[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Thu Feb 4 11:40:03 UTC 2016
The branch, master has been updated
via 8247d93 loadparm: Fix memory leak issue.
via 8956577 libwbclient: Fix a few resource leak CIDs
via 3d5873c libwbclient: Add "goto fail" test macros
via e073f3c s4-torture: flesh out ntlmssp_AUTHENTICATE_MESSAGE_check().
via 68b9b18 s4-torture: add ndr pullpush validation for NTLMSSP CHALLENGE and AUTHENTICATE messages.
via fe1be37 s4-torture: flesh out ntlmssp_CHALLENGE_MESSAGE_check().
via 4ac7a65 s4-torture: activate testing of CHALLENGE and AUTHENTICATE ntlmssp messages.
via 68d043f s4-torture: fill in ntlmssp_NEGOTIATE_MESSAGE_check().
via 30386c2 ntlmssp: when pulling messages it is important to clear memory first.
via ded0f3c ntlmssp: properly document version defines in IDL (from MS-NLMP).
via 4be7451 ntlmssp: fix copy/paste typo in CHALLENGE_MESSAGE in IDL.
via feb4ee6 ntlmssp: add some missing defines from MS-NLMP to our IDL.
via 109164e docs-xml: fix typo in smbspool_krb5_wrapper manpage.
from e269968 samba3.blackbox.smbclient.forceuser_validusers: Add new test for force user option.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8247d93701ed838190fe74044a63a56d63d37bf5
Author: Hemanth Thummala <hemanth.thummala at nutanix.com>
Date: Tue Feb 2 10:33:20 2016 -0800
loadparm: Fix memory leak issue.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11708
Signed-off-by: Hemanth Thummala <hemanth.thummala at nutanix.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Feb 4 12:39:14 CET 2016 on sn-devel-144
commit 89565775a4972bc5546e6b4cf858bf07f7bb42d9
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 21:42:33 2016 +0100
libwbclient: Fix a few resource leak CIDs
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3d5873c848b6aa819b1a92da09e1e0f065156e2e
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 21:42:04 2016 +0100
libwbclient: Add "goto fail" test macros
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit e073f3c0b622f49ffad7082b9b4fbc429c48d530
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 17 18:35:29 2015 +0100
s4-torture: flesh out ntlmssp_AUTHENTICATE_MESSAGE_check().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 68b9b18e6cd346e2aa32418642b0746cee593be3
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 17 18:32:28 2015 +0100
s4-torture: add ndr pullpush validation for NTLMSSP CHALLENGE and AUTHENTICATE messages.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit fe1be37c71a816458173082fa9213a3f279a0b79
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 17 18:30:16 2015 +0100
s4-torture: flesh out ntlmssp_CHALLENGE_MESSAGE_check().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 4ac7a6572149ec5b43a91a303c2008e73e467a56
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 17 18:29:16 2015 +0100
s4-torture: activate testing of CHALLENGE and AUTHENTICATE ntlmssp messages.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 68d043faa0aa9e5e0d289806e1aa2acba3f07af5
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 17 18:27:29 2015 +0100
s4-torture: fill in ntlmssp_NEGOTIATE_MESSAGE_check().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 30386c23ae0a6afd2060e626c73df9a3691a71fb
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 17 15:35:29 2015 +0100
ntlmssp: when pulling messages it is important to clear memory first.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit ded0f3c8b7b4132d250907022ba59e88b45a6ed0
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 17 15:34:47 2015 +0100
ntlmssp: properly document version defines in IDL (from MS-NLMP).
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 4be7451d9a7ed122c61a08bcf977bebeef4749dd
Author: Günther Deschner <gd at samba.org>
Date: Tue Nov 17 16:42:08 2015 +0100
ntlmssp: fix copy/paste typo in CHALLENGE_MESSAGE in IDL.
