struct policy_handle *handle,
char **password)
{
- int i, s = 0, q = 0, f = 0;
+ int i, s = 0, q = 0, f = 0, l = 0, z = 0;
bool ret = true;
int delay = 500000;
bool set_levels[] = { false, true };
bool query_levels[] = { false, true };
+ uint32_t levels[] = { 18, 21, 23, 24, 25, 26 };
+ uint32_t nonzeros[] = { 1, 24 };
uint32_t fields_present[] = {
0,
SAMR_FIELD_EXPIRED_FLAG,
SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_LAST_PWD_CHANGE | SAMR_FIELD_EXPIRED_FLAG
};
- struct {
- uint16_t level;
- uint8_t password_expired_nonzero;
- } pwd_tests[] = {
-
- /* level 21 */
- {
- .level = 21,
- .password_expired_nonzero = 1,
- },{
- .level = 21,
- .password_expired_nonzero = 24,
-
- /* level 23 */
- },{
- .level = 23,
- .password_expired_nonzero = 1,
- },{
- .level = 23,
- .password_expired_nonzero = 24,
- },{
-
- /* level 24 */
-
- .level = 24,
- .password_expired_nonzero = 1,
- },{
- .level = 24,
- .password_expired_nonzero = 24,
- },{
-
- /* level 25 */
-
- .level = 25,
- .password_expired_nonzero = 1,
- },{
- .level = 25,
- .password_expired_nonzero = 24
- },{
-
- /* level 26 */
-
- .level = 26,
- .password_expired_nonzero = 1,
- },{
- .level = 26,
- .password_expired_nonzero = 24,
- }
- };
-
if (torture_setting_bool(tctx, "samba3", false)) {
delay = 1000000;
printf("Samba3 has second granularity, setting delay to: %d\n",
#define TEST_SET_LEVELS 1
#define TEST_QUERY_LEVELS 1
#endif
- for (i=0; i<ARRAY_SIZE(pwd_tests); i++) {
+ for (l=0; l<ARRAY_SIZE(levels); l++) {
+ for (z=0; z<ARRAY_SIZE(nonzeros); z++) {
for (f=0; f<ARRAY_SIZE(fields_present); f++) {
#ifdef TEST_SET_LEVELS
for (s=0; s<ARRAY_SIZE(set_levels); s++) {
torture_comment(tctx, "------------------------------\n"
"Testing pwdLastSet attribute for flags: 0x%08x "
"(s: %d (l: %d), q: %d)\n",
- acct_flags, s, pwd_tests[i].level, q);
+ acct_flags, s, levels[l], q);
/* set #1 */
* setting the password expired flag to a non-0 value */
if (!test_SetPassword_level(p, tctx, handle,
- pwd_tests[i].level,
+ levels[l],
fields_present[f],
- pwd_tests[i].password_expired_nonzero,
+ nonzeros[z],
&matched_expected_error,
set_levels[s],
password,
/* pwdlastset must be 0 afterwards, except for a level 21, 23 and 25
* set without the SAMR_FIELD_EXPIRED_FLAG */
- switch (pwd_tests[i].level) {
+ switch (levels[l]) {
case 21:
case 23:
case 25:
break;
}
- switch (pwd_tests[i].level) {
+ switch (levels[l]) {
case 21:
case 23:
case 25:
* value), password_expired value used here is 0 */
if (!test_SetPassword_level(p, tctx, handle,
- pwd_tests[i].level,
+ levels[l],
fields_present[f],
0,
&matched_expected_error,
/* when a password has been changed, pwdlastset must not be 0 afterwards
* and must be larger then the old value */
- switch (pwd_tests[i].level) {
+ switch (levels[l]) {
case 21:
case 23:
case 25:
* password has been changed, old and new pwdlastset
* need to be the same value */
- if (!(pwd_tests[i].fields_present & SAMR_FIELD_EXPIRED_FLAG) &&
- !((pwd_tests[i].fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
- (pwd_tests[i].fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT)))
+ if (!(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG) &&
+ !((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
+ (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT)))
{
torture_assert_int_equal(tctx, pwdlastset_old,
pwdlastset_new, "pwdlastset must be equal");
}
}
- switch (pwd_tests[i].level) {
+ switch (levels[l]) {
case 21:
case 23:
case 25:
* value), password_expired value used here is 0 */
if (!test_SetPassword_level(p, tctx, handle,
- pwd_tests[i].level,
+ levels[l],
fields_present[f],
0,
&matched_expected_error,
/* when a password has been changed, pwdlastset must not be 0 afterwards
* and must be larger then the old value */
- switch (pwd_tests[i].level) {
+ switch (levels[l]) {
case 21:
case 23:
case 25:
* setting the password expired flag to a non-0 value */
if (!test_SetPassword_level(p, tctx, handle,
- pwd_tests[i].level,
+ levels[l],
fields_present[f],
- pwd_tests[i].password_expired_nonzero,
+ nonzeros[z],
&matched_expected_error,
set_levels[s],
password,
/* pwdlastset must be 0 afterwards, except for a level 21, 23 and 25
* set without the SAMR_FIELD_EXPIRED_FLAG */
- switch (pwd_tests[i].level) {
+ switch (levels[l]) {
case 21:
case 23:
case 25:
* password has been changed, old and new pwdlastset
* need to be the same value */
- if (!(pwd_tests[i].fields_present & SAMR_FIELD_EXPIRED_FLAG) &&
- !((pwd_tests[i].fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
- (pwd_tests[i].fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT)))
+ if (!(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG) &&
+ !((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
+ (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT)))
{
torture_assert_int_equal(tctx, pwdlastset_old,
pwdlastset_new, "pwdlastset must be equal");
break;
}
- switch (pwd_tests[i].level) {
+ switch (levels[l]) {
case 21:
case 23:
case 25:
break;
}
- switch (pwd_tests[i].level) {
+ /* if the level we are testing does not have a fields_present
+ * field, skip all fields present tests by setting f to to
+ * arraysize */
+ switch (levels[l]) {
+ case 18:
case 24:
case 26:
f = ARRAY_SIZE(fields_present);
#ifdef TEST_SET_LEVELS
}
#endif
- }
- }
+ } /* fields present */
+ } /* nonzeros */
+ } /* levels */
#undef TEST_SET_LEVELS
#undef TEST_QUERY_LEVELS