From 2ea3a24dced0814100e352bbbca124011be73602 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 2 Aug 2013 10:08:54 +0200 Subject: [PATCH] s4:torture: avoid usage of dcerpc_schannel_creds() We use cli_credentials_get_netlogon_creds() which returns the same value. dcerpc_schannel_creds() is a layer violation. Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett --- source4/torture/rpc/samlogon.c | 5 ++--- source4/torture/rpc/samr.c | 6 +++--- source4/torture/rpc/samsync.c | 11 ++++------- source4/torture/rpc/schannel.c | 6 ++---- 4 files changed, 11 insertions(+), 17 deletions(-) diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c index 48610383050..886ff39aa76 100644 --- a/source4/torture/rpc/samlogon.c +++ b/source4/torture/rpc/samlogon.c @@ -29,7 +29,6 @@ #include "lib/cmdline/popt_common.h" #include "torture/rpc/torture_rpc.h" #include "auth/gensec/gensec.h" -#include "auth/gensec/schannel.h" #include "libcli/auth/libcli_auth.h" #include "param/param.h" @@ -1764,8 +1763,8 @@ bool torture_rpc_samlogon(struct torture_context *torture) torture_assert_ntstatus_ok_goto(torture, status, ret, failed, talloc_asprintf(torture, "RPC pipe connect as domain member failed: %s\n", nt_errstr(status))); - status = dcerpc_schannel_creds(p->conn->security_state.generic_state, mem_ctx, &creds); - if (!NT_STATUS_IS_OK(status)) { + creds = cli_credentials_get_netlogon_creds(machine_credentials); + if (creds == NULL) { ret = false; goto failed; } diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index a0a5f1a6863..a06529348e5 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -37,7 +37,6 @@ #include "torture/rpc/torture_rpc.h" #include "param/param.h" #include "auth/gensec/gensec.h" -#include "auth/gensec/schannel.h" #include "auth/gensec/gensec_proto.h" #include "../libcli/auth/schannel.h" @@ -2953,6 +2952,7 @@ static bool test_QueryUserInfo_pwdlastset(struct dcerpc_binding_handle *b, static bool test_SamLogon(struct torture_context *tctx, struct dcerpc_pipe *p, + struct cli_credentials *machine_credentials, struct cli_credentials *test_credentials, NTSTATUS expected_result, bool interactive) @@ -2972,7 +2972,7 @@ static bool test_SamLogon(struct torture_context *tctx, struct netr_Authenticator a; struct dcerpc_binding_handle *b = p->binding_handle; - torture_assert_ntstatus_ok(tctx, dcerpc_schannel_creds(p->conn->security_state.generic_state, tctx, &creds), ""); + torture_assert(tctx, (creds = cli_credentials_get_netlogon_creds(machine_credentials)), ""); if (lpcfg_client_lanman_auth(tctx->lp_ctx)) { flags |= CLI_CRED_LANMAN_AUTH; @@ -3099,7 +3099,7 @@ static bool test_SamLogon_with_creds(struct torture_context *tctx, torture_comment(tctx, "Testing samlogon (%s) as %s password: %s\n", interactive ? "interactive" : "network", acct_name, password); - if (!test_SamLogon(tctx, p, test_credentials, + if (!test_SamLogon(tctx, p, machine_creds, test_credentials, expected_samlogon_result, interactive)) { torture_warning(tctx, "new password did not work\n"); ret = false; diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c index 81027d0658d..15cab73f3d3 100644 --- a/source4/torture/rpc/samsync.c +++ b/source4/torture/rpc/samsync.c @@ -27,7 +27,6 @@ #include "system/time.h" #include "torture/rpc/torture_rpc.h" #include "auth/gensec/gensec.h" -#include "auth/gensec/schannel.h" #include "libcli/auth/libcli_auth.h" #include "libcli/samsync/samsync.h" #include "libcli/security/security.h" @@ -1720,9 +1719,8 @@ bool torture_rpc_samsync(struct torture_context *torture) } samsync_state->b = samsync_state->p->binding_handle; - status = dcerpc_schannel_creds(samsync_state->p->conn->security_state.generic_state, - samsync_state, &samsync_state->creds); - if (!NT_STATUS_IS_OK(status)) { + samsync_state->creds = cli_credentials_get_netlogon_creds(credentials); + if (samsync_state->creds == NULL) { ret = false; } @@ -1758,9 +1756,8 @@ bool torture_rpc_samsync(struct torture_context *torture) goto failed; } - status = dcerpc_schannel_creds(samsync_state->p_netlogon_wksta->conn->security_state.generic_state, - samsync_state, &samsync_state->creds_netlogon_wksta); - if (!NT_STATUS_IS_OK(status)) { + samsync_state->creds_netlogon_wksta = cli_credentials_get_netlogon_creds(credentials_wksta); + if (samsync_state->creds_netlogon_wksta == NULL) { torture_comment(torture, "Failed to obtail schanel creds!\n"); ret = false; } diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c index 8203749edbb..0098dcf648d 100644 --- a/source4/torture/rpc/schannel.c +++ b/source4/torture/rpc/schannel.c @@ -26,14 +26,12 @@ #include "auth/credentials/credentials.h" #include "torture/rpc/torture_rpc.h" #include "lib/cmdline/popt_common.h" -#include "auth/gensec/schannel.h" #include "../libcli/auth/schannel.h" #include "libcli/auth/libcli_auth.h" #include "libcli/security/security.h" #include "system/filesys.h" #include "param/param.h" #include "librpc/rpc/dcerpc_proto.h" -#include "auth/gensec/gensec.h" #include "libcli/composite/composite.h" #include "lib/events/events.h" @@ -413,8 +411,8 @@ static bool test_schannel(struct torture_context *tctx, torture_assert_ntstatus_ok(tctx, status, "bind auth"); - status = dcerpc_schannel_creds(p_netlogon->conn->security_state.generic_state, tctx, &creds); - torture_assert_ntstatus_ok(tctx, status, "schannel creds"); + creds = cli_credentials_get_netlogon_creds(credentials); + torture_assert(tctx, (creds != NULL), "schannel creds"); /* checks the capabilities */ torture_assert(tctx, test_netlogon_capabilities(p_netlogon, tctx, credentials, creds),