From 81dcc99e9acb9a7e4c2358e5e44998e4718dc658 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 29 Aug 2008 15:06:30 +1000 Subject: It turns out that the Netlogon PAC verification is encrypted. This test now passes against Win2k3, and a implementation in the Samba4 server should follow shortly. Andrew Bartlett (This used to be commit c6b8ba893dd3ed90bca32c0ae89fd33be729c238) --- source4/torture/rpc/remote_pac.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source4/torture') diff --git a/source4/torture/rpc/remote_pac.c b/source4/torture/rpc/remote_pac.c index a01077a6c7..58c8ba0ee0 100644 --- a/source4/torture/rpc/remote_pac.c +++ b/source4/torture/rpc/remote_pac.c @@ -154,7 +154,9 @@ static bool test_PACVerify(struct torture_context *tctx, (ndr_push_flags_fn_t)ndr_push_PAC_Validate); torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), "ndr_push_struct_blob of PACValidate structure failed"); - + torture_assert(tctx, (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR), "not willing to even try a PACValidate without RC4 encryption"); + creds_arcfour_crypt(creds, pac_wrapped.data, pac_wrapped.length); + /* Validate it over the netlogon pipe */ generic.identity_info.parameter_control = 0; -- cgit