svn commit: samba r21697 - in branches/SAMBA_4_0/source/torture/rpc: .

abartlet at samba.org abartlet at samba.org
Mon Mar 5 09:54:38 GMT 2007 

Author: abartlet
Date: 2007-03-05 09:54:37 +0000 (Mon, 05 Mar 2007)
New Revision: 21697

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21697

Log:
Try to cover the 'bad session key' codepaths too.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/torture/rpc/samr.c


Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/samr.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/samr.c	2007-03-05 03:02:43 UTC (rev 21696)
+++ branches/SAMBA_4_0/source/torture/rpc/samr.c	2007-03-05 09:54:37 UTC (rev 21697)
@@ -580,6 +580,28 @@
 		*password = newpass;
 	}
 
+	encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE);
+
+	status = dcerpc_fetch_session_key(p, &session_key);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("SetUserInfo level %u - no session key - %s\n",
+		       s.in.level, nt_errstr(status));
+		return False;
+	}
+
+	/* This should break the key nicely */
+	session_key.length--;
+	arcfour_crypt_blob(u.info23.password.data, 516, &session_key);
+
+	printf("Testing SetUserInfo level 23 (set password) with wrong password\n");
+
+	status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+	if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+		printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+		       s.in.level, nt_errstr(status));
+		ret = False;
+	}
+
 	return ret;
 }
 
@@ -641,6 +663,23 @@
 		*password = newpass;
 	}
 
+	/* This should break the key nicely */
+	confounded_session_key.data[0]++;
+
+	arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
+	memcpy(&u.info26.password.data[516], confounder, 16);
+
+	printf("Testing SetUserInfo level 26 (set password ex) with wrong session key\n");
+
+	status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+	if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+		printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+		       s.in.level, nt_errstr(status));
+		ret = False;
+	} else {
+		*password = newpass;
+	}
+
 	return ret;
 }
 
@@ -705,6 +744,21 @@
 		*password = newpass;
 	}
 
+	/* This should break the key nicely */
+	confounded_session_key.data[0]++;
+
+	arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key);
+	memcpy(&u.info25.password.data[516], confounder, 16);
+
+	printf("Testing SetUserInfo level 25 (set password ex) with wrong session key\n");
+
+	status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+	if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+		printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+		       s.in.level, nt_errstr(status));
+		ret = False;
+	}
+
 	return ret;
 }

More information about the samba-cvs mailing list