequence;
}
+
+
+/*
+ encrypt a 16 byte password buffer using the session key
+*/
+void creds_encrypt(struct netr_CredentialState *creds, struct netr_Password *pass)
+{
+ struct netr_Password tmp;
+ cred_hash3(tmp.data, pass->data, creds->session_key, 1);
+ *pass = tmp;
+}
diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl
index efdbed34be..6dd7ae3fe5 100644
--- a/source4/librpc/idl/netlogon.idl
+++ b/source4/librpc/idl/netlogon.idl
@@ -91,7 +91,7 @@ interface netlogon
} netr_IdentityInfo;
typedef [flag(NDR_PAHEX)] struct {
- uint8 password[16];
+ uint8 data[16];
} netr_Password;
typedef struct {
@@ -252,19 +252,18 @@ interface netlogon
[in,out] netr_Credential credentials
);
-#if 0
- typedef struct {
- uint8 encrypted_password[16];
- } ENCRYPTED_LM_OWF_PASSWORD;
- WERROR netr_ServerPasswordSet(
- [in] unistr *server_name,
- [in] unistr username,
- [in] uint16 secure_challenge_type,
- [in] unistr ComputerName,
- [in][ref] AUTHENTICATOR credential,
- [in][ref] LM_OWF_PASSWORD UasNewPassword,
- [out][ref] AUTHENTICATOR return_authenticator
+
+ NTSTATUS netr_ServerPasswordSet(
+ [in] unistr *server_name,
+ [in] unistr username,
+ [in] uint16 secure_challenge_type,
+ [in] unistr computer_name,
+ [in] netr_Authenticator credential,
+ [in] netr_Password new_password,
+ [out] netr_Authenticator return_authenticator
);
+
+#if 0
typedef struct {
unistr *username;
netr_String dummy1;
diff --git a/source4/librpc/ndr/libndr.h b/source4/librpc/ndr/libndr.h
index cce0b12b73..8e57d0fb73 100644
--- a/source4/librpc/ndr/libndr.h
+++ b/source4/librpc/ndr/libndr.h
@@ -111,6 +111,7 @@ struct ndr_print {
#define LIBNDR_ALIGN_FLAGS (LIBNDR_FLAG_ALIGN2|LIBNDR_FLAG_ALIGN4|LIBNDR_FLAG_ALIGN8)
#define LIBNDR_PRINT_ARRAY_HEX (1<<15)
+#define LIBNDR_PRINT_SET_VALUES (1<<16)
/* useful macro for debugging */
@@ -119,7 +120,7 @@ struct ndr_print {
#define NDR_PRINT_FUNCTION_DEBUG(type, flags, p) ndr_print_function_debug((ndr_print_function_t)ndr_print_ ##type, #type, flags, p)
#define NDR_PRINT_BOTH_DEBUG(type, p) NDR_PRINT_FUNCTION_DEBUG(type, NDR_BOTH, p)
#define NDR_PRINT_OUT_DEBUG(type, p) NDR_PRINT_FUNCTION_DEBUG(type, NDR_OUT, p)
-#define NDR_PRINT_IN_DEBUG(type, p) NDR_PRINT_FUNCTION_DEBUG(type, NDR_IN, p)
+#define NDR_PRINT_IN_DEBUG(type, p) NDR_PRINT_FUNCTION_DEBUG(type, NDR_IN | NDR_SET_VALUES, p)
enum ndr_err_code {
@@ -149,6 +150,7 @@ enum ndr_err_code {
#define NDR_IN 1
#define NDR_OUT 2
#define NDR_BOTH 3
+#define NDR_SET_VALUES 4
#define NDR_PULL_NEED_BYTES(ndr, n) do { \
if ((n) > ndr->data_size || ndr->offset + (n) > ndr->data_size) { \
diff --git a/source4/passdb/secrets.c b/source4/passdb/secrets.c
index 01eb82f414..60e211e66f 100644
--- a/source4/passdb/secrets.c
+++ b/source4/passdb/secrets.c
@@ -82,7 +82,7 @@ BOOL secrets_store(const char *key, const void *data, size_t size)
dbuf.dptr = memdup(data, size);
dbuf.dsize = size;
- ret = tdb_store(tdb, kbuf, dbuf, TDB_REPLACE) == 0;
+ ret = tdb_store(tdb, kbuf, dbuf, TDB_REPLACE);
free(kbuf.dptr);
free(dbuf.dptr);
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index c98b7ec60a..84b29281e5 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -21,14 +21,9 @@
#include "includes.h"
-/*
- this makes the debug code display the right thing
-*/
static void init_lsa_Name(struct lsa_Name *name, const char *s)
{
name->name = s;
- name->name_len = strlen_m(s)*2;
- name->name_size = name->name_len;
}
static BOOL test_OpenPolicy(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 50b72dfec1..bef658e92f 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -65,20 +65,14 @@ static BOOL test_LogonUasLogoff(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
}
-static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
+static BOOL test_SetupCredentials(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct netr_CredentialState *creds)
{
NTSTATUS status;
struct netr_ServerReqChallenge r;
struct netr_ServerAuthenticate a;
- struct netr_LogonSamLogon l;
- struct netr_LogonSamLogoff lo;
const char *plain_pass;
uint8 mach_pwd[16];
- struct netr_Authenticator auth, auth2;
- struct netr_NetworkInfo ninfo;
- const char *username = lp_parm_string(-1, "torture", "username");
- const char *password = lp_parm_string(-1, "torture", "password");