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit feb4ee62c5271b45877c1d3bc1d8b327439e5fd4
Author: Günther Deschner <gd at samba.org>
Date: Mon Nov 16 16:31:27 2015 +0100
ntlmssp: add some missing defines from MS-NLMP to our IDL.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 109164ed63ee76c4088f5df7ffb66740cac629c1
Author: Günther Deschner <gd at samba.org>
Date: Thu Feb 4 00:00:46 2016 +0100
docs-xml: fix typo in smbspool_krb5_wrapper manpage.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/ntlmssp/ntlmssp_ndr.c | 1 +
docs-xml/manpages/smbspool_krb5_wrapper.8.xml | 2 +-
librpc/idl/ntlmssp.idl | 18 ++-
nsswitch/libwbclient/tests/wbclient.c | 36 ++++-
source3/param/loadparm.c | 2 +-
source4/torture/ndr/ntlmssp.c | 185 +++++++++++++++++++++++++-
6 files changed, 224 insertions(+), 20 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/ntlmssp/ntlmssp_ndr.c b/auth/ntlmssp/ntlmssp_ndr.c
index af24be9..c8b16cc 100644
--- a/auth/ntlmssp/ntlmssp_ndr.c
+++ b/auth/ntlmssp/ntlmssp_ndr.c
@@ -25,6 +25,7 @@
#define NTLMSSP_PULL_MESSAGE(type, blob, mem_ctx, r) \
do { \
enum ndr_err_code __ndr_err; \
+ ZERO_STRUCTP(r); /* in order to deal with unset neg flags */\
__ndr_err = ndr_pull_struct_blob(blob, mem_ctx, r, \
(ndr_pull_flags_fn_t)ndr_pull_ ##type); \
if (!NDR_ERR_CODE_IS_SUCCESS(__ndr_err)) { \
diff --git a/docs-xml/manpages/smbspool_krb5_wrapper.8.xml b/docs-xml/manpages/smbspool_krb5_wrapper.8.xml
index e302293..f9966e7 100644
--- a/docs-xml/manpages/smbspool_krb5_wrapper.8.xml
+++ b/docs-xml/manpages/smbspool_krb5_wrapper.8.xml
@@ -13,7 +13,7 @@
<refnamediv>
<refname>smbspool_krb5_wrapper</refname>
- <refpurpose>This is a CUPS printing backend which calls smbpsool</refpurpose>
+ <refpurpose>This is a CUPS printing backend which calls smbspool</refpurpose>
</refnamediv>
<refsynopsisdiv>
diff --git a/librpc/idl/ntlmssp.idl b/librpc/idl/ntlmssp.idl
index 4a9e7c2..df6773c 100644
--- a/librpc/idl/ntlmssp.idl
+++ b/librpc/idl/ntlmssp.idl
@@ -54,18 +54,21 @@ interface ntlmssp
/*
NTLMSSP_WINDOWS_MAJOR_VERSION_5: Windows XP SP2 and Server 2003
- NTLMSSP_WINDOWS_MAJOR_VERSION_6: Windows Vista, Server 2008, 7 and Server 2008 R2
+ NTLMSSP_WINDOWS_MAJOR_VERSION_6: Windows Vista, Server 2008, 7, Server 2008 R2, 8, Server 2012, 8.1, Server 2012 R2
+ NTLMSSP_WINDOWS_MAJOR_VERSION_10: Windows 10, Windows Server 2016 Technical Preview
*/
typedef [enum8bit] enum {
NTLMSSP_WINDOWS_MAJOR_VERSION_5 = 0x05,
- NTLMSSP_WINDOWS_MAJOR_VERSION_6 = 0x06
+ NTLMSSP_WINDOWS_MAJOR_VERSION_6 = 0x06,
+ NTLMSSP_WINDOWS_MAJOR_VERSION_10 = 0x0A
} ntlmssp_WindowsMajorVersion;
/*
- NTLMSSP_WINDOWS_MINOR_VERSION_0: Windows Vista, Server 2008, 7, Server 2008 R2
- NTLMSSP_WINDOWS_MINOR_VERSION_1: Windows XP SP2
- NTLMSSP_WINDOWS_MINOR_VERSION_2: Windows Server 2003
+ NTLMSSP_WINDOWS_MINOR_VERSION_0: Windows Vista, 10, Server 2016 Technical Preview
