From 6aec126566d01dd9ddbbd5488f73b61729094a52 Mon Sep 17 00:00:00 2001 From: =?utf8?q?G=C3=BCnther=20Deschner?= Date: Wed, 5 Dec 2012 18:06:54 +0100 Subject: [PATCH] s4-torture: validate owf password hash and negotiate AES in forest trust test. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Guenther Signed-off-by: Günther Deschner Reviewed-by: Stefan Metzmacher --- source4/torture/rpc/forest_trust.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/source4/torture/rpc/forest_trust.c b/source4/torture/rpc/forest_trust.c index f416054abc1..220828083a7 100644 --- a/source4/torture/rpc/forest_trust.c +++ b/source4/torture/rpc/forest_trust.c @@ -597,6 +597,7 @@ static bool test_validate_trust(struct torture_context *tctx, struct netr_GetForestTrustInformation fr; struct lsa_ForestTrustInformation *forest_trust_info; int i; + struct samr_Password nt_hash; status = dcerpc_parse_binding(tctx, binding, &b); torture_assert_ntstatus_ok(tctx, status, "Bad binding string"); @@ -630,7 +631,7 @@ static bool test_validate_trust(struct torture_context *tctx, return false; } - if (!test_SetupCredentials3(pipe, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, + if (!test_SetupCredentials3(pipe, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS | NETLOGON_NEG_SUPPORTS_AES, credentials, &creds)) { torture_comment(tctx, "test_SetupCredentials3 failed.\n"); return false; @@ -670,6 +671,16 @@ static bool test_validate_trust(struct torture_context *tctx, return false; } + E_md4hash(cli_credentials_get_password(credentials), nt_hash.hash); + + netlogon_creds_des_decrypt(creds, &new_owf_password); + + dump_data(1, new_owf_password.hash, 16); + dump_data(1, nt_hash.hash, 16); + + torture_assert_mem_equal(tctx, new_owf_password.hash, nt_hash.hash, 16, + "received unexpected owf password\n"); + netlogon_creds_client_authenticator(creds, &a); fr.in.server_name = talloc_asprintf(tctx, "\\\\%s", -- 2.11.4.GIT