2021-11-17 13:46:04 +03:00
#!/bin/bash
# Blackbox tests rpcclient with schannel
# Copyright (c) 2021 Andreas Schneider <asn@samba.org>
if [ $# -lt 8 ] ; then
2022-04-22 16:46:05 +03:00
cat <<EOF
2021-11-17 13:46:04 +03:00
Usage: test_rpcclient_schannel.sh DOMAIN REALM USERNAME PASSWORD SERVER PREFIX CONFIGURATION TESTENV
EOF
2022-04-22 16:46:05 +03:00
exit 1
2021-11-17 13:46:04 +03:00
fi
DOMAIN = $1
REALM = $2
USERNAME = $3
PASSWORD = $4
SERVER = $5
PREFIX = $6
CONFIGURATION = $7
TESTENV = $8
shift 8
failed = 0
samba_subunit_dir = $( dirname " $0 " )
. " ${ samba_subunit_dir } /subunit.sh "
. " ${ samba_subunit_dir } /common_test_fns.inc "
samba_bindir = " ${ BINDIR } "
samba_rpcclient = " ${ samba_bindir } /rpcclient "
test_rpc_getusername( )
{
2022-04-22 16:46:05 +03:00
cmd = " $samba_rpcclient ncacn_np: ${ SERVER } [schannel] --machine-pass --configfile= ${ CONFIGURATION } -c getusername 2>&1 "
out = $( eval " $cmd " )
ret = $?
if [ $ret -ne 0 ] ; then
echo " Failed to connect! Error: $ret "
echo " $out "
return 1
fi
echo " $out " | grep -q "Account Name: ANONYMOUS LOGON, Authority Name: NT AUTHORITY"
ret = $?
if [ $ret -ne 0 ] ; then
echo " Incorrect account/authority name! Error: $ret "
echo " $out "
return 1
fi
return 0
2021-11-17 13:46:04 +03:00
}
test_rpc_lookupsids( )
{
2022-04-22 16:46:05 +03:00
cmd = " $samba_rpcclient ncacn_ip_tcp: ${ SERVER } [schannel] --machine-pass --configfile= ${ CONFIGURATION } -c 'lookupsids3 S-1-1-0' 2>&1 "
out = $( eval " $cmd " )
ret = $?
if [ $ret -ne 0 ] ; then
echo " Failed to connect! Error: $ret "
echo " $out "
return 1
fi
echo " $out " | grep -q "S-1-1-0 Everyone"
ret = $?
if [ $ret -ne 0 ] ; then
echo " Incorrect account/authority name! Error: $ret "
echo " $out "
return 1
fi
return 0
2021-11-17 13:46:04 +03:00
}
testit "ncacn_np.getusername" \
2022-04-22 16:46:05 +03:00
test_rpc_getusername ||
failed = $(( failed + 1 ))
2021-11-17 13:46:04 +03:00
if [ [ " $TESTENV " = = "ad_member_fips" * ] ] ; then
2022-04-22 16:46:05 +03:00
unset GNUTLS_FORCE_FIPS_MODE
2021-11-17 13:46:04 +03:00
2022-04-22 16:46:05 +03:00
testit "ncacn_np.getusername.fips" \
test_rpc_getusername ||
failed = $(( failed + 1 ))
2021-11-17 13:46:04 +03:00
2022-04-22 16:46:05 +03:00
GNUTLS_FORCE_FIPS_MODE = 1
export GNUTLS_FORCE_FIPS_MODE
2021-11-17 13:46:04 +03:00
fi
testit "ncacn_ip_tcp.lookupsids" \
2022-04-22 16:46:05 +03:00
test_rpc_lookupsids ||
failed = $(( failed + 1 ))
2021-11-17 13:46:04 +03:00
exit ${ failed }