LCOV - code coverage report
Current view: top level - source4/torture/basic - secleak.c (source / functions) Hit Total Coverage
Test: coverage report for support-claim-type-attributes 6b5c566e Lines: 23 30 76.7 %
Date: 2023-11-21 12:31:41 Functions: 2 2 100.0 %

          Line data    Source code
       1             : /* 
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    find security related memory leaks
       5             : 
       6             :    Copyright (C) Andrew Tridgell 2004
       7             :    
       8             :    This program is free software; you can redistribute it and/or modify
       9             :    it under the terms of the GNU General Public License as published by
      10             :    the Free Software Foundation; either version 3 of the License, or
      11             :    (at your option) any later version.
      12             :    
      13             :    This program is distributed in the hope that it will be useful,
      14             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :    GNU General Public License for more details.
      17             :    
      18             :    You should have received a copy of the GNU General Public License
      19             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      20             : */
      21             : 
      22             : #include "includes.h"
      23             : #include "libcli/raw/libcliraw.h"
      24             : #include "libcli/raw/raw_proto.h"
      25             : #include "libcli/libcli.h"
      26             : #include "torture/util.h"
      27             : #include "system/time.h"
      28             : #include "libcli/smb_composite/smb_composite.h"
      29             : #include "auth/credentials/credentials.h"
      30             : #include "param/param.h"
      31             : #include "torture/basic/proto.h"
      32             : 
      33        1167 : static bool try_failed_login(struct torture_context *tctx, struct smbcli_state *cli)
      34             : {
      35           0 :         NTSTATUS status;
      36           0 :         struct smb_composite_sesssetup setup;
      37           0 :         struct smbcli_session *session;
      38           0 :         struct smbcli_session_options options;
      39             : 
      40        1167 :         lpcfg_smbcli_session_options(tctx->lp_ctx, &options);
      41             : 
      42        1167 :         session = smbcli_session_init(cli->transport, cli, false, options);
      43        1167 :         setup.in.sesskey = cli->transport->negotiate.sesskey;
      44        1167 :         setup.in.capabilities = cli->transport->negotiate.capabilities;
      45        1167 :         setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
      46        1167 :         setup.in.credentials = cli_credentials_init(session);
      47        1167 :         setup.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx);
      48             : 
      49        1167 :         cli_credentials_set_conf(setup.in.credentials, tctx->lp_ctx);
      50        1167 :         cli_credentials_set_domain(setup.in.credentials, "INVALID-DOMAIN", CRED_SPECIFIED);
      51        1167 :         cli_credentials_set_username(setup.in.credentials, "INVALID-USERNAME", CRED_SPECIFIED);
      52        1167 :         cli_credentials_set_password(setup.in.credentials, "INVALID-PASSWORD", CRED_SPECIFIED);
      53             : 
      54        1167 :         status = smb_composite_sesssetup(session, &setup);
      55        1167 :         talloc_free(session);
      56        1167 :         if (NT_STATUS_IS_OK(status)) {
      57           0 :                 printf("Allowed session setup with invalid credentials?!\n");
      58           0 :                 return false;
      59             :         }
      60             : 
      61        1167 :         return true;
      62             : }
      63             : 
      64           4 : bool torture_sec_leak(struct torture_context *tctx, struct smbcli_state *cli)
      65             : {
      66           4 :         time_t t1 = time_mono(NULL);
      67           4 :         int timelimit = torture_setting_int(tctx, "timelimit", 20);
      68             : 
      69        1171 :         while (time_mono(NULL) < t1+timelimit) {
      70        1167 :                 if (!try_failed_login(tctx, cli)) {
      71           0 :                         return false;
      72             :                 }
      73        1167 :                 talloc_report(NULL, stdout);
      74             :         }
      75             : 
      76           4 :         return true;
      77             : }

Generated by: LCOV version 1.14