|
 |
b6b438 |
From d68771ee1f47bc238a2967ac43ccded3717d4bb5 Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Date: Thu, 21 Feb 2019 10:21:39 +0100
|
|
|
b6b438 |
Subject: [PATCH 039/187] s4:torture: Use init_samr_CryptPassword(Ex) in
|
|
|
b6b438 |
samba3rpc test
|
|
|
b6b438 |
|
|
|
b6b438 |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
(cherry picked from commit 80f5beb4804c694ee6e5f5b450e751f538677593)
|
|
|
b6b438 |
---
|
|
|
b6b438 |
source4/torture/rpc/samba3rpc.c | 43 ++++++++++++++-------------------
|
|
|
b6b438 |
1 file changed, 18 insertions(+), 25 deletions(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c
|
|
|
b6b438 |
index bf1de04a5b5..d55d6c47b57 100644
|
|
|
b6b438 |
--- a/source4/torture/rpc/samba3rpc.c
|
|
|
b6b438 |
+++ b/source4/torture/rpc/samba3rpc.c
|
|
|
b6b438 |
@@ -36,7 +36,6 @@
|
|
|
b6b438 |
#include "libcli/libcli.h"
|
|
|
b6b438 |
#include "libcli/smb_composite/smb_composite.h"
|
|
|
b6b438 |
#include "libcli/auth/libcli_auth.h"
|
|
|
b6b438 |
-#include "../lib/crypto/crypto.h"
|
|
|
b6b438 |
#include "libcli/security/security.h"
|
|
|
b6b438 |
#include "param/param.h"
|
|
|
b6b438 |
#include "lib/registry/registry.h"
|
|
|
b6b438 |
@@ -47,9 +46,7 @@
|
|
|
b6b438 |
#include "librpc/rpc/dcerpc.h"
|
|
|
b6b438 |
#include "librpc/rpc/dcerpc_proto.h"
|
|
|
b6b438 |
#include "libcli/smb/smbXcli_base.h"
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-#include <gnutls/gnutls.h>
|
|
|
b6b438 |
-#include <gnutls/crypto.h>
|
|
|
b6b438 |
+#include "source3/rpc_client/init_samr.h"
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
* open pipe and bind, given an IPC$ context
|
|
|
b6b438 |
@@ -666,7 +663,6 @@ static bool create_user(struct torture_context *tctx,
|
|
|
b6b438 |
union samr_UserInfo *info;
|
|
|
b6b438 |
DATA_BLOB session_key;
|
|
|
b6b438 |
|
|
|
b6b438 |
-
|
|
|
b6b438 |
ZERO_STRUCT(u_info);
|
|
|
b6b438 |
encode_pw_buffer(u_info.info23.password.data, password,
|
|
|
b6b438 |
STR_UNICODE);
|
|
|
b6b438 |
@@ -676,8 +672,15 @@ static bool create_user(struct torture_context *tctx,
|
|
|
b6b438 |
torture_comment(tctx, "dcerpc_fetch_session_key failed\n");
|
|
|
b6b438 |
goto done;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
- arcfour_crypt_blob(u_info.info23.password.data, 516,
|
|
|
b6b438 |
- &session_key);
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ status = init_samr_CryptPassword(password,
|
|
|
b6b438 |
+ &session_key,
|
|
|
b6b438 |
+ &u_info.info23.password);
|
|
|
b6b438 |
+ if (!NT_STATUS_IS_OK(status)) {
|
|
|
b6b438 |
+ torture_comment(tctx, "init_samr_CryptPassword failed\n");
|
|
|
b6b438 |
+ goto done;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
+
|
|
|
b6b438 |
u_info.info23.info.password_expired = 0;
|
|
|
b6b438 |
u_info.info23.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
|
|
|
b6b438 |
SAMR_FIELD_LM_PASSWORD_PRESENT |
|
|
|
b6b438 |
@@ -872,10 +875,6 @@ static bool join3(struct torture_context *tctx,
|
|
|
b6b438 |
union samr_UserInfo u_info;
|
|
|
b6b438 |
struct samr_UserInfo21 *i21 = &u_info.info25.info;
|
|
|
b6b438 |
DATA_BLOB session_key;
|
|
|
b6b438 |
- DATA_BLOB confounded_session_key = data_blob_talloc(
|
|
|
b6b438 |
- mem_ctx, NULL, 16);
|
|
|
b6b438 |
- gnutls_hash_hd_t hash_hnd;
|
|
|
b6b438 |
- uint8_t confounder[16];
|
|
|
b6b438 |
|
|
|
b6b438 |
ZERO_STRUCT(u_info);
|
|
|
b6b438 |
|
|
|
b6b438 |
@@ -890,25 +889,16 @@ static bool join3(struct torture_context *tctx,
|
|
|
b6b438 |
i21->password_expired = 1;
|
|
|
b6b438 |
*/
|
|
|
b6b438 |
|
|
|
b6b438 |
- encode_pw_buffer(u_info.info25.password.data,
|
|
|
b6b438 |
- cli_credentials_get_password(wks_creds),
|
|
|
b6b438 |
- STR_UNICODE);
|
|
|
b6b438 |
status = dcerpc_fetch_session_key(samr_pipe, &session_key);
|
|
|
b6b438 |
if (!NT_STATUS_IS_OK(status)) {
|
|
|
b6b438 |
torture_comment(tctx, "dcerpc_fetch_session_key failed: %s\n",
|
|
|
b6b438 |
nt_errstr(status));
|
|
|
b6b438 |
goto done;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
- generate_random_buffer((uint8_t *)confounder, 16);
|
|
|
b6b438 |
|
|
|
b6b438 |
- gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
|
|
|
b6b438 |
- gnutls_hash(hash_hnd, confounder, 16);
|
|
|
b6b438 |
- gnutls_hash(hash_hnd, session_key.data, session_key.length);
|
|
|
b6b438 |
- gnutls_hash_deinit(hash_hnd, confounded_session_key.data);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- arcfour_crypt_blob(u_info.info25.password.data, 516,
|
|
|
b6b438 |
- &confounded_session_key);
|
|
|
b6b438 |
- memcpy(&u_info.info25.password.data[516], confounder, 16);
|
|
|
b6b438 |
+ status = init_samr_CryptPasswordEx(cli_credentials_get_password(wks_creds),
|
|
|
b6b438 |
+ &session_key,
|
|
|
b6b438 |
+ &u_info.info25.password);
|
|
|
b6b438 |
|
|
|
b6b438 |
sui2.in.user_handle = wks_handle;
|
|
|
b6b438 |
sui2.in.level = 25;
|
|
|
b6b438 |
@@ -942,8 +932,11 @@ static bool join3(struct torture_context *tctx,
|
|
|
b6b438 |
torture_comment(tctx, "dcerpc_fetch_session_key failed\n");
|
|
|
b6b438 |
goto done;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
- arcfour_crypt_blob(u_info.info24.password.data, 516,
|
|
|
b6b438 |
- &session_key);
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ status = init_samr_CryptPassword(cli_credentials_get_password(wks_creds),
|
|
|
b6b438 |
+ &session_key,
|
|
|
b6b438 |
+ &u_info.info24.password);
|
|
|
b6b438 |
+
|
|
|
b6b438 |
sui2.in.user_handle = wks_handle;
|
|
|
b6b438 |
sui2.in.info = &u_info;
|
|
|
b6b438 |
sui2.in.level = 24;
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|