Line data Source code
1 : /* 2 : Unix SMB/CIFS implementation. 3 : 4 : find security related memory leaks 5 : 6 : Copyright (C) Andrew Tridgell 2004 7 : 8 : This program is free software; you can redistribute it and/or modify 9 : it under the terms of the GNU General Public License as published by 10 : the Free Software Foundation; either version 3 of the License, or 11 : (at your option) any later version. 12 : 13 : This program is distributed in the hope that it will be useful, 14 : but WITHOUT ANY WARRANTY; without even the implied warranty of 15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 : GNU General Public License for more details. 17 : 18 : You should have received a copy of the GNU General Public License 19 : along with this program. If not, see <http://www.gnu.org/licenses/>. 20 : */ 21 : 22 : #include "includes.h" 23 : #include "libcli/raw/libcliraw.h" 24 : #include "libcli/raw/raw_proto.h" 25 : #include "libcli/libcli.h" 26 : #include "torture/util.h" 27 : #include "system/time.h" 28 : #include "libcli/smb_composite/smb_composite.h" 29 : #include "auth/credentials/credentials.h" 30 : #include "param/param.h" 31 : #include "torture/basic/proto.h" 32 : 33 1167 : static bool try_failed_login(struct torture_context *tctx, struct smbcli_state *cli) 34 : { 35 0 : NTSTATUS status; 36 0 : struct smb_composite_sesssetup setup; 37 0 : struct smbcli_session *session; 38 0 : struct smbcli_session_options options; 39 : 40 1167 : lpcfg_smbcli_session_options(tctx->lp_ctx, &options); 41 : 42 1167 : session = smbcli_session_init(cli->transport, cli, false, options); 43 1167 : setup.in.sesskey = cli->transport->negotiate.sesskey; 44 1167 : setup.in.capabilities = cli->transport->negotiate.capabilities; 45 1167 : setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx); 46 1167 : setup.in.credentials = cli_credentials_init(session); 47 1167 : setup.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx); 48 : 49 1167 : cli_credentials_set_conf(setup.in.credentials, tctx->lp_ctx); 50 1167 : cli_credentials_set_domain(setup.in.credentials, "INVALID-DOMAIN", CRED_SPECIFIED); 51 1167 : cli_credentials_set_username(setup.in.credentials, "INVALID-USERNAME", CRED_SPECIFIED); 52 1167 : cli_credentials_set_password(setup.in.credentials, "INVALID-PASSWORD", CRED_SPECIFIED); 53 : 54 1167 : status = smb_composite_sesssetup(session, &setup); 55 1167 : talloc_free(session); 56 1167 : if (NT_STATUS_IS_OK(status)) { 57 0 : printf("Allowed session setup with invalid credentials?!\n"); 58 0 : return false; 59 : } 60 : 61 1167 : return true; 62 : } 63 : 64 4 : bool torture_sec_leak(struct torture_context *tctx, struct smbcli_state *cli) 65 : { 66 4 : time_t t1 = time_mono(NULL); 67 4 : int timelimit = torture_setting_int(tctx, "timelimit", 20); 68 : 69 1171 : while (time_mono(NULL) < t1+timelimit) { 70 1167 : if (!try_failed_login(tctx, cli)) { 71 0 : return false; 72 : } 73 1167 : talloc_report(NULL, stdout); 74 : } 75 : 76 4 : return true; 77 : }