r21697: Try to cover the 'bad session key' codepaths too.

author Andrew Bartlett <abartlet@samba.org>

Mon, 5 Mar 2007 09:54:37 +0000 (09:54 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 19:49:14 +0000 (14:49 -0500)
author Andrew Bartlett <abartlet@samba.org>
Mon, 5 Mar 2007 09:54:37 +0000 (09:54 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 19:49:14 +0000 (14:49 -0500)
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c

index 28dd03e803c4d4cb0c1c0902b830f4a3143a0b25..e76599b3e4331e12e8cf20b607701cff694832ff 100644 (file)
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -580,6 +580,28 @@ static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
                 *password = newpass;
         }
  
+       encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE);
+
+       status = dcerpc_fetch_session_key(p, &session_key);
+       if (!NT_STATUS_IS_OK(status)) {
+               printf("SetUserInfo level %u - no session key - %s\n",
+                      s.in.level, nt_errstr(status));
+               return False;
+       }
+
+       /* This should break the key nicely */
+       session_key.length--;
+       arcfour_crypt_blob(u.info23.password.data, 516, &session_key);
+
+       printf("Testing SetUserInfo level 23 (set password) with wrong password\n");
+
+       status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+       if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+               printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+                      s.in.level, nt_errstr(status));
+               ret = False;
+       }
+
         return ret;
  }
  
@@ -641,6 +663,23 @@ static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
                 *password = newpass;
         }
  
+       /* This should break the key nicely */
+       confounded_session_key.data[0]++;
+
+       arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
+       memcpy(&u.info26.password.data[516], confounder, 16);
+
+       printf("Testing SetUserInfo level 26 (set password ex) with wrong session key\n");
+
+       status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+       if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+               printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+                      s.in.level, nt_errstr(status));
+               ret = False;
+       } else {
+               *password = newpass;
+       }
+
         return ret;
  }
  
@@ -705,6 +744,21 @@ static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
                 *password = newpass;
         }
  
+       /* This should break the key nicely */
+       confounded_session_key.data[0]++;
+
+       arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key);
+       memcpy(&u.info25.password.data[516], confounder, 16);
+
+       printf("Testing SetUserInfo level 25 (set password ex) with wrong session key\n");
+
+       status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
+       if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+               printf("SetUserInfo level %u should have failed with WRONG_PASSWORD- %s\n",
+                      s.in.level, nt_errstr(status));
+               ret = False;
+       }
+
         return ret;
  }
author	Andrew Bartlett <abartlet@samba.org>
	Mon, 5 Mar 2007 09:54:37 +0000 (09:54 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 19:49:14 +0000 (14:49 -0500)