+ NTLMSSP_WINDOWS_MINOR_VERSION_1: Windows XP SP2, 7, Server 2008 R2
+ NTLMSSP_WINDOWS_MINOR_VERSION_2: Windows Server 2003, 8, Server 2012
+ NTLMSSP_WINDOWS_MINOR_VERSION_3: Windows 8.1, Server 2012 R2
*/
typedef [enum8bit] enum {
@@ -141,7 +144,8 @@ interface ntlmssp
typedef [bitmap32bit] bitmap {
NTLMSSP_AVFLAG_CONSTRAINTED_ACCOUNT = 0x00000001,
- NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE = 0x00000002
+ NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE = 0x00000002,
+ NTLMSSP_AVFLAG_TARGET_SPN_FROM_UNTRUSTED_SOURCE = 0x00000004
} ntlmssp_AvFlags;
typedef [gensize,nodiscriminant,flag(NDR_NOALIGN)] union {
@@ -184,7 +188,7 @@ interface ntlmssp
uint8 ServerChallenge[8];
uint8 Reserved[8];
[value(ndr_size_AV_PAIR_LIST(TargetInfo, ndr->flags))] uint16 TargetInfoLen;
- [value(TargetInfoLen)] uint16 TargetNameInfoMaxLen;
+ [value(TargetInfoLen)] uint16 TargetInfoMaxLen;
[relative] [subcontext(0),subcontext_size(TargetInfoLen)] AV_PAIR_LIST *TargetInfo;
[switch_is(NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)] ntlmssp_Version Version;
} CHALLENGE_MESSAGE;
diff --git a/nsswitch/libwbclient/tests/wbclient.c b/nsswitch/libwbclient/tests/wbclient.c
index 4d04ca9..0de6096 100644
--- a/nsswitch/libwbclient/tests/wbclient.c
+++ b/nsswitch/libwbclient/tests/wbclient.c
@@ -48,6 +48,27 @@
#define torture_assert_wbc_ok(torture_ctx,expr,cmt,cmt_arg) \
torture_assert_wbc_equal(torture_ctx,expr,WBC_ERR_SUCCESS,cmt,cmt_arg)
+#define torture_assert_wbc_equal_goto_fail(torture_ctx, got, expected, cmt, cmt_arg) \
+ do { wbcErr __got = got, __expected = expected; \
+ if (!WBC_ERROR_EQUAL(__got, __expected)) { \
+ torture_result(torture_ctx, TORTURE_FAIL, __location__": "#got" was %s, expected %s: " cmt, wbcErrorString(__got), wbcErrorString(__expected), cmt_arg); \
+ goto fail; \
+ } \
+ } while (0)
+
+#define torture_assert_wbc_ok_goto_fail(torture_ctx,expr,cmt,cmt_arg) \
+ torture_assert_wbc_equal(torture_ctx,expr,WBC_ERR_SUCCESS,cmt,cmt_arg)
+
+#define torture_assert_str_equal_goto_fail(torture_ctx,got,expected,cmt)\
+ do { const char *__got = (got), *__expected = (expected); \
+ if (strcmp(__got, __expected) != 0) { \
+ torture_result(torture_ctx, TORTURE_FAIL, \
+ __location__": "#got" was %s, expected %s: %s", \
+ __got, __expected, cmt); \
+ goto fail;; \
+ } \
+ } while(0)
+
static bool test_wbc_ping(struct torture_context *tctx)
{
torture_assert_wbc_ok(tctx, wbcPing(),
@@ -454,27 +475,30 @@ static bool test_wbc_lookup_rids(struct torture_context *tctx)
{
struct wbcDomainSid builtin;
uint32_t rids[2] = { 544, 545 };
- const char *domain_name, **names;
+ const char *domain_name = NULL;
+ const char **names = NULL;
enum wbcSidType *types;
- wbcErr ret;
+ wbcErr ret = false;
wbcStringToSid("S-1-5-32", &builtin);
ret = wbcLookupRids(&builtin, 2, rids, &domain_name, &names,
