From e3c6cd617dc324d86212a50555adbeffb966555c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 24 Jul 2019 16:01:02 +0200
Subject: [PATCH 050/187] s4:torture: Use init_samr_CryptPassword in
test_ChangePasswordUser3
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 5b7c21fca576bf6e44233d69b47273058b9197c8)
---
source4/torture/rpc/samr.c | 64 +++++++++++++++++++++++++++++---------
1 file changed, 49 insertions(+), 15 deletions(-)
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 307b0b03594..55059a26b43 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -2472,6 +2472,8 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, struct torture_context *tct
NTTIME t;
struct samr_DomInfo1 *dominfo = NULL;
struct userPwdChangeFailureInformation *reject = NULL;
+ DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
+ NTSTATUS status;
torture_comment(tctx, "Testing ChangePasswordUser3\n");
@@ -2500,12 +2502,22 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, struct torture_context *tct
E_deshash(oldpass, old_lm_hash);
E_deshash(newpass, new_lm_hash);
- encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
- arcfour_crypt(lm_pass.data, old_nt_hash, 516);
+ status = init_samr_CryptPassword(newpass,
+ &session_key,
+ &lm_pass);
+ torture_assert_ntstatus_ok(tctx,
+ status,
+ "init_samr_CryptPassword");
+
E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
- encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
- arcfour_crypt(nt_pass.data, old_nt_hash, 516);
+ status = init_samr_CryptPassword(newpass,
+ &session_key,
+ &nt_pass);
+ torture_assert_ntstatus_ok(tctx,
+ status,
+ "init_samr_CryptPassword");
+
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
/* Break the verification */
@@ -2534,16 +2546,28 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, struct torture_context *tct
ret = false;
}
- encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
- arcfour_crypt(lm_pass.data, old_nt_hash, 516);
+ status = init_samr_CryptPassword(newpass,
+ &session_key,
+ &lm_pass);
+ torture_assert_ntstatus_ok(tctx,
+ status,
+ "init_samr_CryptPassword");
+
E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
- encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
- /* Break the NT hash */
- old_nt_hash[0]++;
- arcfour_crypt(nt_pass.data, old_nt_hash, 516);
+ /* Break the session key */
+ session_key.data[0]++;
+
+ status = init_samr_CryptPassword(newpass,
+ &session_key,
+ &nt_pass);
+ torture_assert_ntstatus_ok(tctx,
+ status,
+ "init_samr_CryptPassword");
+
/* Unbreak it again */
- old_nt_hash[0]--;
+ session_key.data[0]--;
+
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
r.in.server = &server;
@@ -2590,12 +2614,22 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, struct torture_context *tct
E_deshash(oldpass, old_lm_hash);
E_deshash(newpass, new_lm_hash);
- encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
- arcfour_crypt(lm_pass.data, old_nt_hash, 516);
+ status = init_samr_CryptPassword(newpass,
+ &session_key,
+ &lm_pass);
+ torture_assert_ntstatus_ok(tctx,
+ status,
+ "init_samr_CryptPassword");
+
E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
- encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
- arcfour_crypt(nt_pass.data, old_nt_hash, 516);
+ status = init_samr_CryptPassword(newpass,
+ &session_key,
+ &nt_pass);
+ torture_assert_ntstatus_ok(tctx,
+ status,
+ "init_samr_CryptPassword");
+
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
r.in.server = &server;
--
2.23.0