From 931927d2a3c8b990554f363795767015ba342882 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 30 Apr 2004 03:57:48 +0000 Subject: r420: added nicer names for the field bits in userinfo21 added tests for the level 23 and 25 password change methods (This used to be commit d49f7a6a0d1895de3d654a5b46c6aec3a57fde76) --- source4/librpc/idl/samr.idl | 16 ++++- source4/torture/rpc/samr.c | 142 ++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 143 insertions(+), 15 deletions(-) diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl index c079114ef3..626a4b579e 100644 --- a/source4/librpc/idl/samr.idl +++ b/source4/librpc/idl/samr.idl @@ -644,6 +644,19 @@ samr_Name callback; } samr_UserInfo20; + /* this defines the bits used for fields_present in info21 */ + const int SAMR_FIELD_NAME = 0x00000002; + const int SAMR_FIELD_DESCRIPTION = 0x00000010; + const int SAMR_FIELD_COMMENT = 0x00000020; + const int SAMR_FIELD_LOGON_SCRIPT = 0x00000100; + const int SAMR_FIELD_PROFILE = 0x00000200; + const int SAMR_FIELD_WORKSTATION = 0x00000400; + const int SAMR_FIELD_LOGON_HOURS = 0x00002000; + const int SAMR_FIELD_CALLBACK = 0x00200000; + const int SAMR_FIELD_COUNTRY_CODE = 0x00400000; + const int SAMR_FIELD_CODE_PAGE = 0x00800000; + const int SAMR_FIELD_PASSWORD = 0x03000000; /* 2 bits!? */ + typedef struct { NTTIME last_logon; NTTIME last_logoff; @@ -695,7 +708,7 @@ uint16 pw_len; } samr_UserInfo24; - typedef struct { + typedef [flag(NDR_PAHEX)] struct { uint8 data[532]; } samr_CryptPasswordEx; @@ -986,7 +999,6 @@ /************************/ /* Function 0x32 */ NTSTATUS samr_CreateUser2( - /************************/ [in,ref] policy_handle *handle, [in,ref] samr_Name *username, [in] uint32 acct_flags, diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index d77beccf98..a0b6a61c48 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -234,7 +234,7 @@ static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, if (lvl1 == 21) { \ uint8 *bitmap = u.info21.logon_hours.bitmap; \ ZERO_STRUCT(u.info21); \ - if (fpval == 0x00002000) { \ + if (fpval == SAMR_FIELD_LOGON_HOURS) { \ u.info21.logon_hours.units_per_week = 168; \ u.info21.logon_hours.bitmap = bitmap; \ } \ @@ -258,7 +258,8 @@ static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, TEST_USERINFO_NAME(2, comment, 1, comment, "xx2-1 comment", 0); TEST_USERINFO_NAME(2, comment, 21, comment, "xx2-21 comment", 0); - TEST_USERINFO_NAME(21, comment, 21, comment, "xx21-21 comment", 0x00000020); + TEST_USERINFO_NAME(21, comment, 21, comment, "xx21-21 comment", + SAMR_FIELD_COMMENT); TEST_USERINFO_NAME(6, full_name, 1, full_name, "xx6-1 full_name", 0); TEST_USERINFO_NAME(6, full_name, 3, full_name, "xx6-3 full_name", 0); @@ -267,40 +268,50 @@ static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, TEST_USERINFO_NAME(6, full_name, 8, full_name, "xx6-8 full_name", 0); TEST_USERINFO_NAME(6, full_name, 21, full_name, "xx6-21 full_name", 0); TEST_USERINFO_NAME(8, full_name, 21, full_name, "xx8-21 full_name", 0); - TEST_USERINFO_NAME(21, full_name, 21, full_name, "xx21-21 full_name", 0x00000002); + TEST_USERINFO_NAME(21, full_name, 21, full_name, "xx21-21 full_name", + SAMR_FIELD_NAME); TEST_USERINFO_NAME(11, logon_script, 3, logon_script, "xx11-3 logon_script", 0); TEST_USERINFO_NAME(11, logon_script, 5, logon_script, "xx11-5 logon_script", 0); TEST_USERINFO_NAME(11, logon_script, 21, logon_script, "xx11-21 logon_script", 0); - TEST_USERINFO_NAME(21, logon_script, 21, logon_script, "xx21-21 logon_script", 0x00000100); + TEST_USERINFO_NAME(21, logon_script, 21, logon_script, "xx21-21 logon_script", + SAMR_FIELD_LOGON_SCRIPT); TEST_USERINFO_NAME(12, profile, 3, profile, "xx12-3 profile", 0); TEST_USERINFO_NAME(12, profile, 5, profile, "xx12-5 profile", 0); TEST_USERINFO_NAME(12, profile, 21, profile, "xx12-21 profile", 0); - TEST_USERINFO_NAME(21, profile, 21, profile, "xx21-21 profile", 0x00000200); + TEST_USERINFO_NAME(21, profile, 21, profile, "xx21-21 profile", + SAMR_FIELD_PROFILE); TEST_USERINFO_NAME(13, description, 1, description, "xx13-1 description", 0); TEST_USERINFO_NAME(13, description, 5, description, "xx13-5 description", 0); TEST_USERINFO_NAME(13, description, 21, description, "xx13-21 description", 0); - TEST_USERINFO_NAME(21, description, 21, description, "xx21-21 description", 0x00000010); + TEST_USERINFO_NAME(21, description, 21, description, "xx21-21 description", + SAMR_FIELD_DESCRIPTION); TEST_USERINFO_NAME(14, workstations, 3, workstations, "14workstation3", 0); TEST_USERINFO_NAME(14, workstations, 5, workstations, "14workstation4", 0); TEST_USERINFO_NAME(14, workstations, 21, workstations, "14workstation21", 0); - TEST_USERINFO_NAME(21, workstations, 21, workstations, "21workstation21", 0x00000400); + TEST_USERINFO_NAME(21, workstations, 