&types);
- torture_assert_wbc_ok(tctx, ret, "%s", "wbcLookupRids for 544 and 545 failed");
+ torture_assert_wbc_ok_goto_fail(
+ tctx, ret, "%s", "wbcLookupRids for 544 and 545 failed");
torture_assert_str_equal(
tctx, names[0], "Administrators",
"S-1-5-32-544 not mapped to 'Administrators'");
- torture_assert_str_equal(
+ torture_assert_str_equal_goto_fail(
tctx, names[1], "Users", "S-1-5-32-545 not mapped to 'Users'");
+ ret = true;
+fail:
wbcFreeMemory(discard_const_p(char ,domain_name));
wbcFreeMemory(names);
wbcFreeMemory(types);
-
- return true;
+ return ret;
}
static bool test_wbc_get_sidaliases(struct torture_context *tctx)
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 31d9e2d..fb92230 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -1388,7 +1388,7 @@ static int add_a_service(const struct loadparm_service *pservice, const char *na
return (-1);
}
ServicePtrs = tsp;
- ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
+ ServicePtrs[iNumServices] = talloc_zero(ServicePtrs, struct loadparm_service);
if (!ServicePtrs[iNumServices]) {
DEBUG(0,("add_a_service: out of memory!\n"));
return (-1);
diff --git a/source4/torture/ndr/ntlmssp.c b/source4/torture/ndr/ntlmssp.c
index 36127ce..5b879c6 100644
--- a/source4/torture/ndr/ntlmssp.c
+++ b/source4/torture/ndr/ntlmssp.c
@@ -2,7 +2,7 @@
Unix SMB/CIFS implementation.
test suite for ntlmssp ndr operations
- Copyright (C) Guenther Deschner 2010
+ Copyright (C) Guenther Deschner 2010,2015
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -33,10 +33,27 @@ static const uint8_t ntlmssp_NEGOTIATE_MESSAGE_data[] = {
static bool ntlmssp_NEGOTIATE_MESSAGE_check(struct torture_context *tctx,
struct NEGOTIATE_MESSAGE *r)
{
+ torture_assert_str_equal(tctx, r->Signature, "NTLMSSP", "Signature");
+ torture_assert_int_equal(tctx, r->MessageType, NtLmNegotiate, "MessageType");
+ torture_assert_int_equal(tctx, r->NegotiateFlags, 0xe2088297, "NegotiateFlags");
+ torture_assert_int_equal(tctx, r->DomainNameLen, 0, "DomainNameLen");
+ torture_assert_int_equal(tctx, r->DomainNameMaxLen, 0, "DomainNameMaxLen");
+ torture_assert(tctx, r->DomainName == NULL, "DomainName");
+ torture_assert_int_equal(tctx, r->WorkstationLen, 0, "WorkstationLen");
+ torture_assert_int_equal(tctx, r->WorkstationMaxLen, 0, "WorkstationMaxLen");
+ torture_assert(tctx, r->Workstation == NULL, "Workstation");
+ torture_assert_int_equal(tctx, r->Version.version.ProductMajorVersion, NTLMSSP_WINDOWS_MAJOR_VERSION_6, "ProductMajorVersion");
+ torture_assert_int_equal(tctx, r->Version.version.ProductMinorVersion, NTLMSSP_WINDOWS_MINOR_VERSION_1, "ProductMinorVersion");
