[SCM] Samba Shared Repository - branch master updated
Garming Sam
garming at samba.org
Thu Jun 29 04:51:03 UTC 2017
The branch, master has been updated
via 6249602 tests py_credentials: Fix encrypt_netr_crypt_password test
from 776ed55 nsswitch: Add ad_member tests for wbinfo --domain-info and --dc-info
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 624960272e90449f2b948f43dc7b0bcc7a0f72b6
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Tue Jun 27 10:33:56 2017 +1200
tests py_credentials: Fix encrypt_netr_crypt_password test
The test uses NetrServerPasswordSet2 to change a password, this tests
the end to end encryption. The original call to NetrServerPasswordSet2
was not utf-16 encoding the new password. However the call to
netr_DsrEnumerateDomainTrusts was using cached credentials and not
using the new password, so this was not detected.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Thu Jun 29 06:50:32 CEST 2017 on sn-devel-144
-----------------------------------------------------------------------
Summary of changes:
python/samba/tests/py_credentials.py | 26 ++++++++++----------------
1 file changed, 10 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/py_credentials.py b/python/samba/tests/py_credentials.py
index b47cf9e..326438a 100644
--- a/python/samba/tests/py_credentials.py
+++ b/python/samba/tests/py_credentials.py
@@ -21,7 +21,7 @@ import os
import samba
from samba.auth import system_session
from samba.credentials import Credentials, CLI_CRED_NTLMv2_AUTH
-from samba.dcerpc import netlogon, ntlmssp
+from samba.dcerpc import netlogon, ntlmssp, srvsvc
from samba.dcerpc.netlogon import netr_Authenticator, netr_WorkstationInformation
from samba.dcerpc.misc import SEC_CHAN_WKSTA
from samba.dsdb import (
@@ -99,10 +99,12 @@ class PyCredentialsTests(TestCase):
# Change the password
self.do_Netr_ServerPasswordSet2()
# Now use the new password to perform an operation
- self.do_DsrEnumerateDomainTrusts()
+ srvsvc.srvsvc("ncacn_np:%s" % (self.server),
+ self.lp,
+ self.machine_creds)
- # Change the current machine account pazssword with a
+ # Change the current machine account password with a
# netr_ServerPasswordSet2 call.
def do_Netr_ServerPasswordSet2(self):
@@ -111,10 +113,12 @@ class PyCredentialsTests(TestCase):
PWD_LEN = 32
DATA_LEN = 512
newpass = samba.generate_random_password(PWD_LEN, PWD_LEN)
- filler = [ord(x) for x in os.urandom(DATA_LEN-PWD_LEN)]
+ encoded = newpass.encode('utf-16-le')
+ pwd_len = len(encoded)
+ filler = [ord(x) for x in os.urandom(DATA_LEN-pwd_len)]
pwd = netlogon.netr_CryptPassword()
- pwd.length = PWD_LEN
- pwd.data = filler + [ord(x) for x in newpass]
+ pwd.length = pwd_len
+ pwd.data = filler + [ord(x) for x in encoded]
self.machine_creds.encrypt_netr_crypt_password(pwd)
c.netr_ServerPasswordSet2(self.server,
self.machine_creds.get_workstation(),
@@ -126,16 +130,6 @@ class PyCredentialsTests(TestCase):
self.machine_pass = newpass
self.machine_creds.set_password(newpass)
- # Perform a DsrEnumerateDomainTrusts, this provides confirmation that
- # a netlogon connection has been correctly established
- def do_DsrEnumerateDomainTrusts(self):
- c = self.get_netlogon_connection()
- trusts = c.netr_DsrEnumerateDomainTrusts(
- self.server,
- netlogon.NETR_TRUST_FLAG_IN_FOREST |
- netlogon.NETR_TRUST_FLAG_OUTBOUND |
- netlogon.NETR_TRUST_FLAG_INBOUND)
-
# Establish sealed schannel netlogon connection over TCP/IP
#
def get_netlogon_connection(self):
--
Samba Shared Repository
More information about the samba-cvs
mailing list