[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Tue Nov 8 16:42:03 MST 2011
The branch, master has been updated
via 8a18edf samr: filterModuleName is a lsa_String in userPwdChangeFailureInformation.
via bfe084b s4-smbtorture: demonstrate how broken our samr_ChangePasswordUser3 marshalling is...
from 099d687 s4:samba-tool user command - always initialise the boolean arguments properly
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8a18edf1c2d553105cfcadec4d892e4e5a0fdba1
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 8 16:00:10 2011 +0100
samr: filterModuleName is a lsa_String in userPwdChangeFailureInformation.
The entire marshalling of samr_ChangePasswordUser3 broke with c2685cdedb430ae75a94e86f34484292b4269363.
Matthias, the bad effect of this change was that actually all failed password
change attempts will always return NT_STATUS_OK because the last 4 bytes (the
resulting status code) were not marshalled anymore.
Guenther
Autobuild-User: Günther Deschner <gd at samba.org>
Autobuild-Date: Wed Nov 9 00:41:13 CET 2011 on sn-devel-104
commit bfe084bd8bbdfa0a0fa31521584f3bc142785fb8
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 8 15:58:34 2011 +0100
s4-smbtorture: demonstrate how broken our samr_ChangePasswordUser3 marshalling is...
Guenther
-----------------------------------------------------------------------
Summary of changes:
librpc/idl/samr.idl | 2 +-
source4/torture/ndr/samr.c | 34 ++++++++++++++++++++++++++++++++++
2 files changed, 35 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl
index 4113a54..b9d1d34 100644
--- a/librpc/idl/samr.idl
+++ b/librpc/idl/samr.idl
@@ -1448,7 +1448,7 @@ import "misc.idl", "lsa.idl", "security.idl";
typedef struct {
samPwdChangeReason extendedFailureReason;
- [string,charset(UTF16)] uint16 *filterModuleName;
+ lsa_String filterModuleName;
} userPwdChangeFailureInformation;
[public] NTSTATUS samr_ChangePasswordUser3(
diff --git a/source4/torture/ndr/samr.c b/source4/torture/ndr/samr.c
index 8cc949e..91bb4d7 100644
--- a/source4/torture/ndr/samr.c
+++ b/source4/torture/ndr/samr.c
@@ -278,6 +278,34 @@ static const uint8_t samr_changepassworduser3_w2k_out_data[] = {
0xbb, 0x00, 0x00, 0xc0
};
+static const uint8_t samr_changepassworduser3_w2k8r2_out_data[] = {
+ 0x00, 0x00, 0x02, 0x00, 0x07, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
+ 0x00, 0x80, 0xa6, 0x0a, 0xff, 0xde, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x02, 0x00, 0x05, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6c, 0x00, 0x00, 0xc0
+};
+
+static bool samr_changepassworduser3_w2k8r2_out_check(struct torture_context *tctx,
+ struct samr_ChangePasswordUser3 *r)
+{
+ struct samr_DomInfo1 *dominfo = *r->out.dominfo;
+ struct userPwdChangeFailureInformation *reject = *r->out.reject;
+
+ torture_assert_int_equal(tctx, dominfo->min_password_length, 7, "min_password_length");
+ torture_assert_int_equal(tctx, dominfo->password_history_length, 0, "password_history_length");
+ torture_assert_int_equal(tctx, dominfo->password_properties, DOMAIN_PASSWORD_COMPLEX, "password_properties");
+ torture_assert_u64_equal(tctx, dominfo->max_password_age, 0xffffdeff0aa68000, "max_password_age");
+ torture_assert_u64_equal(tctx, dominfo->min_password_age, 0x0000000000000000, "min_password_age");
+
+ torture_assert_int_equal(tctx, reject->extendedFailureReason, SAM_PWD_CHANGE_NOT_COMPLEX, "extendedFailureReason");
+ torture_assert_int_equal(tctx, reject->filterModuleName.length, 0, "filterModuleName.length");
+ torture_assert_int_equal(tctx, reject->filterModuleName.size, 0, "filterModuleName.size");
+
+ torture_assert_ntstatus_equal(tctx, r->out.result, NT_STATUS_PASSWORD_RESTRICTION, "result");
+
+ return true;
+}
+
struct torture_suite *ndr_samr_suite(TALLOC_CTX *ctx)
{
struct torture_suite *suite = torture_suite_create(ctx, "samr");
@@ -314,6 +342,12 @@ struct torture_suite *ndr_samr_suite(TALLOC_CTX *ctx)
/* Samba currently fails to parse a w2k reply */
torture_suite_add_ndr_pull_fn_test(suite, samr_ChangePasswordUser3, samr_changepassworduser3_w2k_out_data, NDR_OUT, NULL);
#endif
+ torture_suite_add_ndr_pull_fn_test(suite,
+ samr_ChangePasswordUser3,
+ samr_changepassworduser3_w2k8r2_out_data,
+ NDR_OUT,
+ samr_changepassworduser3_w2k8r2_out_check);
+
return suite;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list