mirror of
https://github.com/samba-team/samba.git
synced 2025-01-08 21:18:16 +03:00
s4:torture: avoid usage of dcerpc_schannel_creds()
We use cli_credentials_get_netlogon_creds() which returns the same value. dcerpc_schannel_creds() is a layer violation. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Stefan Metzmacher
parent
c0144273af
commit
2ea3a24dce
@ -29,7 +29,6 @@
|
|||||||
#include "lib/cmdline/popt_common.h"
|
#include "lib/cmdline/popt_common.h"
|
||||||
#include "torture/rpc/torture_rpc.h"
|
#include "torture/rpc/torture_rpc.h"
|
||||||
#include "auth/gensec/gensec.h"
|
#include "auth/gensec/gensec.h"
|
||||||
#include "auth/gensec/schannel.h"
|
|
||||||
#include "libcli/auth/libcli_auth.h"
|
#include "libcli/auth/libcli_auth.h"
|
||||||
#include "param/param.h"
|
#include "param/param.h"
|
||||||
|
|
||||||
@ -1764,8 +1763,8 @@ bool torture_rpc_samlogon(struct torture_context *torture)
|
|||||||
torture_assert_ntstatus_ok_goto(torture, status, ret, failed,
|
torture_assert_ntstatus_ok_goto(torture, status, ret, failed,
|
||||||
talloc_asprintf(torture, "RPC pipe connect as domain member failed: %s\n", nt_errstr(status)));
|
talloc_asprintf(torture, "RPC pipe connect as domain member failed: %s\n", nt_errstr(status)));
|
||||||
|
|
||||||
status = dcerpc_schannel_creds(p->conn->security_state.generic_state, mem_ctx, &creds);
|
creds = cli_credentials_get_netlogon_creds(machine_credentials);
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
if (creds == NULL) {
|
||||||
ret = false;
|
ret = false;
|
||||||
goto failed;
|
goto failed;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -37,7 +37,6 @@
|
|||||||
#include "torture/rpc/torture_rpc.h"
|
#include "torture/rpc/torture_rpc.h"
|
||||||
#include "param/param.h"
|
#include "param/param.h"
|
||||||
#include "auth/gensec/gensec.h"
|
#include "auth/gensec/gensec.h"
|
||||||
#include "auth/gensec/schannel.h"
|
|
||||||
#include "auth/gensec/gensec_proto.h"
|
#include "auth/gensec/gensec_proto.h"
|
||||||
#include "../libcli/auth/schannel.h"
|
#include "../libcli/auth/schannel.h"
|
||||||
|
|
||||||
@ -2953,6 +2952,7 @@ static bool test_QueryUserInfo_pwdlastset(struct dcerpc_binding_handle *b,
|
|||||||
|
|
||||||
static bool test_SamLogon(struct torture_context *tctx,
|
static bool test_SamLogon(struct torture_context *tctx,
|
||||||
struct dcerpc_pipe *p,
|
struct dcerpc_pipe *p,
|
||||||
|
struct cli_credentials *machine_credentials,
|
||||||
struct cli_credentials *test_credentials,
|
struct cli_credentials *test_credentials,
|
||||||
NTSTATUS expected_result,
|
NTSTATUS expected_result,
|
||||||
bool interactive)
|
bool interactive)
|
||||||
@ -2972,7 +2972,7 @@ static bool test_SamLogon(struct torture_context *tctx,
|
|||||||
struct netr_Authenticator a;
|
struct netr_Authenticator a;
|
||||||
struct dcerpc_binding_handle *b = p->binding_handle;
|
struct dcerpc_binding_handle *b = p->binding_handle;
|
||||||
|
|
||||||
torture_assert_ntstatus_ok(tctx, dcerpc_schannel_creds(p->conn->security_state.generic_state, tctx, &creds), "");
|
torture_assert(tctx, (creds = cli_credentials_get_netlogon_creds(machine_credentials)), "");
|
||||||
|
|
||||||
if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
|
if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
|
||||||
flags |= CLI_CRED_LANMAN_AUTH;
|
flags |= CLI_CRED_LANMAN_AUTH;
|
||||||
@ -3099,7 +3099,7 @@ static bool test_SamLogon_with_creds(struct torture_context *tctx,
|
|||||||
torture_comment(tctx, "Testing samlogon (%s) as %s password: %s\n",
|
torture_comment(tctx, "Testing samlogon (%s) as %s password: %s\n",
|
||||||
interactive ? "interactive" : "network", acct_name, password);
|
interactive ? "interactive" : "network", acct_name, password);
|
||||||
|
|
||||||
if (!test_SamLogon(tctx, p, test_credentials,
|
if (!test_SamLogon(tctx, p, machine_creds, test_credentials,
|
||||||
expected_samlogon_result, interactive)) {
|
expected_samlogon_result, interactive)) {
