[SCM] Samba Shared Repository - branch v4-3-test updated
Karolin Seeger
kseeger at samba.org
Fri Feb 5 12:11:04 UTC 2016
The branch, v4-3-test has been updated
via 9270b1d8 python:tests/core: add tests for arcfour_encrypt() and string_to_byte_array()
via 6c44fab s4:scripting/devel: make use of the generic arcfour_encrypt() and string_to_byte_array() functions
via 8acf14e python:samba/netcmd/domain: make use of the generic arcfour_encrypt() and string_to_byte_array() functions
via b950d91 python:samba/join.py: make use of the generic arcfour_encrypt() and string_to_byte_array() functions
via 4e6d6c7 python:samba: add a generic arcfour_encrypt() helper function
via ffd18e1 python:samba: add a generic string_to_byte_array() helper function
from b422510 ctdb-common: Use documented names for protocol family in socket()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -----------------------------------------------------------------
commit 9270b1d8bb77a891804008ac35edcf4b7569fd99
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 28 15:10:00 2016 +0100
python:tests/core: add tests for arcfour_encrypt() and string_to_byte_array()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Feb 3 11:42:29 CET 2016 on sn-devel-144
(cherry picked from commit 915185aa585a622d338698f847171972d1a15a21)
Autobuild-User(v4-3-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-3-test): Fri Feb 5 13:10:00 CET 2016 on sn-devel-104
commit 6c44fabcfd6fc4370a78854ab0ee9ac54f137a0e
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 28 14:00:38 2016 +0100
s4:scripting/devel: make use of the generic arcfour_encrypt() and string_to_byte_array() functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 8841b1e641e1b950c2f36b26db982473b73b9d3b)
commit 8acf14ed580e890f8cac10fb0d58523eeac169e9
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 28 14:00:38 2016 +0100
python:samba/netcmd/domain: make use of the generic arcfour_encrypt() and string_to_byte_array() functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 452234b7bcdee2e0e3df6e0500ff798062bc5b9e)
commit b950d91b97bf2e54392a5442eb19ea90811bd06a
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 28 14:00:38 2016 +0100
python:samba/join.py: make use of the generic arcfour_encrypt() and string_to_byte_array() functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit d5423feb4b3d388d2de8e1745a8f1138b42b64f5)
commit 4e6d6c7a177b9b2f3d9441af61a11b530bfc9254
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 28 13:52:44 2016 +0100
python:samba: add a generic arcfour_encrypt() helper function
This works with Crypto.Cipher.ARC4 (from python*-crypto) and
fallback to M2Crypto.RC4.RC4 (from [python*-]m2crypto).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 078a7ae71081c24991bb34c818cc2c763eefad99)
commit ffd18e18d6b2e88399784754aa2eb33b0e82fe45
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 28 13:44:33 2016 +0100
python:samba: add a generic string_to_byte_array() helper function
We should avoid implementing this again and again.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 65127d16744763d0865ca9ce4d039866785e3fc7)
-----------------------------------------------------------------------
Summary of changes:
python/samba/__init__.py | 24 ++++++++++++++++++++++++
python/samba/join.py | 19 +++----------------
python/samba/netcmd/domain.py | 23 +++++------------------
python/samba/tests/core.py | 16 ++++++++++++++++
source4/scripting/devel/createtrust | 18 +++---------------
5 files changed, 51 insertions(+), 49 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/__init__.py b/python/samba/__init__.py
index 84b0b1f..aaf335c 100644
--- a/python/samba/__init__.py
+++ b/python/samba/__init__.py
@@ -362,6 +362,30 @@ def dn_from_dns_name(dnsdomain):
def current_unix_time():
return int(time.time())
+def string_to_byte_array(string):
+ blob = [0] * len(string)
+
+ for i in range(len(string)):
+ blob[i] = ord(string[i])
+
+ return blob
+
+def arcfour_encrypt(key, data):
+ try:
+ from Crypto.Cipher import ARC4
+ c = ARC4.new(key)
+ return c.encrypt(data)
+ except ImportError as e:
+ pass
+ try:
+ from M2Crypto.RC4 import RC4
+ c = RC4(key)
+ return c.update(data)
+ except ImportError as e:
+ pass
+ raise Exception("arcfour_encrypt() requires " +
+ "python*-crypto or python*-m2crypto or m2crypto")
+
import _glue
version = _glue.version
interface_ips = _glue.interface_ips
diff --git a/python/samba/join.py b/python/samba/join.py
index c356145..f71f3de 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -20,7 +20,7 @@
from samba.auth import system_session
from samba.samdb import SamDB
-from samba import gensec, Ldb, drs_utils
+from samba import gensec, Ldb, drs_utils, arcfour_encrypt, string_to_byte_array
import ldb, samba, sys, uuid
from samba.ndr import ndr_pack
from samba.dcerpc import security, drsuapi, misc, nbt, lsa, drsblobs
@@ -944,19 +944,6 @@ class dc_join(object):
def join_setup_trusts(ctx):
"""provision the local SAM."""
