CVE-2022-38023 s4:torture: use NETLOGON_NEG_SUPPORTS_AES by default

[samba.git] / source4 / torture / rpc / lsa.c

diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index d430ee57108122be12fd2754de723606e28c1929..d22546862d5ba3c25aee261ce1658e6be89726c9 100644 (file)
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -4408,7 +4408,7 @@ static bool check_dom_trust_pw(struct dcerpc_pipe *p,
        torture_assert_ntstatus_ok(tctx, status, "dcerpc_pipe_connect_b");
 
        ok = check_pw_with_ServerAuthenticate3(p1, tctx,
-                                              NETLOGON_NEG_AUTH2_ADS_FLAGS,
+                                              NETLOGON_NEG_AUTH2_ADS_FLAGS | NETLOGON_NEG_SUPPORTS_AES,
                                               server_name,
                                               incoming_creds, &creds);
        torture_assert_int_equal(tctx, ok, expected_result,
@@ -4505,7 +4505,7 @@ static bool check_dom_trust_pw(struct dcerpc_pipe *p,
        torture_assert_ntstatus_ok(tctx, status, "dcerpc_pipe_connect_b");
 
        ok = check_pw_with_ServerAuthenticate3(p2, tctx,
-                                              NETLOGON_NEG_AUTH2_ADS_FLAGS,
+                                              NETLOGON_NEG_AUTH2_ADS_FLAGS | NETLOGON_NEG_SUPPORTS_AES,
                                               server_name,
                                               incoming_creds, &creds);
        torture_assert(tctx, ok, "check_pw_with_ServerAuthenticate3 with changed password");