+ torture_assert_int_equal(tctx, r->Version.version.ProductBuild, 0x1db0, "ProductBuild");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[0], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[1], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[2], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[3], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.NTLMRevisionCurrent, NTLMSSP_REVISION_W2K3, "NTLMRevisionCurrent");
+
return true;
}
-#if 0
static const uint8_t ntlmssp_CHALLENGE_MESSAGE_data[] = {
0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00,
0x0a, 0x00, 0x0a, 0x00, 0x38, 0x00, 0x00, 0x00, 0x95, 0x82, 0x89, 0xe2,
@@ -59,6 +76,49 @@ static const uint8_t ntlmssp_CHALLENGE_MESSAGE_data[] = {
static bool ntlmssp_CHALLENGE_MESSAGE_check(struct torture_context *tctx,
struct CHALLENGE_MESSAGE *r)
{
+ uint8_t chal[8] = { 0xed, 0xc8, 0x2b, 0x7d, 0x2e, 0xd7, 0xd0, 0xd9 };
+ uint8_t data[8] = { 0 };
+
+ torture_assert_str_equal(tctx, r->Signature, "NTLMSSP", "Signature");
+ torture_assert_int_equal(tctx, r->MessageType, NtLmChallenge, "MessageType");
+ torture_assert_int_equal(tctx, r->TargetNameLen, 10, "TargetNameLen");
+ torture_assert_int_equal(tctx, r->TargetNameMaxLen, 10, "TargetNameMaxLen");
+ torture_assert_str_equal(tctx, r->TargetName, "SAMBA", "TargetName");
+ torture_assert_int_equal(tctx, r->NegotiateFlags, 0xe2898295, "NegotiateFlags");
+ torture_assert_mem_equal(tctx, r->ServerChallenge, chal, 8, "ServerChallenge");
+ torture_assert_mem_equal(tctx, r->Reserved, data, 8, "Reserved");
+ torture_assert_int_equal(tctx, r->TargetInfoLen, 120, "TargetInfoLen");
+ torture_assert_int_equal(tctx, r->TargetInfoMaxLen, 120, "TargetInfoMaxLen");
+ torture_assert_int_equal(tctx, r->TargetInfo->count, 5, "TargetInfo->count");
+
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[0].AvId, MsvAvNbDomainName, "AvId");
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[0].AvLen, 10, "AvLen");
+ torture_assert_str_equal(tctx, r->TargetInfo->pair[0].Value.AvNbDomainName, "SAMBA", "AvNbDomainName");
+
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[1].AvId, MsvAvNbComputerName, "AvId");
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[1].AvLen, 16, "AvLen");
+ torture_assert_str_equal(tctx, r->TargetInfo->pair[1].Value.AvNbComputerName, "MTHELENA", "AvNbComputerName");
+
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[2].AvId, MsvAvDnsDomainName, "AvId");
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[2].AvLen, 28, "AvLen");
+ torture_assert_str_equal(tctx, r->TargetInfo->pair[2].Value.AvDnsDomainName, "ber.redhat.com", "AvDnsDomainName");
+
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[3].AvId, MsvAvDnsComputerName, "AvId");
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[3].AvLen, 46, "AvLen");
+ torture_assert_str_equal(tctx, r->TargetInfo->pair[3].Value.AvDnsComputerName, "mthelena.ber.redhat.com", "AvDnsComputerName");
+
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[4].AvId, MsvAvEOL, "AvId");
