[SCM] Samba Shared Repository - branch master updated

Garming Sam garming at samba.org
Thu Jun 29 04:51:03 UTC 2017


The branch, master has been updated
       via  6249602 tests py_credentials: Fix encrypt_netr_crypt_password test
      from  776ed55 nsswitch: Add ad_member tests for wbinfo --domain-info and --dc-info

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 624960272e90449f2b948f43dc7b0bcc7a0f72b6
Author: Gary Lockyer <gary at catalyst.net.nz>
Date:   Tue Jun 27 10:33:56 2017 +1200

    tests py_credentials: Fix encrypt_netr_crypt_password test
    
    The test uses NetrServerPasswordSet2 to change a password, this tests
    the end to end encryption.  The original call to NetrServerPasswordSet2
    was not utf-16 encoding the new password.  However the call to
    netr_DsrEnumerateDomainTrusts was using cached credentials and not
    using the new password, so this was not detected.
    
    Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
    Reviewed-by: Garming Sam <garming at catalyst.net.nz>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    
    Autobuild-User(master): Garming Sam <garming at samba.org>
    Autobuild-Date(master): Thu Jun 29 06:50:32 CEST 2017 on sn-devel-144

-----------------------------------------------------------------------

Summary of changes:
 python/samba/tests/py_credentials.py | 26 ++++++++++----------------
 1 file changed, 10 insertions(+), 16 deletions(-)


Changeset truncated at 500 lines:

diff --git a/python/samba/tests/py_credentials.py b/python/samba/tests/py_credentials.py
index b47cf9e..326438a 100644
--- a/python/samba/tests/py_credentials.py
+++ b/python/samba/tests/py_credentials.py
@@ -21,7 +21,7 @@ import os
 import samba
 from samba.auth import system_session
 from samba.credentials import Credentials, CLI_CRED_NTLMv2_AUTH
-from samba.dcerpc import netlogon, ntlmssp
+from samba.dcerpc import netlogon, ntlmssp, srvsvc
 from samba.dcerpc.netlogon import netr_Authenticator, netr_WorkstationInformation
 from samba.dcerpc.misc import SEC_CHAN_WKSTA
 from samba.dsdb import (
@@ -99,10 +99,12 @@ class PyCredentialsTests(TestCase):
         # Change the password
         self.do_Netr_ServerPasswordSet2()
         # Now use the new password to perform an operation
-        self.do_DsrEnumerateDomainTrusts()
+        srvsvc.srvsvc("ncacn_np:%s" % (self.server),
+                      self.lp,
+                      self.machine_creds)
 
 
-   # Change the current machine account pazssword with a
+   # Change the current machine account password with a
    # netr_ServerPasswordSet2 call.
 
     def do_Netr_ServerPasswordSet2(self):
@@ -111,10 +113,12 @@ class PyCredentialsTests(TestCase):
         PWD_LEN  = 32
         DATA_LEN = 512
         newpass = samba.generate_random_password(PWD_LEN, PWD_LEN)
-        filler  = [ord(x) for x in os.urandom(DATA_LEN-PWD_LEN)]
+        encoded = newpass.encode('utf-16-le')
+        pwd_len = len(encoded)
+        filler  = [ord(x) for x in os.urandom(DATA_LEN-pwd_len)]
         pwd = netlogon.netr_CryptPassword()
-        pwd.length = PWD_LEN
-        pwd.data = filler + [ord(x) for x in newpass]
+        pwd.length = pwd_len
+        pwd.data = filler + [ord(x) for x in encoded]
         self.machine_creds.encrypt_netr_crypt_password(pwd)
         c.netr_ServerPasswordSet2(self.server,
                                   self.machine_creds.get_workstation(),
@@ -126,16 +130,6 @@ class PyCredentialsTests(TestCase):
         self.machine_pass = newpass
         self.machine_creds.set_password(newpass)
 
-    # Perform a DsrEnumerateDomainTrusts, this provides confirmation that
-    # a netlogon connection has been correctly established
-    def do_DsrEnumerateDomainTrusts(self):
-        c = self.get_netlogon_connection()
-        trusts = c.netr_DsrEnumerateDomainTrusts(
-            self.server,
-            netlogon.NETR_TRUST_FLAG_IN_FOREST |
-            netlogon.NETR_TRUST_FLAG_OUTBOUND  |
-            netlogon.NETR_TRUST_FLAG_INBOUND)
-
     # Establish sealed schannel netlogon connection over TCP/IP
     #
     def get_netlogon_connection(self):


-- 
Samba Shared Repository



More information about the samba-cvs mailing list