CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of netlogon_creds_random_challenge()

author Stefan Metzmacher <metze@samba.org>

Wed, 16 Sep 2020 14:07:30 +0000 (16:07 +0200)

committer Karolin Seeger <kseeger@samba.org>

Fri, 18 Sep 2020 10:58:23 +0000 (12:58 +0200)
author Stefan Metzmacher <metze@samba.org>
Wed, 16 Sep 2020 14:07:30 +0000 (16:07 +0200)
committer Karolin Seeger <kseeger@samba.org>
Fri, 18 Sep 2020 10:58:23 +0000 (12:58 +0200)
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c

index 21cc16afbafef78cce7076fd11f649530bd6866a..7bdc0cf679a37deb7ad434d1343b7e7adad13326 100644 (file)
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -2847,7 +2847,7 @@ static bool check_pw_with_ServerAuthenticate3(struct dcerpc_pipe *p,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c

index 026d86d50e4720fbbf49e436a6e1a819649674a9..e11014922f80ca09f7a9fba915156e2e8cdef359 100644 (file)
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -160,7 +160,7 @@ bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
@@ -229,7 +229,7 @@ bool test_SetupCredentials2ex(struct dcerpc_pipe *p, struct torture_context *tct
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
@@ -318,7 +318,7 @@ bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
@@ -390,7 +390,7 @@ bool test_SetupCredentialsDowngrade(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
@@ -1278,7 +1278,7 @@ static bool test_ServerReqChallengeGlobal(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1367,7 +1367,7 @@ static bool test_ServerReqChallengeReuseGlobal(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1456,7 +1456,7 @@ static bool test_ServerReqChallengeReuseGlobal2(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1546,7 +1546,7 @@ static bool test_ServerReqChallengeReuseGlobal3(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1638,8 +1638,7 @@ static bool test_ServerReqChallengeReuseGlobal4(struct torture_context *tctx,
         r.in.credentials = &credentials1_random;
         r.out.return_credentials = &credentials_discard;
  
-       generate_random_buffer(credentials1_random.data,
-                              sizeof(credentials1_random.data));
+       netlogon_creds_random_challenge(&credentials1_random);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1651,7 +1650,7 @@ static bool test_ServerReqChallengeReuseGlobal4(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1662,16 +1661,7 @@ static bool test_ServerReqChallengeReuseGlobal4(struct torture_context *tctx,
         r.in.credentials = &credentials1_random;
         r.out.return_credentials = &credentials_discard;
  
-       generate_random_buffer(credentials1_random.data,
-                              sizeof(credentials1_random.data));
-
-       r.in.server_name = NULL;
-       r.in.computer_name = "CHALTEST3";
-       r.in.credentials = &credentials1_random;
-       r.out.return_credentials = &credentials_discard;
-
-       generate_random_buffer(credentials1_random.data,
-                              sizeof(credentials1_random.data));
+       netlogon_creds_random_challenge(&credentials1_random);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1747,7 +1737,7 @@ static bool test_ServerReqChallengeReuse(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge");
author	Stefan Metzmacher <metze@samba.org>
	Wed, 16 Sep 2020 14:07:30 +0000 (16:07 +0200)
committer	Karolin Seeger <kseeger@samba.org>
	Fri, 18 Sep 2020 10:58:23 +0000 (12:58 +0200)
source4/torture/rpc/lsa.c		patch \| blob \| blame \| history
source4/torture/rpc/netlogon.c		patch \| blob \| blame \| history