source4/torture/basic/secleak.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    find security related memory leaks
   5
   6    Copyright (C) Andrew Tridgell 2004
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 #include "includes.h"
  24 #include "torture/torture.h"
  25 #include "libcli/raw/libcliraw.h"
  26 #include "libcli/libcli.h"
  27 #include "system/time.h"
  28 #include "libcli/smb_composite/smb_composite.h"
  29
  30 static BOOL try_failed_login(struct smbcli_state *cli)
  31 {
  32         NTSTATUS status;
  33         struct smb_composite_sesssetup setup;
  34         struct smbcli_session *session;
  35
  36         session = smbcli_session_init(cli->transport, cli, False);
  37         setup.in.sesskey = cli->transport->negotiate.sesskey;
  38         setup.in.capabilities = cli->transport->negotiate.capabilities;
  39         setup.in.workgroup = lp_workgroup();
  40
  41         setup.in.credentials = cli_credentials_init(session);
  42         cli_credentials_set_conf(setup.in.credentials);
  43         cli_credentials_set_domain(setup.in.credentials, "INVALID-DOMAIN", CRED_SPECIFIED);
  44         cli_credentials_set_username(setup.in.credentials, "INVALID-USERNAME", CRED_SPECIFIED);
  45         cli_credentials_set_password(setup.in.credentials, "INVALID-PASSWORD", CRED_SPECIFIED);
  46
  47         status = smb_composite_sesssetup(session, &setup);
  48         talloc_free(session);
  49         if (NT_STATUS_IS_OK(status)) {
  50                 printf("Allowed session setup with invalid credentials?!\n");
  51                 return False;
  52         }
  53
  54         return True;
  55 }
  56
  57 BOOL torture_sec_leak(void)
  58 {
  59         struct smbcli_state *cli;
  60         time_t t1 = time(NULL);
  61         int timelimit = lp_parm_int(-1, "torture", "timelimit", 20);
  62
  63         if (!torture_open_connection(&cli)) {
  64                 return False;
  65         }
  66
  67         while (time(NULL) < t1+timelimit) {
  68                 if (!try_failed_login(cli)) {
  69                         return False;
  70                 }
  71                 talloc_report(NULL, stdout);
  72         }
  73
  74         return True;
  75 }