+ torture_assert_int_equal(tctx, r->TargetInfo->pair[4].AvLen, 0, "AvLen");
+
+ torture_assert_int_equal(tctx, r->Version.version.ProductMajorVersion, NTLMSSP_WINDOWS_MAJOR_VERSION_6, "ProductMajorVersion");
+ torture_assert_int_equal(tctx, r->Version.version.ProductMinorVersion, NTLMSSP_WINDOWS_MINOR_VERSION_1, "ProductMinorVersion");
+ torture_assert_int_equal(tctx, r->Version.version.ProductBuild, 0, "ProductBuild");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[0], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[1], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[2], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[3], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.NTLMRevisionCurrent, NTLMSSP_REVISION_W2K3, "NTLMRevisionCurrent");
+
return true;
}
@@ -106,18 +166,133 @@ static const uint8_t ntlmssp_AUTHENTICATE_MESSAGE_data[] = {
static bool ntlmssp_AUTHENTICATE_MESSAGE_check(struct torture_context *tctx,
struct AUTHENTICATE_MESSAGE *r)
{
+ uint8_t lm_challenge_response[24] = { 0 };
+ struct NTLMv2_RESPONSE v2;
+ struct AV_PAIR_LIST AvPairs;
+ uint8_t Response[16] = {
+ 0x38, 0xcf, 0xfb, 0x39, 0x5a, 0xb3, 0x4c, 0x58,
+ 0x86, 0x35, 0xa3, 0xe7, 0x1e, 0x00, 0x98, 0x43
+ };
+ uint8_t ChallengeFromClient[8] = {
+ 0x3c, 0x21, 0x0a, 0xe9, 0xde, 0x61, 0xc0, 0x7e
+ };
+ uint8_t MachineId[32] = {
+ 0x0a, 0xfd, 0x3b, 0x2c, 0xad, 0x43, 0x46, 0x8b,
+ 0x49, 0x01, 0x6c, 0xa5, 0xf3, 0xbc, 0xd2, 0x13,
+ 0xbb, 0x70, 0xe2, 0x65, 0x96, 0xba, 0x0d, 0x8d,
+ 0x5d, 0x31, 0xe6, 0x47, 0x94, 0x61, 0xed, 0x28
+ };
+ uint8_t EncryptedRandomSessionKey[16] = {
+ 0xA4, 0x23, 0xD4, 0x5C, 0x16, 0x52, 0x8D, 0x56,
+ 0x34, 0x2D, 0x1C, 0xFF, 0x86, 0x17, 0xC9, 0x4F
+ };
+
+ torture_assert_str_equal(tctx, r->Signature, "NTLMSSP", "Signature");
+ torture_assert_int_equal(tctx, r->MessageType, NtLmAuthenticate, "MessageType");
+ torture_assert_int_equal(tctx, r->LmChallengeResponseLen, 24, "LmChallengeResponseLen");
+ torture_assert_int_equal(tctx, r->LmChallengeResponseMaxLen, 24, "LmChallengeResponseMaxLen");
+ torture_assert_mem_equal(tctx, r->LmChallengeResponse->v1.Response, lm_challenge_response, 24, "LmChallengeResponse");
+
+ torture_assert_int_equal(tctx, r->NtChallengeResponseLen, 270, "NtChallengeResponseLen");
+ torture_assert_int_equal(tctx, r->NtChallengeResponseMaxLen, 270, "NtChallengeResponseMaxLen");
+
+ v2 = r->NtChallengeResponse->v2;
+
+ torture_assert_mem_equal(tctx, v2.Response, Response, 16, "v2.Response");
+ torture_assert_int_equal(tctx, v2.Challenge.RespType, 1, "RespType");
+ torture_assert_int_equal(tctx, v2.Challenge.HiRespType, 1, "HiRespType");
+ torture_assert_int_equal(tctx, v2.Challenge.Reserved1, 0, "Reserved1");
+ torture_assert_int_equal(tctx, v2.Challenge.Reserved2, 0, "Reserved2");
+ /* TimeStamp : Tue Sep 14 17:06:53 2010 CEST */
