struct dcerpc_binding_handle *b = NULL;
enum ndr_err_code ndr_err;
DATA_BLOB payload, pac_wrapped;
+ enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
+ enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
+ NTSTATUS status;
if (!test_SetupCredentials2(p1, tctx, negotiate_flags,
server_creds, secure_channel_type,
torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), "ndr_push_struct_blob of PACValidate structure failed");
torture_assert(tctx, (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR), "not willing to even try a PACValidate without RC4 encryption");
- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_encrypt(creds, pac_wrapped.data, pac_wrapped.length);
- } else {
- netlogon_creds_arcfour_crypt(creds, pac_wrapped.data, pac_wrapped.length);
- }
generic.length = pac_wrapped.length;
generic.data = pac_wrapped.data;
r.out.authoritative = &authoritative;
r.out.return_authenticator = &return_authenticator;
+ dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
+ status = netlogon_creds_encrypt_samlogon_logon(creds,
+ r.in.logon_level,
+ r.in.logon,
+ auth_type,
+ auth_level);
+ torture_assert_ntstatus_ok(tctx, status, "encrypt_samlogon_logon");
+
torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
"LogonSamLogon failed");
torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), "ndr_push_struct_blob of PACValidate structure failed");
torture_assert(tctx, (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR), "not willing to even try a PACValidate without RC4 encryption");
- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_encrypt(creds, pac_wrapped.data, pac_wrapped.length);
- } else {
- netlogon_creds_arcfour_crypt(creds, pac_wrapped.data, pac_wrapped.length);
- }
generic.length = pac_wrapped.length;
generic.data = pac_wrapped.data;
r.in.computer_name = cli_credentials_get_workstation(server_creds);
r.in.validation_level = NetlogonValidationGenericInfo2;
+ dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
+ status = netlogon_creds_encrypt_samlogon_logon(creds,
+ r.in.logon_level,
+ r.in.logon,
+ auth_type,
+ auth_level);
+ torture_assert_ntstatus_ok(tctx, status, "encrypt_samlogon_logon");
+
torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
"LogonSamLogon failed");
torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), "ndr_push_struct_blob of PACValidate structure failed");
torture_assert(tctx, (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR), "not willing to even try a PACValidate without RC4 encryption");
- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_encrypt(creds, pac_wrapped.data, pac_wrapped.length);
- } else {
- netlogon_creds_arcfour_crypt(creds, pac_wrapped.data, pac_wrapped.length);
- }
generic.length = pac_wrapped.length;
generic.data = pac_wrapped.data;
r.in.computer_name = cli_credentials_get_workstation(server_creds);
r.in.validation_level = NetlogonValidationGenericInfo2;
+ dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
+ status = netlogon_creds_encrypt_samlogon_logon(creds,
+ r.in.logon_level,
+ r.in.logon,
+ auth_type,
+ auth_level);
+ torture_assert_ntstatus_ok(tctx, status, "encrypt_samlogon_logon");
+
torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
"LogonSamLogon failed");
union netr_Validation validation;
uint8_t authoritative = 1;
struct dcerpc_binding_handle *b = p->binding_handle;
+ enum dcerpc_AuthType auth_type;
+ enum dcerpc_AuthLevel auth_level;
+
+ dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
ZERO_STRUCT(a);
ZERO_STRUCT(r);
}
E_md4hash(plain_pass, pinfo.ntpassword.hash);
- if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
- netlogon_creds_arcfour_crypt(creds, pinfo.lmpassword.hash, 16);
- netlogon_creds_arcfour_crypt(creds, pinfo.ntpassword.hash, 16);
- } else {
- netlogon_creds_des_encrypt(creds, &pinfo.lmpassword);
- netlogon_creds_des_encrypt(creds, &pinfo.ntpassword);
- }
+ status = netlogon_creds_encrypt_samlogon_logon(creds,
+ r.in.logon_level,
+ r.in.logon,
+ auth_type,
+ auth_level);
+ torture_assert_ntstatus_ok_goto(tctx,
+ status,
+ ret, failed,
+ "netlogon_creds_encrypt_samlogon_logon");
torture_comment(tctx, "Testing netr_LogonSamLogonWithFlags '%s' (Interactive Logon)\n", comment);
struct netlogon_creds_CredentialState *creds;
struct netr_Authenticator a;
struct dcerpc_binding_handle *b = p->binding_handle;
+ enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
+ enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
torture_assert(tctx, (creds = cli_credentials_get_netlogon_creds(machine_credentials)), "");
}
E_md4hash(cli_credentials_get_password(test_credentials), pinfo.ntpassword.hash);
- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_encrypt(creds, pinfo.lmpassword.hash, 16);
- netlogon_creds_aes_encrypt(creds, pinfo.ntpassword.hash, 16);
- } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
- netlogon_creds_arcfour_crypt(creds, pinfo.lmpassword.hash, 16);
- netlogon_creds_arcfour_crypt(creds, pinfo.ntpassword.hash, 16);
- } else {
- netlogon_creds_des_encrypt(creds, &pinfo.lmpassword);
- netlogon_creds_des_encrypt(creds, &pinfo.ntpassword);
- }
-
pinfo.identity_info = identity;
logon.password = &pinfo;
r.in.validation_level = 6;
+ dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
+ status = netlogon_creds_encrypt_samlogon_logon(creds,
+ r.in.logon_level,
+ r.in.logon,
+ auth_type,
+ auth_level);
+ torture_assert_ntstatus_ok(tctx, status, "encrypt_samlogon_logon");
+
torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogonEx_r(b, tctx, &r),
"netr_LogonSamLogonEx failed");
if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_INVALID_INFO_CLASS)) {
projects / thirdparty / samba.git / commitdiff
