s4:torture use common libcli/auth crypto code

diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index ee11ede83fdaa75f002ac3fbe32b560cb7d270b0..a67a06dcb67e9ad9164da0be376f551abf77abf8 100644 (file)
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -31,6 +31,7 @@
 #include "auth/gensec/schannel_proto.h"
 #include "auth/gensec/gensec.h"
 #include "libcli/auth/libcli_auth.h"
+#include "libcli/samsync/samsync.h"
 #include "libcli/security/security.h"
 #include "librpc/gen_ndr/ndr_netlogon.h"
 #include "librpc/gen_ndr/ndr_netlogon_c.h"
@@ -564,11 +565,9 @@ static bool samsync_handle_user(struct torture_context *tctx, TALLOC_CTX *mem_ct
        TEST_STRING_EQUAL(info->info21.profile_path, user->profile_path);
 
        if (user->lm_password_present) {
-               sam_rid_crypt(rid, user->lmpassword.hash, lm_hash.hash, 0);
                lm_hash_p = &lm_hash;
        }
        if (user->nt_password_present) {
-               sam_rid_crypt(rid, user->ntpassword.hash, nt_hash.hash, 0);
                nt_hash_p = &nt_hash;
        }
 
@@ -578,15 +577,12 @@ static bool samsync_handle_user(struct torture_context *tctx, TALLOC_CTX *mem_ct
                enum ndr_err_code ndr_err;
                data.data = user->user_private_info.SensitiveData;
                data.length = user->user_private_info.DataLength;
-               netlogon_creds_arcfour_crypt(samsync_state->creds, data.data, data.length);
                ndr_err = ndr_pull_struct_blob(&data, mem_ctx, lp_iconv_convenience(tctx->lp_ctx), &keys, (ndr_pull_flags_fn_t)ndr_pull_netr_USER_KEYS);
                if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
                        if (keys.keys.keys2.lmpassword.length == 16) {
-                               sam_rid_crypt(rid, keys.keys.keys2.lmpassword.pwd.hash, lm_hash.hash, 0);
                                lm_hash_p = &lm_hash;
                        }
                        if (keys.keys.keys2.ntpassword.length == 16) {
-                               sam_rid_crypt(rid, keys.keys.keys2.ntpassword.pwd.hash, nt_hash.hash, 0);
                                nt_hash_p = &nt_hash;
                        }
                } else {
@@ -843,12 +839,6 @@ static bool samsync_handle_secret(TALLOC_CTX *mem_ctx, struct samsync_state *sam
        DATA_BLOB lsa_blob1, lsa_blob_out, session_key;
        NTSTATUS status;
 
-       netlogon_creds_arcfour_crypt(samsync_state->creds, secret->current_cipher.cipher_data, 
-                           secret->current_cipher.maxlen); 
-
-       netlogon_creds_arcfour_crypt(samsync_state->creds, secret->old_cipher.cipher_data, 
-                           secret->old_cipher.maxlen); 
-
        nsec->name = talloc_reference(nsec, name);
        nsec->secret = data_blob_talloc(nsec, secret->current_cipher.cipher_data, secret->current_cipher.maxlen);
        nsec->mtime = secret->current_cipher_set_time;
@@ -1202,6 +1192,14 @@ static bool test_DatabaseSync(struct torture_context *tctx,
 
                        for (d=0; d < delta_enum_array->num_deltas; d++) {
                                delta_ctx = talloc_named(loop_ctx, 0, "DatabaseSync delta context");
+
+                               if (!NT_STATUS_IS_OK(samsync_fix_delta(delta_ctx, samsync_state->creds, 
+                                                                      r.in.database_id, 
+                                                                      &delta_enum_array->delta_enum[d]))) {
+                                       printf("Failed to decrypt delta\n");
+                                       ret = false;
+                               }
+
                                switch (delta_enum_array->delta_enum[d].delta_type) {
                                case NETR_DELTA_DOMAIN:
                                        if (!samsync_handle_domain(delta_ctx, samsync_state,