- def arcfour_encrypt(key, data):
- from Crypto.Cipher import ARC4
- c = ARC4.new(key)
- return c.encrypt(data)
-
- def string_to_array(string):
- blob = [0] * len(string)
-
- for i in range(len(string)):
- blob[i] = ord(string[i])
-
- return blob
-
print "Setup domain trusts with server %s" % ctx.server
binding_options = "" # why doesn't signing work here? w2k8r2 claims no session key
lsaconn = lsa.lsarpc("ncacn_np:%s[%s]" % (ctx.server, binding_options),
@@ -986,7 +973,7 @@ class dc_join(object):
except RuntimeError:
pass
- password_blob = string_to_array(ctx.trustdom_pass.encode('utf-16-le'))
+ password_blob = string_to_byte_array(ctx.trustdom_pass.encode('utf-16-le'))
clear_value = drsblobs.AuthInfoClear()
clear_value.size = len(password_blob)
@@ -1022,7 +1009,7 @@ class dc_join(object):
auth_blob = lsa.DATA_BUF2()
auth_blob.size = len(encrypted_trustpass)
- auth_blob.data = string_to_array(encrypted_trustpass)
+ auth_blob.data = string_to_byte_array(encrypted_trustpass)
auth_info = lsa.TrustDomainInfoAuthInfoInternal()
auth_info.auth_blob = auth_blob
diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py
index f0710f2..119e8b2 100644
--- a/python/samba/netcmd/domain.py
+++ b/python/samba/netcmd/domain.py
@@ -58,7 +58,7 @@ from samba.upgrade import upgrade_from_samba3
from samba.drs_utils import (
sendDsReplicaSync, drsuapi_connect, drsException,
sendRemoveDsServer)
-
+from samba import arcfour_encrypt, string_to_byte_array
from samba.dsdb import (
DS_DOMAIN_FUNCTION_2000,
@@ -2125,24 +2125,16 @@ class cmd_domain_trust_create(DomainTrustCommand):
password = None
self.outf.write("Sorry, passwords do not match.\n")
- def string_to_array(string):
- blob = [0] * len(string)
-
- for i in range(len(string)):
- blob[i] = ord(string[i])
-
- return blob
-
incoming_secret = None
outgoing_secret = None
remote_policy_access = lsa.LSA_POLICY_VIEW_LOCAL_INFORMATION
if create_location == "local":
if local_trust_info.trust_direction & lsa.LSA_TRUST_DIRECTION_INBOUND:
incoming_password = get_password("Incoming Trust")
- incoming_secret = string_to_array(incoming_password.encode('utf-16-le'))
+ incoming_secret = string_to_byte_array(incoming_password.encode('utf-16-le'))
if local_trust_info.trust_direction & lsa.LSA_TRUST_DIRECTION_OUTBOUND:
outgoing_password = get_password("Outgoing Trust")
- outgoing_secret = string_to_array(outgoing_password.encode('utf-16-le'))
+ outgoing_secret = string_to_byte_array(outgoing_password.encode('utf-16-le'))
remote_trust_info = None
else:
@@ -2167,7 +2159,7 @@ class cmd_domain_trust_create(DomainTrustCommand):
