diff options
Diffstat (limited to 'source4/torture/basic')
-rw-r--r-- | source4/torture/basic/secleak.c | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/source4/torture/basic/secleak.c b/source4/torture/basic/secleak.c new file mode 100644 index 0000000000..80bc799df0 --- /dev/null +++ b/source4/torture/basic/secleak.c @@ -0,0 +1,68 @@ +/* + Unix SMB/CIFS implementation. + + find security related memory leaks + + Copyright (C) Andrew Tridgell 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +static BOOL try_failed_login(struct smbcli_state *cli) +{ + NTSTATUS status; + union smb_sesssetup setup; + struct smbcli_session *session; + TALLOC_CTX *mem_ctx = talloc_init("failed_login"); + + session = smbcli_session_init(cli->transport); + setup.generic.level = RAW_SESSSETUP_GENERIC; + setup.generic.in.sesskey = cli->transport->negotiate.sesskey; + setup.generic.in.capabilities = cli->transport->negotiate.capabilities; + setup.generic.in.password = "INVALID-PASSWORD"; + setup.generic.in.user = "INVALID-USERNAME"; + setup.generic.in.domain = "INVALID-DOMAIN"; + + status = smb_raw_session_setup(session, mem_ctx, &setup); + if (NT_STATUS_IS_OK(status)) { + printf("Allowed session setup with invalid credentials?!\n"); + return False; + } + + smbcli_session_close(session); + talloc_free(mem_ctx); + + return True; +} + +BOOL torture_sec_leak(int dummy) +{ + struct smbcli_state *cli; + time_t t1 = time(NULL); + + if (!torture_open_connection(&cli)) { + return False; + } + + while (time(NULL) < t1+20) { + if (!try_failed_login(cli)) { + return False; + } + } + + return True; +} |