From 752f6efc6ac65cba6b8ebf125b19a6685a0d40c2 Mon Sep 17 00:00:00 2001

From: Andreas Schneider <asn@samba.org>

Date: Wed, 24 Jul 2019 16:49:53 +0200

Subject: [PATCH 045/187] s4:torture: Use GnuTLS RC4 in

 test_OemChangePasswordUser2

This uses STR_ASCII for password encoding!

Signed-off-by: Andreas Schneider <asn@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

(cherry picked from commit b512b5974494fe41010800f60df0f248b8ea850e)

---

 source4/torture/rpc/samr.c | 34 ++++++++++++++++++++++++++++++----

 1 file changed, 30 insertions(+), 4 deletions(-)

diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c

index 530c457bbd9..eb032905dc8 100644

--- a/source4/torture/rpc/samr.c

+++ b/source4/torture/rpc/samr.c

@@ -2032,6 +2032,11 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,

 	char *newpass;

 	struct dcerpc_binding_handle *b = p->binding_handle;

 	uint8_t old_lm_hash[16], new_lm_hash[16];

+	gnutls_cipher_hd_t cipher_hnd = NULL;

+	gnutls_datum_t session_key = {

+		.data = old_lm_hash,

+		.size = 16

+	};

 	struct samr_GetDomPwInfo dom_pw_info;

 	struct samr_PwInfo info;

@@ -2065,7 +2070,13 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,

 	E_deshash(newpass, new_lm_hash);

 	encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);

-	arcfour_crypt(lm_pass.data, old_lm_hash, 516);

+

+	gnutls_cipher_init(&cipher_hnd,

+			   GNUTLS_CIPHER_ARCFOUR_128,

+			   &session_key,

+			   NULL);

+	gnutls_cipher_encrypt(cipher_hnd, lm_pass.data, 516);

+	gnutls_cipher_deinit(cipher_hnd);

 	E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);

 	r.in.server = &server;

@@ -2092,7 +2103,12 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,

 	encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);

 	/* Break the old password */

 	old_lm_hash[0]++;

-	arcfour_crypt(lm_pass.data, old_lm_hash, 516);

+	gnutls_cipher_init(&cipher_hnd,

+			   GNUTLS_CIPHER_ARCFOUR_128,

+			   &session_key,

+			   NULL);

+	gnutls_cipher_encrypt(cipher_hnd, lm_pass.data, 516);

+	gnutls_cipher_deinit(cipher_hnd);

 	/* unbreak it for the next operation */

 	old_lm_hash[0]--;

 	E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);

@@ -2116,7 +2132,12 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,

 	}

 	encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);

-	arcfour_crypt(lm_pass.data, old_lm_hash, 516);

+	gnutls_cipher_init(&cipher_hnd,

+			   GNUTLS_CIPHER_ARCFOUR_128,

+			   &session_key,

+			   NULL);

+	gnutls_cipher_encrypt(cipher_hnd, lm_pass.data, 516);

+	gnutls_cipher_deinit(cipher_hnd);

 	r.in.server = &server;

 	r.in.account = &account;

@@ -2192,7 +2213,12 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,

 	E_deshash(newpass, new_lm_hash);

 	encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);

-	arcfour_crypt(lm_pass.data, old_lm_hash, 516);

+	gnutls_cipher_init(&cipher_hnd,

+			   GNUTLS_CIPHER_ARCFOUR_128,

+			   &session_key,

+			   NULL);

+	gnutls_cipher_encrypt(cipher_hnd, lm_pass.data, 516);

+	gnutls_cipher_deinit(cipher_hnd);

 	E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);

 	r.in.server = &server;

-- 

2.23.0