#include "../lib/crypto/crypto.h"
#include "lib/cmdline/popt_common.h"
#include "torture/rpc/rpc.h"
-#include "auth/gensec/schannel_proto.h"
+#include "../libcli/auth/schannel.h"
#include "auth/gensec/gensec.h"
#include "libcli/auth/libcli_auth.h"
#include "param/param.h"
struct netr_LogonSamLogonEx r_ex;
struct netr_LogonSamLogonWithFlags r_flags;
struct netr_Authenticator auth, auth2;
- struct creds_CredentialState *creds;
+ struct netlogon_creds_CredentialState *creds;
NTSTATUS expected_error;
bool old_password; /* Allow an old password to be accepted or rejected without error, as well as session key bugs */
DATA_BLOB chall;
switch (samlogon_state->function_level) {
case NDR_NETR_LOGONSAMLOGON:
ZERO_STRUCT(samlogon_state->auth2);
- creds_client_authenticator(samlogon_state->creds, &samlogon_state->auth);
+ netlogon_creds_client_authenticator(samlogon_state->creds, &samlogon_state->auth);
r->out.return_authenticator = NULL;
status = dcerpc_netr_LogonSamLogon(samlogon_state->p, samlogon_state->mem_ctx, r);
if (!r->out.return_authenticator ||
- !creds_client_check(samlogon_state->creds, &r->out.return_authenticator->cred)) {
+ !netlogon_creds_client_check(samlogon_state->creds, &r->out.return_authenticator->cred)) {
d_printf("Credential chaining failed\n");
}
if (!NT_STATUS_IS_OK(status)) {
validation_level = r->in.validation_level;
- creds_decrypt_samlogon(samlogon_state->creds, validation_level, r->out.validation);
+ netlogon_creds_decrypt_samlogon(samlogon_state->creds, validation_level, r->out.validation);
switch (validation_level) {
case 2:
validation_level = r_ex->in.validation_level;
- creds_decrypt_samlogon(samlogon_state->creds, validation_level, r_ex->out.validation);
+ netlogon_creds_decrypt_samlogon(samlogon_state->creds, validation_level, r_ex->out.validation);
switch (validation_level) {
case 2:
break;
case NDR_NETR_LOGONSAMLOGONWITHFLAGS:
ZERO_STRUCT(samlogon_state->auth2);
- creds_client_authenticator(samlogon_state->creds, &samlogon_state->auth);
+ netlogon_creds_client_authenticator(samlogon_state->creds, &samlogon_state->auth);
r_flags->out.return_authenticator = NULL;
status = dcerpc_netr_LogonSamLogonWithFlags(samlogon_state->p, samlogon_state->mem_ctx, r_flags);
if (!r_flags->out.return_authenticator ||
- !creds_client_check(samlogon_state->creds, &r_flags->out.return_authenticator->cred)) {
+ !netlogon_creds_client_check(samlogon_state->creds, &r_flags->out.return_authenticator->cred)) {
d_printf("Credential chaining failed\n");
}
if (!NT_STATUS_IS_OK(status)) {
validation_level = r_flags->in.validation_level;
- creds_decrypt_samlogon(samlogon_state->creds, validation_level, r_flags->out.validation);
+ netlogon_creds_decrypt_samlogon(samlogon_state->creds, validation_level, r_flags->out.validation);
switch (validation_level) {
case 2:
DATA_BLOB lm_response = data_blob(NULL, 0);
char *password;
char *dospw;
- void *unicodepw;
+ smb_ucs2_t *unicodepw;
uint8_t user_session_key[16];
uint8_t lm_key[16];
ZERO_STRUCT(user_session_key);
- if ((push_ucs2_talloc(samlogon_state->mem_ctx,
- &unicodepw, samlogon_state->password)) == -1) {
+ if (!push_ucs2_talloc(samlogon_state->mem_ctx,
+ &unicodepw, samlogon_state->password, NULL)) {
DEBUG(0, ("push_ucs2_allocate failed!\n"));
exit(1);
}
password = strupper_talloc(samlogon_state->mem_ctx, samlogon_state->password);
- if ((convert_string_talloc_convenience(samlogon_state->mem_ctx,
+ if (!convert_string_talloc_convenience(samlogon_state->mem_ctx,
samlogon_state->iconv_convenience,
CH_UNIX, CH_DOS,
password, strlen(password)+1,
- (void**)&dospw)) == -1) {
+ (void**)&dospw, NULL, false)) {
DEBUG(0, ("convert_string_talloc failed!\n"));
exit(1);
}
*/
static bool test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct torture_context *tctx,
- struct creds_CredentialState *creds,
+ struct netlogon_creds_CredentialState *creds,
const char *comment,
const char *account_domain, const char *account_name,
const char *plain_pass, uint32_t parameter_control,
test an ADS style interactive domain logon
*/
bool test_InteractiveLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct creds_CredentialState *creds,
+ struct netlogon_creds_CredentialState *creds,
const char *comment,
const char *workstation_name,
const char *account_domain, const char *account_name,
ZERO_STRUCT(logon);
ZERO_STRUCT(validation);
- creds_client_authenticator(creds, &a);
+ netlogon_creds_client_authenticator(creds, &a);
logon.password = &pinfo;
E_md4hash(plain_pass, pinfo.ntpassword.hash);
if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
- creds_arcfour_crypt(creds, pinfo.lmpassword.hash, 16);
- creds_arcfour_crypt(creds, pinfo.ntpassword.hash, 16);
+ netlogon_creds_arcfour_crypt(creds, pinfo.lmpassword.hash, 16);
+ netlogon_creds_arcfour_crypt(creds, pinfo.ntpassword.hash, 16);
} else {
- creds_des_encrypt(creds, &pinfo.lmpassword);
- creds_des_encrypt(creds, &pinfo.ntpassword);
+ netlogon_creds_des_encrypt(creds, &pinfo.lmpassword);
+ netlogon_creds_des_encrypt(creds, &pinfo.ntpassword);
}
d_printf("Testing netr_LogonSamLogonWithFlags '%s' (Interactive Logon)\n", comment);
status = dcerpc_netr_LogonSamLogonWithFlags(p, fn_ctx, &r);
if (!r.out.return_authenticator
- || !creds_client_check(creds, &r.out.return_authenticator->cred)) {
+ || !netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
d_printf("Credential chaining failed\n");
talloc_free(fn_ctx);
return false;
0 /* yes, this is a valid flag, causes the use of DES */
};
- struct creds_CredentialState *creds;
+ struct netlogon_creds_CredentialState *creds;
test_machine_account = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
/* We only need to join as a workstation here, and in future,