The Samba-Bugzilla – Attachment 7073 Details for
Bug 8591
samr_ChangePasswordUser3 IDL incorrect
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
v3-6-test.patch
v3-6-test.patch (text/plain), 4.85 KB, created by
Guenther Deschner
on 2011-11-09 13:00:36 UTC
(
hide
)
Description:
v3-6-test.patch
Filename:
MIME Type:
Creator:
Guenther Deschner
Created:
2011-11-09 13:00:36 UTC
Size:
4.85 KB
patch
obsolete
>From e7cd956b01664eadb0b7731badc6b60279dac47a Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Tue, 8 Nov 2011 15:58:34 +0100 >Subject: [PATCH 1/2] s4-smbtorture: demonstrate how broken our > samr_ChangePasswordUser3 marshalling is... > >Guenther >(cherry picked from commit bfe084bd8bbdfa0a0fa31521584f3bc142785fb8) >--- > source4/torture/ndr/samr.c | 32 ++++++++++++++++++++++++++++++++ > 1 files changed, 32 insertions(+), 0 deletions(-) > >diff --git a/source4/torture/ndr/samr.c b/source4/torture/ndr/samr.c >index 25b9d0a..803a209 100644 >--- a/source4/torture/ndr/samr.c >+++ b/source4/torture/ndr/samr.c >@@ -277,6 +277,32 @@ static const uint8_t samr_changepassworduser3_w2k_out_data[] = { > 0xbb, 0x00, 0x00, 0xc0 > }; > >+static const uint8_t samr_changepassworduser3_w2k8r2_out_data[] = { >+ 0x00, 0x00, 0x02, 0x00, 0x07, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, >+ 0x00, 0x80, 0xa6, 0x0a, 0xff, 0xde, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, >+ 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x02, 0x00, 0x05, 0x00, 0x00, 0x00, >+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6c, 0x00, 0x00, 0xc0 >+}; >+ >+static bool samr_changepassworduser3_w2k8r2_out_check(struct torture_context *tctx, >+ struct samr_ChangePasswordUser3 *r) >+{ >+ struct samr_DomInfo1 *dominfo = *r->out.dominfo; >+ struct userPwdChangeFailureInformation *reject = *r->out.reject; >+ >+ torture_assert_int_equal(tctx, dominfo->min_password_length, 7, "min_password_length"); >+ torture_assert_int_equal(tctx, dominfo->password_history_length, 0, "password_history_length"); >+ torture_assert_int_equal(tctx, dominfo->password_properties, DOMAIN_PASSWORD_COMPLEX, "password_properties"); >+ torture_assert_u64_equal(tctx, dominfo->max_password_age, 0xffffdeff0aa68000, "max_password_age"); >+ torture_assert_u64_equal(tctx, dominfo->min_password_age, 0x0000000000000000, "min_password_age"); >+ >+ torture_assert_int_equal(tctx, reject->extendedFailureReason, SAM_PWD_CHANGE_NOT_COMPLEX, "extendedFailureReason"); >+ >+ torture_assert_ntstatus_equal(tctx, r->out.result, NT_STATUS_PASSWORD_RESTRICTION, "result"); >+ >+ return true; >+} >+ > struct torture_suite *ndr_samr_suite(TALLOC_CTX *ctx) > { > struct torture_suite *suite = torture_suite_create(ctx, "samr"); >@@ -313,6 +339,12 @@ struct torture_suite *ndr_samr_suite(TALLOC_CTX *ctx) > /* Samba currently fails to parse a w2k reply */ > torture_suite_add_ndr_pull_fn_test(suite, samr_ChangePasswordUser3, samr_changepassworduser3_w2k_out_data, NDR_OUT, NULL); > #endif >+ torture_suite_add_ndr_pull_fn_test(suite, >+ samr_ChangePasswordUser3, >+ samr_changepassworduser3_w2k8r2_out_data, >+ NDR_OUT, >+ samr_changepassworduser3_w2k8r2_out_check); >+ > return suite; > } > >-- >1.7.6.4 > > >From dd5633b9b4a85ba87d6b2f987194f25e19c5f076 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Tue, 8 Nov 2011 16:00:10 +0100 >Subject: [PATCH 2/2] samr: filterModuleName is a lsa_String in > userPwdChangeFailureInformation. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >The entire marshalling of samr_ChangePasswordUser3 broke with c2685cdedb430ae75a94e86f34484292b4269363. > >Matthias, the bad effect of this change was that actually all failed password >change attempts will always return NT_STATUS_OK because the last 4 bytes (the >resulting status code) were not marshalled anymore. > >Guenther > >Autobuild-User: Günther Deschner <gd@samba.org> >Autobuild-Date: Wed Nov 9 00:41:13 CET 2011 on sn-devel-104 >(cherry picked from commit 8a18edf1c2d553105cfcadec4d892e4e5a0fdba1) >--- > librpc/idl/samr.idl | 2 +- > source4/torture/ndr/samr.c | 2 ++ > 2 files changed, 3 insertions(+), 1 deletions(-) > >diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl >index cafffc2..78afb81 100644 >--- a/librpc/idl/samr.idl >+++ b/librpc/idl/samr.idl >@@ -1455,7 +1455,7 @@ import "misc.idl", "lsa.idl", "security.idl"; > > typedef struct { > samPwdChangeReason extendedFailureReason; >- [string,charset(UTF16)] uint16 *filterModuleName; >+ lsa_String filterModuleName; > } userPwdChangeFailureInformation; > > [public] NTSTATUS samr_ChangePasswordUser3( >diff --git a/source4/torture/ndr/samr.c b/source4/torture/ndr/samr.c >index 803a209..c934931 100644 >--- a/source4/torture/ndr/samr.c >+++ b/source4/torture/ndr/samr.c >@@ -297,6 +297,8 @@ static bool samr_changepassworduser3_w2k8r2_out_check(struct torture_context *tc > torture_assert_u64_equal(tctx, dominfo->min_password_age, 0x0000000000000000, "min_password_age"); > > torture_assert_int_equal(tctx, reject->extendedFailureReason, SAM_PWD_CHANGE_NOT_COMPLEX, "extendedFailureReason"); >+ torture_assert_int_equal(tctx, reject->filterModuleName.length, 0, "filterModuleName.length"); >+ torture_assert_int_equal(tctx, reject->filterModuleName.size, 0, "filterModuleName.size"); > > torture_assert_ntstatus_equal(tctx, r->out.result, NT_STATUS_PASSWORD_RESTRICTION, "result"); > >-- >1.7.6.4 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=7073">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
metze
:
review+
Actions:
View
Attachments on
bug 8591
: 7073