s4:torture/rpc/samr.c - test_SetPassword_LastSet - fix "pwdLastSet" test

- Remove superflous checks (on level 18, 24, 26 we do always have "pwdLastSet"
  resets if "password_expired" > 0)
- Fixed some bugs

Signed-off-by: Günther Deschner <gd@samba.org>

diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index acb033dc3ccd8758f6037b7ea0f535e736603886..c514ed618824d9bdafdbac4f58d1d0fe63cbffb1 100644 (file)
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -3177,7 +3177,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                            password,
                                            machine_credentials,
                                            query_levels[q],
-                                           &pwdlastset_old,
+                                           &pwdlastset_new,
                                            expected_samlogon_result)) {
                        ret = false;
                }
@@ -3202,6 +3202,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                        "been set\n");
                                break;
                        }
+                       break;
                default:
                        if (pwdlastset_new != 0) {
                                torture_warning(tctx, "pwdLastSet test failed: "
@@ -3224,15 +3225,10 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                ret = false;
                        }
                        break;
-               default:
-                       if ((pwdlastset_old > 0) && (pwdlastset_new > 0) &&
-                           (pwdlastset_old >= pwdlastset_new)) {
-                               torture_warning(tctx, "pwdlastset not increasing\n");
-                               ret = false;
-                       }
-                       break;
                }
 
+               pwdlastset_old = pwdlastset_new;
+
                usleep(delay);
 
                /* set #2 */
@@ -3262,7 +3258,6 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                case 21:
                case 23:
                case 25:
-
                        /* SAMR_FIELD_EXPIRED_FLAG has not been set and no
                         * password has been changed, old and new pwdlastset
                         * need to be the same value */
@@ -3275,6 +3270,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                        pwdlastset_new, "pwdlastset must be equal");
                                break;
                        }
+                       break;
                default:
                        if (pwdlastset_old >= pwdlastset_new) {
                                torture_warning(tctx, "pwdLastSet test failed: "
@@ -3288,6 +3284,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                        pwdlastset_new);
                                ret = false;
                        }
+                       break;
                }
 
                switch (levels[l]) {
@@ -3302,13 +3299,6 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                ret = false;
                        }
                        break;
-               default:
-                       if ((pwdlastset_old > 0) && (pwdlastset_new > 0) &&
-                           (pwdlastset_old >= pwdlastset_new)) {
-                               torture_warning(tctx, "pwdlastset not increasing\n");
-                               ret = false;
-                       }
-                       break;
                }
 
                pwdlastset_old = pwdlastset_new;
@@ -3343,16 +3333,19 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                case 23:
                case 25:
 
-                       /* if no password has been changed, old and new pwdlastset
+                       /* SAMR_FIELD_EXPIRED_FLAG has not been set and no
+                        * password has been changed, old and new pwdlastset
                         * need to be the same value */
 
-                       if (!((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
+                       if (!(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG) &&
+                           !((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
                              (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT)))
                        {
                                torture_assert_int_equal(tctx, pwdlastset_old,
                                        pwdlastset_new, "pwdlastset must be equal");
                                break;
                        }
+                       break;
                default:
                        if (pwdlastset_old >= pwdlastset_new) {
                                torture_warning(tctx, "pwdLastSet test failed: "
@@ -3366,8 +3359,27 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                        pwdlastset_new);
                                ret = false;
                        }
+                       break;
+               }
+
+               switch (levels[l]) {
+               case 21:
+               case 23:
+               case 25:
+                       if (((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
+                            (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT)) &&
+                            (pwdlastset_old > 0) && (pwdlastset_new > 0) &&
+                            (pwdlastset_old >= pwdlastset_new)) {
+                               torture_warning(tctx, "pwdlastset not increasing\n");
+                               ret = false;
+                       }
+                       break;
                }
 
+               pwdlastset_old = pwdlastset_new;
+
+               usleep(delay);
+
                /* set #3 */
 
                /* set a password and force password change (pwdlastset 0) by
@@ -3416,15 +3428,8 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                        pwdlastset_new, "pwdlastset must be equal");
                                break;
                        }
+                       break;
                default:
-
-                       if (pwdlastset_old == pwdlastset_new) {
-                               torture_warning(tctx, "pwdLastSet test failed: "
-                                       "expected last pwdlastset (%lld) != new pwdlastset (%lld)\n",
-                                       pwdlastset_old, pwdlastset_new);
-                               ret = false;
-                       }
-
                        if (pwdlastset_new != 0) {
                                torture_warning(tctx, "pwdLastSet test failed: "
                                        "expected pwdLastSet 0, got %lld\n",
@@ -3446,13 +3451,6 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                ret = false;
                        }
                        break;
-               default:
-                       if ((pwdlastset_old > 0) && (pwdlastset_new > 0) &&
-                           (pwdlastset_old >= pwdlastset_new)) {
-                               torture_warning(tctx, "pwdlastset not increasing\n");
-                               ret = false;
-                       }
-                       break;
                }
 
                /* if the level we are testing does not have a fields_present