- struct netr_CredentialState creds;
printf("Testing ServerReqChallenge\n");
@@ -100,7 +94,7 @@ static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
E_md4hash(plain_pass, mach_pwd);
- creds_init(&creds, &r.in.credentials, &r.out.credentials, mach_pwd,
+ creds_init(creds, &r.in.credentials, &r.out.credentials, mach_pwd,
&a.in.credentials);
a.in.server_name = NULL;
@@ -116,11 +110,31 @@ static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
return False;
}
- if (!creds_check(&creds, &a.out.credentials)) {
+ if (!creds_check(creds, &a.out.credentials)) {
printf("Credential chaining failed\n");
return False;
}
+ return True;
+}
+
+/*
+ try a netlogon SamLogon
+*/
+static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
+{
+ NTSTATUS status;
+ struct netr_LogonSamLogon r;
+ struct netr_Authenticator auth, auth2;
+ struct netr_NetworkInfo ninfo;
+ const char *username = lp_parm_string(-1, "torture", "username");
+ const char *password = lp_parm_string(-1, "torture", "password");
+ struct netr_CredentialState creds;
+
+ if (!test_SetupCredentials(p, mem_ctx, &creds)) {
+ return False;
+ }
+
ninfo.logon_info.domain_name.string = lp_workgroup();
ninfo.logon_info.parameter_control = 0;
ninfo.logon_info.logon_id_low = 0;
@@ -140,23 +154,69 @@ static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
creds_authenticator(&creds, &auth);
- l.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
- l.in.workstation = lp_netbios_name();
- l.in.credential = &auth;
- l.in.authenticator = &auth2;
- l.in.logon_level = 2;
- l.in.logon.network = &ninfo;
- l.in.validation_level = 2;
+ r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
+ r.in.workstation = lp_netbios_name();
+ r.in.credential = &auth;
+ r.in.authenticator = &auth2;
+ r.in.logon_level = 2;
+ r.in.logon.network = &ninfo;
+ r.in.validation_level = 2;
printf("Testing SamLogon\n");
- status = dcerpc_netr_LogonSamLogon(p, mem_ctx, &l);
+ status = dcerpc_netr_LogonSamLogon(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("LogonSamLogon - %s\n", nt_errstr(status));
return False;
}
- if (!creds_check(&creds, &l.out.authenticator->cred)) {
+ if (!creds_check(&creds, &r.out.authenticator->cred)) {
+ printf("Credential chaining failed\n");
+ }
+
+ return True;
+}
+
+
+/*
+ try a change password for our machine account
+*/
+static BOOL test_SetPassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
+{
+ NTSTATUS status;
+ struct netr_ServerPasswordSet r;
+ const char *password;
+ struct netr_CredentialState creds;
+
+ if (!test_SetupCredentials(p, mem_ctx, &creds)) {
+ return False;
+ }
+
+ creds_authenticator(&creds, &r.in.credential);
+
+ r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
+ r.in.username = talloc_asprintf(mem_ctx, "%s$", lp_netbios_name());
+ r.in.secure_challenge_type = 2;
+ r.in.computer_name = lp_netbios_name();
+
+ password = generate_random_str(8);
+ E_md4hash(password, r.in.new_password.data);
+
+ creds_encrypt(&creds, &r.in.new_password);
+
+ printf("Testing ServerPasswordSet on machine account\n");
+
+ status = dcerpc_netr_ServerPasswordSet(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ServerPasswordSet - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ if (!secrets_store_machine_password(password)) {
+ printf("Failed to save machine password\n");
+ }
+
+ if (!creds_check(&creds, &r.out.return_authenticator.cred)) {
printf("Credential chaining failed\n");
}
@@ -191,6 +251,10 @@ BOOL torture_rpc_netlogon(int dummy)
ret = False;
}
+ if (!test_SetPassword(p, mem_ctx)) {
+ ret = False;
+ }
+
if (!test_SamLogon(p, mem_ctx)) {
ret = False;
}
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index f7006241b5..45a0c4f02d 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -26,18 +26,9 @@
static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct policy_handle *handle);
-/*
- this makes the debug code display the right thing
-*/
static void init_samr_Name(struct samr_Name *name, const char *s)
{
- name->name_len = strlen_m(s)*2;
- name->name_size = name->name_len;
- if (name->name_len == 0) {
- name->name = NULL;
- } else {
- name->name = s;
- }
+ name->name = s;
}
static BOOL test_Close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,