|
||||||
torture_warning(tctx, "new password did not work\n");
|
torture_warning(tctx, "new password did not work\n");
|
||||||
ret = false;
|
ret = false;
|
||||||
|
|||||||
@ -27,7 +27,6 @@
|
|||||||
#include "system/time.h"
|
#include "system/time.h"
|
||||||
#include "torture/rpc/torture_rpc.h"
|
#include "torture/rpc/torture_rpc.h"
|
||||||
#include "auth/gensec/gensec.h"
|
#include "auth/gensec/gensec.h"
|
||||||
#include "auth/gensec/schannel.h"
|
|
||||||
#include "libcli/auth/libcli_auth.h"
|
#include "libcli/auth/libcli_auth.h"
|
||||||
#include "libcli/samsync/samsync.h"
|
#include "libcli/samsync/samsync.h"
|
||||||
#include "libcli/security/security.h"
|
#include "libcli/security/security.h"
|
||||||
@ -1720,9 +1719,8 @@ bool torture_rpc_samsync(struct torture_context *torture)
|
|||||||
}
|
}
|
||||||
samsync_state->b = samsync_state->p->binding_handle;
|
samsync_state->b = samsync_state->p->binding_handle;
|
||||||
|
|
||||||
status = dcerpc_schannel_creds(samsync_state->p->conn->security_state.generic_state,
|
samsync_state->creds = cli_credentials_get_netlogon_creds(credentials);
|
||||||
samsync_state, &samsync_state->creds);
|
if (samsync_state->creds == NULL) {
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
|
||||||
ret = false;
|
ret = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1758,9 +1756,8 @@ bool torture_rpc_samsync(struct torture_context *torture)
|
|||||||
goto failed;
|
goto failed;
|
||||||
}
|
}
|
||||||
|
|
||||||
status = dcerpc_schannel_creds(samsync_state->p_netlogon_wksta->conn->security_state.generic_state,
|
samsync_state->creds_netlogon_wksta = cli_credentials_get_netlogon_creds(credentials_wksta);
|
||||||
samsync_state, &samsync_state->creds_netlogon_wksta);
|
if (samsync_state->creds_netlogon_wksta == NULL) {
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
|
||||||
torture_comment(torture, "Failed to obtail schanel creds!\n");
|
torture_comment(torture, "Failed to obtail schanel creds!\n");
|
||||||
ret = false;
|
ret = false;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -26,14 +26,12 @@
|
|||||||
#include "auth/credentials/credentials.h"
|
#include "auth/credentials/credentials.h"
|
||||||
#include "torture/rpc/torture_rpc.h"
|
#include "torture/rpc/torture_rpc.h"
|
||||||
#include "lib/cmdline/popt_common.h"
|
#include "lib/cmdline/popt_common.h"
|
||||||
#include "auth/gensec/schannel.h"
|
|
||||||
#include "../libcli/auth/schannel.h"
|
#include "../libcli/auth/schannel.h"
|
||||||
#include "libcli/auth/libcli_auth.h"
|
#include "libcli/auth/libcli_auth.h"
|
||||||
#include "libcli/security/security.h"
|
#include "libcli/security/security.h"
|
||||||
#include "system/filesys.h"
|
#include "system/filesys.h"
|
||||||
#include "param/param.h"
|
#include "param/param.h"
|
||||||
#include "librpc/rpc/dcerpc_proto.h"
|
#include "librpc/rpc/dcerpc_proto.h"
|
||||||
#include "auth/gensec/gensec.h"
|
|
||||||
#include "libcli/composite/composite.h"
|
#include "libcli/composite/composite.h"
|
||||||
#include "lib/events/events.h"
|
#include "lib/events/events.h"
|
||||||
|
|
||||||
@ -413,8 +411,8 @@ static bool test_schannel(struct torture_context *tctx,
|
|||||||
|
|
||||||
torture_assert_ntstatus_ok(tctx, status, "bind auth");
|
torture_assert_ntstatus_ok(tctx, status, "bind auth");
|
||||||
|
|
||||||
status = dcerpc_schannel_creds(p_netlogon->conn->security_state.generic_state, tctx, &creds);
|
creds = cli_credentials_get_netlogon_creds(credentials);
|
||||||
torture_assert_ntstatus_ok(tctx, status, "schannel creds");
|
torture_assert(tctx, (creds != NULL), "schannel creds");
|
||||||
|
|
||||||
/* checks the capabilities */
|
/* checks the capabilities */
|
||||||
torture_assert(tctx, test_netlogon_capabilities(p_netlogon, tctx, credentials, creds),
|
torture_assert(tctx, test_netlogon_capabilities(p_netlogon, tctx, credentials, creds),
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user