+ torture_assert_mem_equal(tctx, v2.Challenge.ChallengeFromClient, ChallengeFromClient, 8, "v2.Challenge.ChallengeFromClient");
+ torture_assert_int_equal(tctx, v2.Challenge.Reserved3, 0, "Reserved3");
+
+ AvPairs = v2.Challenge.AvPairs;
+
+ torture_assert_int_equal(tctx, AvPairs.count, 8, "AvPairs.count");
+
+ torture_assert_int_equal(tctx, AvPairs.pair[0].AvId, MsvAvNbDomainName, "AvId");
+ torture_assert_int_equal(tctx, AvPairs.pair[0].AvLen, 10, "AvLen");
+ torture_assert_str_equal(tctx, AvPairs.pair[0].Value.AvNbDomainName, "SAMBA", "Value.AvNbDomainName");
+
+ torture_assert_int_equal(tctx, AvPairs.pair[1].AvId, MsvAvNbComputerName, "AvId");
+ torture_assert_int_equal(tctx, AvPairs.pair[1].AvLen, 16, "AvLen");
+ torture_assert_str_equal(tctx, AvPairs.pair[1].Value.AvNbComputerName, "MTHELENA", "Value.AvNbComputerName");
+
+ torture_assert_int_equal(tctx, AvPairs.pair[2].AvId, MsvAvDnsDomainName, "AvId");
+ torture_assert_int_equal(tctx, AvPairs.pair[2].AvLen, 28, "AvLen");
+ torture_assert_str_equal(tctx, AvPairs.pair[2].Value.AvDnsDomainName, "ber.redhat.com", "Value.AvDnsDomainName");
+
+ torture_assert_int_equal(tctx, AvPairs.pair[3].AvId, MsvAvDnsComputerName, "AvId");
+ torture_assert_int_equal(tctx, AvPairs.pair[3].AvLen, 46, "AvLen");
+ torture_assert_str_equal(tctx, AvPairs.pair[3].Value.AvDnsComputerName, "mthelena.ber.redhat.com", "Value.AvDnsComputerName");
+
+ torture_assert_int_equal(tctx, AvPairs.pair[4].AvId, MsAvRestrictions, "AvId");
+ torture_assert_int_equal(tctx, AvPairs.pair[4].AvLen, 48, "AvLen");
+ torture_assert_int_equal(tctx, AvPairs.pair[4].Value.AvRestrictions.Size, 48, "Value.AvRestrictions.Size");
+ torture_assert_int_equal(tctx, AvPairs.pair[4].Value.AvRestrictions.Z4, 0, "Value.AvRestrictions.Z4");
+ torture_assert_int_equal(tctx, AvPairs.pair[4].Value.AvRestrictions.IntegrityLevel, 0, "Value.AvRestrictions.IntegrityLevel");
+ torture_assert_int_equal(tctx, AvPairs.pair[4].Value.AvRestrictions.SubjectIntegrityLevel, 0x00003000, "Value.AvRestrictions.SubjectIntegrityLevel");
+ torture_assert_mem_equal(tctx, AvPairs.pair[4].Value.AvRestrictions.MachineId, MachineId, 32, "Value.AvRestrictions.MachineId");
+
+ torture_assert_int_equal(tctx, AvPairs.pair[5].AvId, MsvChannelBindings, "AvId");
+ torture_assert_int_equal(tctx, AvPairs.pair[5].AvLen, 16, "AvLen");
+ torture_assert_mem_equal(tctx, AvPairs.pair[5].Value.ChannelBindings, lm_challenge_response, 16, "Value.ChannelBindings");
+
+ torture_assert_int_equal(tctx, AvPairs.pair[6].AvId, MsvAvTargetName, "AvId");
+ torture_assert_int_equal(tctx, AvPairs.pair[6].AvLen, 26, "AvLen");
+ torture_assert_str_equal(tctx, AvPairs.pair[6].Value.AvTargetName, "cifs/mthelena", "Value.AvTargetName");
+
+ torture_assert_int_equal(tctx, AvPairs.pair[7].AvId, MsvAvEOL, "AvId");
+ torture_assert_int_equal(tctx, AvPairs.pair[7].AvLen, 0, "AvLen");
+
