From 1c9fe1157cda484e6d450de9b2fe49ff57663a2e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 20 Mar 2008 21:10:39 +0100 Subject: Fix a warning Without this patch I get ./libcli/security/proto.h:45: warning: 'struct auth_session_info' declared inside parameter list (This used to be commit 078a6fdb3f8e389102a07b81b6b8d87fa8bf17c3) --- source4/torture/rpc/samba3rpc.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4') diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index 95252e7397..d881fbfc8b 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -47,6 +47,7 @@ #include "libcli/smb_composite/smb_composite.h" #include "libcli/auth/libcli_auth.h" #include "lib/crypto/crypto.h" +#include "auth/ntlmssp/ntlmssp.h" #include "libcli/security/proto.h" #include "param/param.h" #include "lib/registry/registry.h" -- cgit From 21c7afd9b0aa4c32d42b5f6acd042bf833e9e9b6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 20 Mar 2008 21:11:49 +0100 Subject: Add the workstation to the anon sessetup credentials Without this patch the RPC-SAMBA3SESSIONKEY against W2k3 gives INVALID_PARAMETER for the anonymous session setup (This used to be commit eb459be878e98cb58c6b5779584e187cdcbf4f91) --- source4/torture/rpc/samba3rpc.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source4') diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index d881fbfc8b..c5f91cf4ea 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -1322,6 +1322,8 @@ bool torture_samba3_sessionkey(struct torture_context *torture) goto done; } + cli_credentials_set_workstation(anon_creds, wks_name, CRED_SPECIFIED); + ret = true; if (!torture_setting_bool(torture, "samba3", false)) { -- cgit From ce98599c14ffe9db5e86f9706fb9fa7a71c5998d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 20 Mar 2008 21:59:46 +0100 Subject: Prove that a setuserinfo level 25 does set the pwdlastset field Very likely this is not the full story, but as it happens so often this proof is needed to fix a direct s3 bug. (This used to be commit 16b4a3685bf59faee22882ee14ddb95918f64e22) --- source4/torture/rpc/samba3rpc.c | 50 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'source4') diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index c5f91cf4ea..204a9f2865 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -683,6 +683,7 @@ static bool join3(struct smbcli_state *cli, struct dcerpc_pipe *samr_pipe; struct policy_handle *wks_handle; bool ret = false; + NTTIME last_password_change; if ((mem_ctx = talloc_init("join3")) == NULL) { d_printf("talloc_init failed\n"); @@ -702,6 +703,22 @@ static bool join3(struct smbcli_state *cli, goto done; } + { + struct samr_QueryUserInfo q; + + q.in.user_handle = wks_handle; + q.in.level = 21; + + status = dcerpc_samr_QueryUserInfo(samr_pipe, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + d_printf("(%s) QueryUserInfo failed: %s\n", + __location__, nt_errstr(status)); + goto done; + } + + last_password_change = q.out.info->info21.last_password_change; + } + cli_credentials_set_domain(wks_creds, dom_name, CRED_SPECIFIED); if (use_level25) { @@ -795,6 +812,39 @@ static bool join3(struct smbcli_state *cli, } } + { + struct samr_QueryUserInfo q; + + q.in.user_handle = wks_handle; + q.in.level = 21; + + status = dcerpc_samr_QueryUserInfo(samr_pipe, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + d_printf("(%s) QueryUserInfo failed: %s\n", + __location__, nt_errstr(status)); + goto done; + } + + if (use_level25) { + if (last_password_change + == q.out.info->info21.last_password_change) { + d_printf("(%s) last_password_change unchanged " + "during join, level25 must change " + "it\n", __location__); + goto done; + } + } + else { + if (last_password_change + != q.out.info->info21.last_password_change) { + d_printf("(%s) last_password_change changed " + "during join, level24 doesn't " + "change it\n", __location__); + goto done; + } + } + } + ret = true; done: -- cgit From 482f33077b965bab7f6ccb82cee03b66d70c57b7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 21 Mar 2008 10:35:54 +0100 Subject: Add my copyright If I remember it right and when I look at the git log, then this way to do the async functions was designed by me. (This used to be commit 8d44f997c88b97fc40a88eebd50b6df720c0c10f) --- source4/libcli/composite/composite.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4') diff --git a/source4/libcli/composite/composite.c b/source4/libcli/composite/composite.c index aab7487a42..26169e7838 100644 --- a/source4/libcli/composite/composite.c +++ b/source4/libcli/composite/composite.c @@ -1,6 +1,7 @@ /* Unix SMB/CIFS implementation. + Copyright (C) Volker Lendecke 2005 Copyright (C) Andrew Tridgell 2005 This program is free software; you can redistribute it and/or modify -- cgit