source4/torture/basic/secleak.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    find security related memory leaks
   5
   6    Copyright (C) Andrew Tridgell 2004
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 #include "includes.h"
  24 #include "torture/torture.h"
  25 #include "libcli/raw/libcliraw.h"
  26 #include "system/time.h"
  27 #include "libcli/smb_composite/smb_composite.h"
  28
  29 static BOOL try_failed_login(struct smbcli_state *cli)
  30 {
  31         NTSTATUS status;
  32         struct smb_composite_sesssetup setup;
  33         struct smbcli_session *session;
  34
  35         session = smbcli_session_init(cli->transport, cli, False);
  36         setup.in.sesskey = cli->transport->negotiate.sesskey;
  37         setup.in.capabilities = cli->transport->negotiate.capabilities;
  38         setup.in.workgroup = lp_workgroup();
  39
  40         setup.in.credentials = cli_credentials_init(session);
  41         cli_credentials_set_conf(setup.in.credentials);
  42         cli_credentials_set_domain(setup.in.credentials, "INVALID-DOMAIN", CRED_SPECIFIED);
  43         cli_credentials_set_username(setup.in.credentials, "INVALID-USERNAME", CRED_SPECIFIED);
  44         cli_credentials_set_password(setup.in.credentials, "INVALID-PASSWORD", CRED_SPECIFIED);
  45
  46         status = smb_composite_sesssetup(session, &setup);
  47         talloc_free(session);
  48         if (NT_STATUS_IS_OK(status)) {
  49                 printf("Allowed session setup with invalid credentials?!\n");
  50                 return False;
  51         }
  52
  53         return True;
  54 }
  55
  56 BOOL torture_sec_leak(void)
  57 {
  58         struct smbcli_state *cli;
  59         time_t t1 = time(NULL);
  60         int timelimit = lp_parm_int(-1, "torture", "timelimit", 20);
  61
  62         if (!torture_open_connection(&cli)) {
  63                 return False;
  64         }
  65
  66         while (time(NULL) < t1+timelimit) {
  67                 if (!try_failed_login(cli)) {
  68                         return False;
  69                 }
  70                 talloc_report(NULL, stdout);
  71         }
  72
  73         return True;
  74 }