CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of netlogon_creds_random_challenge()

author Stefan Metzmacher <metze@samba.org>

Wed, 16 Sep 2020 14:07:30 +0000 (16:07 +0200)

committer Stefan Metzmacher <metze@samba.org>

Fri, 18 Sep 2020 12:48:38 +0000 (12:48 +0000)
author Stefan Metzmacher <metze@samba.org>
Wed, 16 Sep 2020 14:07:30 +0000 (16:07 +0200)
committer Stefan Metzmacher <metze@samba.org>
Fri, 18 Sep 2020 12:48:38 +0000 (12:48 +0000)
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c

index c342b4e67e669a308ca73b43373e746e841ef75b..908ea08019c5efde01190bf899665af4db8782d4 100644 (file)
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -2872,7 +2872,7 @@ static bool check_pw_with_ServerAuthenticate3(struct dcerpc_pipe *p,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c

index c508ecacd50fb9f170f3e4b9982e48d8970a1f54..138e214a7628081748e35ff61d7f65dfba990949 100644 (file)
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -162,7 +162,7 @@ bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
@@ -231,7 +231,7 @@ bool test_SetupCredentials2ex(struct dcerpc_pipe *p, struct torture_context *tct
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
@@ -326,7 +326,7 @@ bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
@@ -398,7 +398,7 @@ bool test_SetupCredentialsDowngrade(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge failed");
@@ -1285,7 +1285,7 @@ static bool test_ServerReqChallengeGlobal(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1374,7 +1374,7 @@ static bool test_ServerReqChallengeReuseGlobal(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1463,7 +1463,7 @@ static bool test_ServerReqChallengeReuseGlobal2(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1553,7 +1553,7 @@ static bool test_ServerReqChallengeReuseGlobal3(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1645,8 +1645,7 @@ static bool test_ServerReqChallengeReuseGlobal4(struct torture_context *tctx,
         r.in.credentials = &credentials1_random;
         r.out.return_credentials = &credentials_discard;
  
-       generate_random_buffer(credentials1_random.data,
-                              sizeof(credentials1_random.data));
+       netlogon_creds_random_challenge(&credentials1_random);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1658,7 +1657,7 @@ static bool test_ServerReqChallengeReuseGlobal4(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1669,16 +1668,7 @@ static bool test_ServerReqChallengeReuseGlobal4(struct torture_context *tctx,
         r.in.credentials = &credentials1_random;
         r.out.return_credentials = &credentials_discard;
  
-       generate_random_buffer(credentials1_random.data,
-                              sizeof(credentials1_random.data));
-
-       r.in.server_name = NULL;
-       r.in.computer_name = "CHALTEST3";
-       r.in.credentials = &credentials1_random;
-       r.out.return_credentials = &credentials_discard;
-
-       generate_random_buffer(credentials1_random.data,
-                              sizeof(credentials1_random.data));
+       netlogon_creds_random_challenge(&credentials1_random);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b1, tctx, &r),
                 "ServerReqChallenge failed on b1");
@@ -1754,7 +1744,7 @@ static bool test_ServerReqChallengeReuse(struct torture_context *tctx,
         r.in.credentials = &credentials1;
         r.out.return_credentials = &credentials2;
  
-       generate_random_buffer(credentials1.data, sizeof(credentials1.data));
+       netlogon_creds_random_challenge(&credentials1);
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
                 "ServerReqChallenge");
author	Stefan Metzmacher <metze@samba.org>
	Wed, 16 Sep 2020 14:07:30 +0000 (16:07 +0200)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 18 Sep 2020 12:48:38 +0000 (12:48 +0000)
source4/torture/rpc/lsa.c		patch \| blob \| blame \| history
source4/torture/rpc/netlogon.c		patch \| blob \| blame \| history