#
# We can remove this once our client libraries
# support using the correct NTHASH.
- return string_to_array(pw1.encode('utf-16-le'))
+ return string_to_byte_array(pw1.encode('utf-16-le'))
# We mix characters from generate_random_password
# with random numbers from random.randint()
@@ -2320,11 +2312,6 @@ class cmd_domain_trust_create(DomainTrustCommand):
except RuntimeError as error:
raise self.RemoteRuntimeError(self, error, "failed to get netlogon dc info")
- def arcfour_encrypt(key, data):
- from Crypto.Cipher import ARC4
- c = ARC4.new(key)
- return c.encrypt(data)
-
def generate_AuthInOutBlob(secret, update_time):
if secret is None:
blob = drsblobs.trustAuthInOutBlob()
@@ -2368,7 +2355,7 @@ class cmd_domain_trust_create(DomainTrustCommand):
auth_blob = lsa.DATA_BUF2()
auth_blob.size = len(encrypted_trustpass)
- auth_blob.data = string_to_array(encrypted_trustpass)
+ auth_blob.data = string_to_byte_array(encrypted_trustpass)
auth_info = lsa.TrustDomainInfoAuthInfoInternal()
auth_info.auth_blob = auth_blob
diff --git a/python/samba/tests/core.py b/python/samba/tests/core.py
index 8206e68..9dbaff1 100644
--- a/python/samba/tests/core.py
+++ b/python/samba/tests/core.py
@@ -20,6 +20,7 @@
import ldb
import os
import samba
+from samba import arcfour_encrypt, string_to_byte_array
from samba.tests import TestCase, TestCaseInTempDir
class SubstituteVarTestCase(TestCase):
@@ -48,6 +49,21 @@ class SubstituteVarTestCase(TestCase):
self.assertRaises(Exception, samba.check_all_substituted,
"Not subsituted: ${FOOBAR}")
+class ArcfourTestCase(TestCase):
+
+ def test_arcfour_direct(self):
+ key = '12345678'
+ plain = 'abcdefghi'
+ crypt_expected = '\xda\x91Z\xb0l\xd7\xb9\xcf\x99'
+ crypt_calculated = arcfour_encrypt(key, plain)
+ self.assertEquals(crypt_expected, crypt_calculated)
+
+class StringToByteArrayTestCase(TestCase):
+
+ def test_byte_array(self):
+ expected = [218, 145, 90, 176, 108, 215, 185, 207, 153]
+ calculated = string_to_byte_array('\xda\x91Z\xb0l\xd7\xb9\xcf\x99')
+ self.assertEquals(expected, calculated)
class LdbExtensionTests(TestCaseInTempDir):
diff --git a/source4/scripting/devel/createtrust b/source4/scripting/devel/createtrust
index 7f1ba33..6c0de1c 100755
--- a/source4/scripting/devel/createtrust
+++ b/source4/scripting/devel/createtrust
@@ -11,21 +11,9 @@ import samba
import samba.getopt as options
from samba.dcerpc import lsa, security, drsblobs
from samba.ndr import ndr_pack
+from samba import arcfour_encrypt, string_to_byte_array
import random
-def arcfour_encrypt(key, data):
- from Crypto.Cipher import ARC4
- c = ARC4.new(key)
- return c.encrypt(data)
-
-def string_to_array(string):
- blob = [0] * len(string)
-
- for i in range(len(string)):
- blob[i] = ord(string[i])
-
- return blob
-
########### main code ###########
if __name__ == "__main__":
parser = OptionParser("createtrust [options] server")
@@ -73,7 +61,7 @@ if __name__ == "__main__":
info.trust_type = lsa.LSA_TRUST_TYPE_UPLEVEL
info.trust_attributes = lsa.LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
- password_blob = string_to_array("password".encode('utf-16-le'))
+ password_blob = string_to_byte_array("password".encode('utf-16-le'))
clear_value = drsblobs.AuthInfoClear()
clear_value.size = len(password_blob)
@@ -123,7 +111,7 @@ if __name__ == "__main__":
auth_blob = lsa.DATA_BUF2()
auth_blob.size = len(encrypted_trustpass)
- auth_blob.data = string_to_array(encrypted_trustpass)
+ auth_blob.data = string_to_byte_array(encrypted_trustpass)
auth_info = lsa.TrustDomainInfoAuthInfoInternal()
auth_info.auth_blob = auth_blob
--
Samba Shared Repository
More information about the samba-cvs
mailing list