+ torture_assert_int_equal(tctx, r->DomainNameLen, 14, "DomainNameLen");
+ torture_assert_int_equal(tctx, r->DomainNameMaxLen, 14, "DomainNameMaxLen");
+ torture_assert_str_equal(tctx, r->DomainName, "W2K8DOM", "DomainName");
+
+ torture_assert_int_equal(tctx, r->UserNameLen, 26, "UserNameLen");
+ torture_assert_int_equal(tctx, r->UserNameMaxLen, 26, "UserNameMaxLen");
+ torture_assert_str_equal(tctx, r->UserName, "Administrator", "UserName");
+
+ torture_assert_int_equal(tctx, r->WorkstationLen, 12, "WorkstationLen");
+ torture_assert_int_equal(tctx, r->WorkstationMaxLen, 12, "WorkstationMaxLen");
+ torture_assert_str_equal(tctx, r->Workstation, "W2K8R2", "Workstation");
+
+ torture_assert_int_equal(tctx, r->EncryptedRandomSessionKeyLen, 16, "EncryptedRandomSessionKeyLen");
+ torture_assert_int_equal(tctx, r->EncryptedRandomSessionKeyMaxLen, 16, "EncryptedRandomSessionKeyMaxLen");
+ torture_assert_mem_equal(tctx, r->EncryptedRandomSessionKey->data, EncryptedRandomSessionKey, 16, "EncryptedRandomSessionKeyMaxLen");
+
+ torture_assert_int_equal(tctx, r->NegotiateFlags, 0xe2888215, "NegotiateFlags");
+
+ torture_assert_int_equal(tctx, r->Version.version.ProductMajorVersion, NTLMSSP_WINDOWS_MAJOR_VERSION_6, "ProductMajorVersion");
+ torture_assert_int_equal(tctx, r->Version.version.ProductMinorVersion, NTLMSSP_WINDOWS_MINOR_VERSION_1, "ProductMinorVersion");
+ torture_assert_int_equal(tctx, r->Version.version.ProductBuild, 0x1db0, "ProductBuild");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[0], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[1], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[2], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.Reserved[3], 0x00, "Reserved");
+ torture_assert_int_equal(tctx, r->Version.version.NTLMRevisionCurrent, NTLMSSP_REVISION_W2K3, "NTLMRevisionCurrent");
+
return true;
}
-#endif
struct torture_suite *ndr_ntlmssp_suite(TALLOC_CTX *ctx)
{
struct torture_suite *suite = torture_suite_create(ctx, "ntlmssp");
torture_suite_add_ndr_pull_test(suite, NEGOTIATE_MESSAGE, ntlmssp_NEGOTIATE_MESSAGE_data, ntlmssp_NEGOTIATE_MESSAGE_check);
-#if 0
torture_suite_add_ndr_pull_test(suite, CHALLENGE_MESSAGE, ntlmssp_CHALLENGE_MESSAGE_data, ntlmssp_CHALLENGE_MESSAGE_check);
torture_suite_add_ndr_pull_test(suite, AUTHENTICATE_MESSAGE, ntlmssp_AUTHENTICATE_MESSAGE_data, ntlmssp_AUTHENTICATE_MESSAGE_check);
-#endif
+
+ torture_suite_add_ndr_pullpush_test(suite,
+ NEGOTIATE_MESSAGE,
+ data_blob_const(ntlmssp_NEGOTIATE_MESSAGE_data, sizeof(ntlmssp_NEGOTIATE_MESSAGE_data)),
+ ntlmssp_NEGOTIATE_MESSAGE_check);
+
+ torture_suite_add_ndr_pullpush_test(suite,
+ CHALLENGE_MESSAGE,
+ data_blob_const(ntlmssp_CHALLENGE_MESSAGE_data, sizeof(ntlmssp_CHALLENGE_MESSAGE_data)),
+ ntlmssp_CHALLENGE_MESSAGE_check);
+
return suite;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list