s4:torture/rpc: make use of netlogon_creds_decrypt_samlogon_validation()

author Stefan Metzmacher <metze@samba.org>

Mon, 28 Oct 2024 15:57:53 +0000 (16:57 +0100)

committer Jule Anger <janger@samba.org>

Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)
author Stefan Metzmacher <metze@samba.org>
Mon, 28 Oct 2024 15:57:53 +0000 (16:57 +0100)
committer Jule Anger <janger@samba.org>
Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)
diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c

index 42b6f5d52644a77940bbbf18df113d73d54d8916..cbd9e7ecac8d9d10aa31d897bbc1c9e9b7bb84e5 100644 (file)
--- a/source4/torture/rpc/schannel.c
+++ b/source4/torture/rpc/schannel.c
@@ -64,6 +64,7 @@ bool test_netlogon_ex_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
         struct netr_SamBaseInfo *base = NULL;
         const char *crypto_alg = "";
         bool can_do_validation_6 = true;
+       enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
         enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
  
         if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
@@ -137,7 +138,7 @@ bool test_netlogon_ex_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
                 }
         }
  
-       dcerpc_binding_handle_auth_info(b, NULL, &auth_level);
+       dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
                 r.in.validation_level = 6;
  
@@ -208,13 +209,12 @@ bool test_netlogon_ex_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
                 dump_data(1, base->key.key, 16);
                 dump_data(1, base->LMSessKey.key, 8);
  
-               if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
-                       netlogon_creds_aes_decrypt(creds, base->key.key, 16);
-                       netlogon_creds_aes_decrypt(creds, base->LMSessKey.key, 8);
-               } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
-                       netlogon_creds_arcfour_crypt(creds, base->key.key, 16);
-                       netlogon_creds_arcfour_crypt(creds, base->LMSessKey.key, 8);
-               }
+               status = netlogon_creds_decrypt_samlogon_validation(creds,
+                                                                   r.in.validation_level,
+                                                                   r.out.validation,
+                                                                   auth_type,
+                                                                   auth_level);
+               torture_assert_ntstatus_ok(tctx, status, "decrypt_samlogon_validation");
  
                 DEBUG(1,("decrypted keys validation_level %d\n",
                         validation_levels[i]));
@@ -277,6 +277,7 @@ static bool test_netlogon_ex_bug14932(struct dcerpc_pipe *p,
         struct netr_SamBaseInfo *base = NULL;
         const char *crypto_alg = "";
         bool can_do_validation_6 = true;
+       enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
         enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
  
         flags |= CLI_CRED_NTLMv2_AUTH;
@@ -342,7 +343,7 @@ static bool test_netlogon_ex_bug14932(struct dcerpc_pipe *p,
                 }
         }
  
-       dcerpc_binding_handle_auth_info(b, NULL, &auth_level);
+       dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
                 r.in.validation_level = 6;
  
@@ -413,13 +414,12 @@ static bool test_netlogon_ex_bug14932(struct dcerpc_pipe *p,
                 dump_data(1, base->key.key, 16);
                 dump_data(1, base->LMSessKey.key, 8);
  
-               if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
-                       netlogon_creds_aes_decrypt(creds, base->key.key, 16);
-                       netlogon_creds_aes_decrypt(creds, base->LMSessKey.key, 8);
-               } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
-                       netlogon_creds_arcfour_crypt(creds, base->key.key, 16);
-                       netlogon_creds_arcfour_crypt(creds, base->LMSessKey.key, 8);
-               }
+               status = netlogon_creds_decrypt_samlogon_validation(creds,
+                                                                   r.in.validation_level,
+                                                                   r.out.validation,
+                                                                   auth_type,
+                                                                   auth_level);
+               torture_assert_ntstatus_ok(tctx, status, "decrypt_samlogon_validation");
  
                 DEBUG(1,("decrypted keys validation_level %d\n",
                         validation_levels[i]));
author	Stefan Metzmacher <metze@samba.org>
	Mon, 28 Oct 2024 15:57:53 +0000 (16:57 +0100)
committer	Jule Anger <janger@samba.org>
	Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)