a Wa@sdZddlZddlZddlmZddlZddlmZm Z m Z ddl m Z m Z ddlmZddlmZddlmZdd lmZdd lmZmZdd lmZdd lmZdd lmZmZGdddejj j!Z"dS)z5 Tests auth logging tests that exercise SamLogon N)SamDB) CredentialsDONT_USE_KERBEROSCLI_CRED_NTLMv2_AUTH)ntlmsspnetlogon)AS_SYSTEM_MAGIC_PATH_TOKEN)ndr_pack)system_session) delete_force)UF_WORKSTATION_TRUST_ACCOUNTUF_PASSWD_NOTREQD)SEC_CHAN_WKSTA) text_typeEVT_ID_SUCCESSFUL_LOGONEVT_LOGON_NETWORKcs@eZdZfddZfddZddZddZd d ZZS) AuthLogTestsSamLogoncsttt|tj|_t|_t |j|jd|_ t j d|_ d|_d|_t|_|j |_d|j|jf|_dS)N)Z session_infolpZDOMAINZ SamLogonTestZ abcdefghijzcn=%s,cn=users,%s)superrsetUpsambatestsZ env_loadparmrr Zsessionrldbosenvirondomain netbios_name machinepassrZ remoteAddressZ domain_dnZbase_dn samlogon_dnself __class__?/usr/lib/python3/dist-packages/samba/tests/auth_log_samlogon.pyr/s    zAuthLogTestsSamLogon.setUpcs tt|t|j|jdS)N)rrtearDownr rrr r"r$r%r&?szAuthLogTestsSamLogon.tearDowncCsdd}|rd|}nd}td|jdd}|j|jdd|jttt B|d t }| | | t||j||jd td || |}d }t} d | _t} tj| _|j| _t} tj| _|j| _t} tj| _| | | g| _t| } |jt|| d}d}tj }t!j"j#}dd|D|_$t%|_&t'|d|j&_(dd|dD|j&_)t!j"j*|_+|,\}}||j+j-_.||j+j/_.|0|j+j1_.t!j"jj2}|3t4j5d|0||||}|\}}}|6||}||dS)NcSs\|ddkoZ|dddkoZ|dddkoZ|dddkoZ|dd tkoZ|dd tkS) NtypeZAuthenticationserviceDescriptionZSamLogonZauthDescriptionZnetworkZ passwordTypeZNTLMv2ZeventIdZ logonTyper)msgr$r$r%isLastExpectedMessageEs  zBAuthLogTestsSamLogon._test_samlogon..isLastExpectedMessagez [schannel,%s]z [schannel]"z utf-16-leZcomputerz%s$)ZdnZ objectclassZsAMAccountNameZuserAccountControlZ unicodePwd$z ncalrpc:%ssabcdefgh)flags challenge target_inforcSs"g|]}t|tr|nt|qSr$ isinstanceintord.0xr$r$r% sz7AuthLogTestsSamLogon._test_samlogon..Z nt_responsecSs"g|]}t|tr|nt|qSr$r1r5r$r$r%r8sZSERVER)7rrencoderaddrrstrr r rZguessZ get_loadparmZset_secure_channel_typerZ set_passwordZ set_usernamerrZ AV_PAIR_LISTcountZAV_PAIRZMsvAvNbDomainNameZAvIdrZValueZMsvAvNbComputerNameZMsvAvEOLZpairr Zget_ntlm_responserZ$NetlogonNetworkTransitiveInformationrZdcerpcZnetr_NetworkInfor/Znetr_ChallengeResponsentlenZlengthdataZnetr_IdentityInfoZ identity_infoZget_ntlm_username_domainZ domain_namestringZ account_nameZget_workstationZ workstationZNetlogonValidationSamInfo4Znetr_LogonSamLogonExrrZwaitForMessages)r!ZbindingcredsZ checkFunctionr*Zutf16pwZ machine_credsZ netlogon_connr/r0Z domainnameZ computernameZeolZtarget_info_blobZresponseZ netr_flagsZ logon_levelZlogonZusernamerZvalidation_levelresultZ validationZ authoritativeZnetr_flags_outmessagesr$r$r%_test_samlogonCs                z#AuthLogTestsSamLogon._test_samlogoncCs||}d}||t|d|d}|d|d|d|dd|d|dd |d |dd |||dd dS) Nz/Did not receive the expected number of messagesrZ Authorizationr'zDCE/RPCr(ZncalrpcZauthTypeZNONEZtransportProtectionZ sessionId)Zremove_netlogon_messagesZ assertEqualr>Z assertTrueZis_guid)r!rCZexpected_messagesr)r$r$r%samlogon_checks  z#AuthLogTestsSamLogon.samlogon_checkc Csb|j|td}z|d||jWn6ty\}z|dt|WYd}~n d}~00dS)N)templateZkerberos_stateZSEALzUnexpected exception: )Z insta_credsZget_credentialsrrDrF ExceptionZfailr;)r!rAer$r$r%test_ncalrpc_samlogons z*AuthLogTestsSamLogon.test_ncalrpc_samlogon) __name__ __module__ __qualname__rr&rDrFrJ __classcell__r$r$r"r%r-s   [r)#__doc__Z samba.testsrrZ samba.samdbrZsamba.tests.auth_log_baseZsamba.credentialsrrrZ samba.dcerpcrrZsamba.dcerpc.dcerpcrZ samba.ndrr Z samba.authr r Z samba.dsdbr r Zsamba.dcerpc.miscrZ samba.compatrZsamba.dcerpc.windows_event_idsrrrZ auth_log_baseZAuthLogTestBaserr$r$r$r%s