21, workstations, "21workstation21", + SAMR_FIELD_WORKSTATION); TEST_USERINFO_NAME(20, callback, 21, callback, "xx20-21 callback", 0); - TEST_USERINFO_NAME(21, callback, 21, callback, "xx21-21 callback", 0x00200000); + TEST_USERINFO_NAME(21, callback, 21, callback, "xx21-21 callback", + SAMR_FIELD_CALLBACK); TEST_USERINFO_INT(2, country_code, 21, country_code, __LINE__, 0); - TEST_USERINFO_INT(21, country_code, 21, country_code, __LINE__, 0x00400000); + TEST_USERINFO_INT(21, country_code, 21, country_code, __LINE__, + SAMR_FIELD_COUNTRY_CODE); + TEST_USERINFO_INT(2, code_page, 21, code_page, __LINE__, 0); - TEST_USERINFO_INT(21, code_page, 21, code_page, __LINE__, 0x00800000); + TEST_USERINFO_INT(21, code_page, 21, code_page, __LINE__, + SAMR_FIELD_CODE_PAGE); TEST_USERINFO_INT(4, logon_hours.bitmap[3], 3, logon_hours.bitmap[3], 1, 0); TEST_USERINFO_INT(4, logon_hours.bitmap[3], 5, logon_hours.bitmap[3], 2, 0); TEST_USERINFO_INT(4, logon_hours.bitmap[3], 21, logon_hours.bitmap[3], 3, 0); - TEST_USERINFO_INT(21, logon_hours.bitmap[3], 21, logon_hours.bitmap[3], 4, 0x00002000); + TEST_USERINFO_INT(21, logon_hours.bitmap[3], 21, logon_hours.bitmap[3], 4, + SAMR_FIELD_LOGON_HOURS); #if 0 /* these fail with win2003 - it appears you can't set the primary gid? @@ -365,6 +376,50 @@ static BOOL test_SetUserPass(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } +static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle, char **password) +{ + NTSTATUS status; + struct samr_SetUserInfo s; + union samr_UserInfo u; + BOOL ret = True; + uint8 session_key[16]; + char *newpass = samr_rand_pass(mem_ctx); + + s.in.handle = handle; + s.in.info = &u; + s.in.level = 23; + + ZERO_STRUCT(u); + + u.info23.info.fields_present = SAMR_FIELD_PASSWORD; + + encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE); + + status = dcerpc_fetch_session_key(p, session_key); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u - no session key - %s\n", + s.in.level, nt_errstr(status)); + return False; + } + + SamOEMhash(u.info23.password.data, session_key, 516); + + printf("Testing SetUserInfo level 23 (set password)\n"); + + status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u failed - %s\n", + s.in.level, nt_errstr(status)); + ret = False; + } else { + *password = newpass; + } + + return ret; +} + + static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, char **password) { @@ -415,6 +470,59 @@ static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } +static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle, char **password) +{ + NTSTATUS status; + struct samr_SetUserInfo s; + union samr_UserInfo u; + BOOL ret = True; + uint8 session_key[16]; + uint8 confounder[16]; + char *newpass = samr_rand_pass(mem_ctx); + struct MD5Context ctx; + + s.in.handle = handle; + s.in.info = &u; + s.in.level = 25; + + ZERO_STRUCT(u); + + u.info25.info.fields_present = SAMR_FIELD_PASSWORD; + + encode_pw_buffer(u.info25.password.data, newpass, STR_UNICODE); + + status = dcerpc_fetch_session_key(p, session_key); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u - no session key - %s\n", + s.in.level, nt_errstr(status)); + return False; + } + + generate_random_buffer((unsigned char *)confounder, 16, False); + + MD5Init(&ctx); + MD5Update(&ctx, confounder, 16); + MD5Update(&ctx, session_key, 16); + MD5Final(session_key, &ctx); + + SamOEMhash(u.info25.password.data, session_key, 516); + memcpy(&u.info25.password.data[516], confounder, 16); + + printf("Testing SetUserInfo level 25 (set password ex)\n"); + + status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u failed - %s\n", + s.in.level, nt_errstr(status)); + ret = False; + } else { + *password = newpass; + } + + return ret; +} + static BOOL test_SetAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle) { @@ -1250,10 +1358,18 @@ static BOOL test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, ret = False; } + if (!test_SetUserPass_23(p, mem_ctx, user_handle, &password)) { + ret = False; + } + if (!test_SetUserPassEx(p, mem_ctx, user_handle, &password)) { ret = False; } + if (!test_SetUserPass_25(p, mem_ctx, user_handle, &password)) { + ret = False; + } + /* we change passwords twice - this has the effect of verifying they were changed correctly */ if (!test_ChangePassword(p, mem_ctx, domain_handle, &password)) { @@ -2280,8 +2396,8 @@ static BOOL test_GetBootKeyInformation(struct dcerpc_pipe *p, TALLOC_CTX *mem_ct status = dcerpc_samr_GetBootKeyInformation(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { - printf("GetBootKeyInformation failed - %s\n", nt_errstr(status)); - ret = False; + /* w2k3 seems to fail this sometimes and pass it sometimes */ + printf("GetBootKeyInformation (ignored) - %s\n", nt_errstr(status)); } return ret; -- cgit