From 8087d844ef59a82617be51f7c887b9bafe362f80 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 3 Jun 2004 23:15:16 +0000 Subject: r995: - renamed many of our crypto routines to use the industry standard names rather than our crazy naming scheme. So DES is now called des_crypt() rather than smbhash() - added the code from the solution of the ADS crypto challenge that allows Samba to correctly handle a 128 bit session key in all of the netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard from PADL for solving this one! - restructured the server side rpc authentication to allow for other than NTLMSSP sign and seal. This commit just adds the structure, the next commit will add schannel server side support. - added 128 bit session key support to our client side code, and testing against w2k3 with smbtorture. Works well. (This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee) --- source4/torture/rpc/samr.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'source4/torture/rpc/samr.c') diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 3a243abfce..dab1b3bed5 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -364,7 +364,7 @@ static BOOL test_SetUserPass(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return False; } - SamOEMhashBlob(u.info24.password.data, 516, &session_key); + arcfour_crypt_blob(u.info24.password.data, 516, &session_key); printf("Testing SetUserInfo level 24 (set password)\n"); @@ -408,7 +408,7 @@ static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return False; } - SamOEMhashBlob(u.info23.password.data, 516, &session_key); + arcfour_crypt_blob(u.info23.password.data, 516, &session_key); printf("Testing SetUserInfo level 23 (set password)\n"); @@ -459,7 +459,7 @@ static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, MD5Update(&ctx, session_key.data, session_key.length); MD5Final(confounded_session_key.data, &ctx); - SamOEMhashBlob(u.info26.password.data, 516, &confounded_session_key); + arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key); memcpy(&u.info26.password.data[516], confounder, 16); printf("Testing SetUserInfo level 26 (set password ex)\n"); @@ -513,7 +513,7 @@ static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, MD5Update(&ctx, session_key.data, session_key.length); MD5Final(confounded_session_key.data, &ctx); - SamOEMhashBlob(u.info25.password.data, 516, &confounded_session_key); + arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key); memcpy(&u.info25.password.data[516], confounder, 16); printf("Testing SetUserInfo level 25 (set password ex)\n"); @@ -810,7 +810,7 @@ static BOOL test_OemChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_c E_deshash(newpass, new_lm_hash); encode_pw_buffer(lm_pass.data, newpass, STR_ASCII); - SamOEMhash(lm_pass.data, old_lm_hash, 516); + arcfour_crypt(lm_pass.data, old_lm_hash, 516); E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash); r.in.server = &server; @@ -856,11 +856,11 @@ static BOOL test_ChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, E_deshash(newpass, new_lm_hash); encode_pw_buffer(lm_pass.data, newpass, STR_ASCII|STR_TERMINATE); - SamOEMhash(lm_pass.data, old_lm_hash, 516); + arcfour_crypt(lm_pass.data, old_lm_hash, 516); E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash); encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE); - SamOEMhash(nt_pass.data, old_nt_hash, 516); + arcfour_crypt(nt_pass.data, old_nt_hash, 516); E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash); r.in.server = &server; @@ -909,11 +909,11 @@ static BOOL test_ChangePasswordUser3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, E_deshash(newpass, new_lm_hash); encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE); - SamOEMhash(lm_pass.data, old_nt_hash, 516); + arcfour_crypt(lm_pass.data, old_nt_hash, 516); E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash); encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE); - SamOEMhash(nt_pass.data, old_nt_hash, 516); + arcfour_crypt(nt_pass.data, old_nt_hash, 516); E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash); r.in.server = &server; -- cgit