Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : find security related memory leaks
5 :
6 : Copyright (C) Andrew Tridgell 2004
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include "includes.h"
23 : #include "libcli/raw/libcliraw.h"
24 : #include "libcli/raw/raw_proto.h"
25 : #include "libcli/libcli.h"
26 : #include "torture/util.h"
27 : #include "system/time.h"
28 : #include "libcli/smb_composite/smb_composite.h"
29 : #include "auth/credentials/credentials.h"
30 : #include "param/param.h"
31 : #include "torture/basic/proto.h"
32 :
33 0 : static bool try_failed_login(struct torture_context *tctx, struct smbcli_state *cli)
34 : {
35 : NTSTATUS status;
36 : struct smb_composite_sesssetup setup;
37 : struct smbcli_session *session;
38 : struct smbcli_session_options options;
39 :
40 0 : lpcfg_smbcli_session_options(tctx->lp_ctx, &options);
41 :
42 0 : session = smbcli_session_init(cli->transport, cli, false, options);
43 0 : setup.in.sesskey = cli->transport->negotiate.sesskey;
44 0 : setup.in.capabilities = cli->transport->negotiate.capabilities;
45 0 : setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
46 0 : setup.in.credentials = cli_credentials_init(session);
47 0 : setup.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx);
48 :
49 0 : cli_credentials_set_conf(setup.in.credentials, tctx->lp_ctx);
50 0 : cli_credentials_set_domain(setup.in.credentials, "INVALID-DOMAIN", CRED_SPECIFIED);
51 0 : cli_credentials_set_username(setup.in.credentials, "INVALID-USERNAME", CRED_SPECIFIED);
52 0 : cli_credentials_set_password(setup.in.credentials, "INVALID-PASSWORD", CRED_SPECIFIED);
53 :
54 0 : status = smb_composite_sesssetup(session, &setup);
55 0 : talloc_free(session);
56 0 : if (NT_STATUS_IS_OK(status)) {
57 0 : printf("Allowed session setup with invalid credentials?!\n");
58 0 : return false;
59 : }
60 :
61 0 : return true;
62 : }
63 :
64 0 : bool torture_sec_leak(struct torture_context *tctx, struct smbcli_state *cli)
65 : {
66 0 : time_t t1 = time_mono(NULL);
67 0 : int timelimit = torture_setting_int(tctx, "timelimit", 20);
68 :
69 0 : while (time_mono(NULL) < t1+timelimit) {
70 0 : if (!try_failed_login(tctx, cli)) {
71 0 : return false;
72 : }
73 0 : talloc_report(NULL, stdout);
74 : }
75 :
76 0 : return true;
77 : }
|
