From ce98599c14ffe9db5e86f9706fb9fa7a71c5998d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 20 Mar 2008 21:59:46 +0100 Subject: Prove that a setuserinfo level 25 does set the pwdlastset field Very likely this is not the full story, but as it happens so often this proof is needed to fix a direct s3 bug. (This used to be commit 16b4a3685bf59faee22882ee14ddb95918f64e22) --- source4/torture/rpc/samba3rpc.c | 50 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'source4') diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index c5f91cf4ea..204a9f2865 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -683,6 +683,7 @@ static bool join3(struct smbcli_state *cli, struct dcerpc_pipe *samr_pipe; struct policy_handle *wks_handle; bool ret = false; + NTTIME last_password_change; if ((mem_ctx = talloc_init("join3")) == NULL) { d_printf("talloc_init failed\n"); @@ -702,6 +703,22 @@ static bool join3(struct smbcli_state *cli, goto done; } + { + struct samr_QueryUserInfo q; + + q.in.user_handle = wks_handle; + q.in.level = 21; + + status = dcerpc_samr_QueryUserInfo(samr_pipe, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + d_printf("(%s) QueryUserInfo failed: %s\n", + __location__, nt_errstr(status)); + goto done; + } + + last_password_change = q.out.info->info21.last_password_change; + } + cli_credentials_set_domain(wks_creds, dom_name, CRED_SPECIFIED); if (use_level25) { @@ -795,6 +812,39 @@ static bool join3(struct smbcli_state *cli, } } + { + struct samr_QueryUserInfo q; + + q.in.user_handle = wks_handle; + q.in.level = 21; + + status = dcerpc_samr_QueryUserInfo(samr_pipe, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + d_printf("(%s) QueryUserInfo failed: %s\n", + __location__, nt_errstr(status)); + goto done; + } + + if (use_level25) { + if (last_password_change + == q.out.info->info21.last_password_change) { + d_printf("(%s) last_password_change unchanged " + "during join, level25 must change " + "it\n", __location__); + goto done; + } + } + else { + if (last_password_change + != q.out.info->info21.last_password_change) { + d_printf("(%s) last_password_change changed " + "during join, level24 doesn't " + "change it\n", __location__); + goto done; + } + } + } + ret = true; done: -- cgit