66 lines
3.2 KiB
Diff
66 lines
3.2 KiB
Diff
|
From e38b75a50f79c1d1ea2d7d4489896ca5aa16d9d9 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Joseph Sutton <josephsutton@catalyst.net.nz>
|
||
|
|
Date: Tue, 14 Jun 2022 17:19:00 +1200
|
||
|
|
Subject: [PATCH 03/15] CVE-2022-32743 s4:torture/rpc: Fix tests to match
|
||
|
|
Windows
|
||
|
|
|
||
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14833
|
||
|
|
|
||
|
|
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
|
||
|
|
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
||
|
|
---
|
||
|
|
selftest/knownfail.d/netlogon-dns-host-name | 9 +++++++++
|
||
|
|
source4/torture/rpc/netlogon.c | 12 +++++++-----
|
||
|
|
2 files changed, 16 insertions(+), 5 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/selftest/knownfail.d/netlogon-dns-host-name b/selftest/knownfail.d/netlogon-dns-host-name
|
||
|
|
index 2d0a0ec..0164a7c 100644
|
||
|
|
--- a/selftest/knownfail.d/netlogon-dns-host-name
|
||
|
|
+++ b/selftest/knownfail.d/netlogon-dns-host-name
|
||
|
|
@@ -1,2 +1,11 @@
|
||
|
|
^samba.tests.py_credentials.samba.tests.py_credentials.PyCredentialsTests.test_set_dns_hostname_invalid_suffix\(
|
||
|
|
^samba.tests.py_credentials.samba.tests.py_credentials.PyCredentialsTests.test_set_dns_hostname_with_flag\(
|
||
|
|
+^samba4.rpc.netlogon on ncacn_ip_tcp with bigendian.netlogon.GetDomainInfo\(
|
||
|
|
+^samba4.rpc.netlogon on ncacn_ip_tcp with seal,padcheck.netlogon.GetDomainInfo\(
|
||
|
|
+^samba4.rpc.netlogon on ncacn_ip_tcp with validate.netlogon.GetDomainInfo\(
|
||
|
|
+^samba4.rpc.netlogon on ncacn_np with bigendian.netlogon.GetDomainInfo\(
|
||
|
|
+^samba4.rpc.netlogon on ncacn_np with seal,padcheck.netlogon.GetDomainInfo\(
|
||
|
|
+^samba4.rpc.netlogon on ncacn_np with validate.netlogon.GetDomainInfo\(
|
||
|
|
+^samba4.rpc.netlogon with bigendian.netlogon.GetDomainInfo\(
|
||
|
|
+^samba4.rpc.netlogon with seal,padcheck.netlogon.GetDomainInfo\(
|
||
|
|
+^samba4.rpc.netlogon with validate.netlogon.GetDomainInfo\(
|
||
|
|
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
|
||
|
|
index 11f950d..59d7feb 100644
|
||
|
|
--- a/source4/torture/rpc/netlogon.c
|
||
|
|
+++ b/source4/torture/rpc/netlogon.c
|
||
|
|
@@ -5251,9 +5251,9 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
|
||
|
|
torture_assert(tctx,
|
||
|
|
ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
|
||
|
|
"'operatingSystemServicePack' shouldn't stick!");
|
||
|
|
- torture_assert(tctx,
|
||
|
|
- ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
|
||
|
|
- "'operatingSystemVersion' shouldn't stick!");
|
||
|
|
+ torture_assert_str_equal(tctx,
|
||
|
|
+ ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL),
|
||
|
|
+ version_str, "'operatingSystemVersion' wrong!");
|
||
|
|
|
||
|
|
/* The DNS host name shouldn't have been updated by the server */
|
||
|
|
|
||
|
|
@@ -5387,9 +5387,11 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
|
||
|
|
|
||
|
|
torture_assert(tctx, odiT->domainname.string != NULL,
|
||
|
|
"trust_list domainname should be valid");
|
||
|
|
- if (texT->trust_type == LSA_TRUST_TYPE_DOWNLEVEL) {
|
||
|
|
+ if (texT->trust_type == LSA_TRUST_TYPE_DOWNLEVEL ||
|
||
|
|
+ texT->trust_type == LSA_TRUST_TYPE_MIT)
|
||
|
|
+ {
|
||
|
|
torture_assert(tctx, odiT->dns_domainname.string == NULL,
|
||
|
|
- "trust_list dns_domainname should be NULL for downlevel");
|
||
|
|
+ "trust_list dns_domainname should be NULL for downlevel or MIT");
|
||
|
|
} else {
|
||
|
|
torture_assert(tctx, odiT->dns_domainname.string != NULL,
|
||
|
|
"trust_list dns_domainname should be valid for uplevel");
|
||
|
|
--
|
||
|
|
1.8.3.1
|
||
|
|
|