svn commit: samba r6286 - in branches/SAMBA_4_0/source/torture/rpc: .

abartlet at samba.org abartlet at samba.org
Sun Apr 10 22:23:02 GMT 2005 

Author: abartlet
Date: 2005-04-10 22:23:02 +0000 (Sun, 10 Apr 2005)
New Revision: 6286

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6286

Log:
Add back metze's test of setting a trust password to ''.  I removed
this because I don't want our torture suite to leave behind accounts
with known passwords if it is stopped in the wrong place.  It is now
run behind the -X (dangerous) wrapper.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/torture/rpc/netlogon.c


Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/netlogon.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/netlogon.c	2005-04-10 22:19:36 UTC (rev 6285)
+++ branches/SAMBA_4_0/source/torture/rpc/netlogon.c	2005-04-10 22:23:02 UTC (rev 6286)
@@ -371,11 +371,6 @@
 	memcpy(r.in.new_password.data, password_buf.data, 512);
 	r.in.new_password.length = IVAL(password_buf.data, 512);
 
-	/* by changing the machine password to ""
-	 * we check if the server uses password restrictions
-	 * for ServerPasswordSet2
-	 * (win2k3 accepts "")
-	 */
 	printf("Testing ServerPasswordSet2 on machine account\n");
 	printf("Changing machine account password to '%s'\n", password);
 
@@ -393,6 +388,39 @@
 
 	machine_password = password;
 
+	if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
+		printf("Not testing ability to set password to '', enable dangerous tests to perform this test\n");
+	} else {
+		/* by changing the machine password to ""
+		 * we check if the server uses password restrictions
+		 * for ServerPasswordSet2
+		 * (win2k3 accepts "")
+		 */
+		password = "";
+		encode_pw_buffer(password_buf.data, password, STR_UNICODE);
+		creds_arcfour_crypt(creds, password_buf.data, 516);
+		
+		memcpy(r.in.new_password.data, password_buf.data, 512);
+		r.in.new_password.length = IVAL(password_buf.data, 512);
+		
+		printf("Testing ServerPasswordSet2 on machine account\n");
+		printf("Changing machine account password to '%s'\n", password);
+		
+		creds_client_authenticator(creds, &r.in.credential);
+		
+		status = dcerpc_netr_ServerPasswordSet2(p, mem_ctx, &r);
+		if (!NT_STATUS_IS_OK(status)) {
+			printf("ServerPasswordSet2 - %s\n", nt_errstr(status));
+			return False;
+		}
+		
+		if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
+			printf("Credential chaining failed\n");
+		}
+		
+		machine_password = password;
+	}
+
 	if (!test_SetupCredentials(p, mem_ctx, TEST_MACHINE_NAME, machine_password, &creds)) {
 		printf("ServerPasswordSet failed to actually change the password\n");
 		return False;

More information about the samba-cvs mailing list