root/source4/torture/basic/secleak.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. try_failed_login
  2. torture_sec_leak

   1 /* 
   2    Unix SMB/CIFS implementation.
   3 
   4    find security related memory leaks
   5 
   6    Copyright (C) Andrew Tridgell 2004
   7    
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12    
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17    
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21 
  22 #include "includes.h"
  23 #include "torture/torture.h"
  24 #include "libcli/raw/libcliraw.h"
  25 #include "libcli/raw/raw_proto.h"
  26 #include "libcli/libcli.h"
  27 #include "torture/util.h"
  28 #include "system/time.h"
  29 #include "libcli/smb_composite/smb_composite.h"
  30 #include "libcli/smb_composite/proto.h"
  31 #include "auth/credentials/credentials.h"
  32 #include "param/param.h"
  33 
  34 static bool try_failed_login(struct torture_context *tctx, struct smbcli_state *cli)
     /* [<][>][^][v][top][bottom][index][help] */
  35 {
  36         NTSTATUS status;
  37         struct smb_composite_sesssetup setup;
  38         struct smbcli_session *session;
  39         struct smbcli_session_options options;
  40 
  41         lp_smbcli_session_options(tctx->lp_ctx, &options);
  42 
  43         session = smbcli_session_init(cli->transport, cli, false, options);
  44         setup.in.sesskey = cli->transport->negotiate.sesskey;
  45         setup.in.capabilities = cli->transport->negotiate.capabilities;
  46         setup.in.workgroup = lp_workgroup(tctx->lp_ctx);
  47         setup.in.credentials = cli_credentials_init(session);
  48         setup.in.gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
  49 
  50         cli_credentials_set_conf(setup.in.credentials, tctx->lp_ctx);
  51         cli_credentials_set_domain(setup.in.credentials, "INVALID-DOMAIN", CRED_SPECIFIED);
  52         cli_credentials_set_username(setup.in.credentials, "INVALID-USERNAME", CRED_SPECIFIED);
  53         cli_credentials_set_password(setup.in.credentials, "INVALID-PASSWORD", CRED_SPECIFIED);
  54 
  55         status = smb_composite_sesssetup(session, &setup);
  56         talloc_free(session);
  57         if (NT_STATUS_IS_OK(status)) {
  58                 printf("Allowed session setup with invalid credentials?!\n");
  59                 return false;
  60         }
  61 
  62         return true;
  63 }
  64 
  65 bool torture_sec_leak(struct torture_context *tctx, struct smbcli_state *cli)
     /* [<][>][^][v][top][bottom][index][help] */
  66 {
  67         time_t t1 = time(NULL);
  68         int timelimit = torture_setting_int(tctx, "timelimit", 20);
  69 
  70         while (time(NULL) < t1+timelimit) {
  71                 if (!try_failed_login(tctx, cli)) {
  72                         return false;
  73                 }
  74                 talloc_report(NULL, stdout);
  75         }
  76 
  77         return true;
  78 }

/* [<][>][^][v][top][bottom][index][help] */