2010-09-30 16:55:04 +04:00
#!/usr/bin/python
# This script generates a list of testsuites that should be run as part of
# the Samba 4 test suite.
# The output of this script is parsed by selftest.pl, which then decides
# which of the tests to actually run. It will, for example, skip all tests
# listed in selftest/skip or only run a subset during "make quicktest".
# The idea is that this script outputs all of the tests of Samba 4, not
# just those that are known to pass, and list those that should be skipped
# or are known to fail in selftest/skip or selftest/knownfail. This makes it
# very easy to see what functionality is still missing in Samba 4 and makes
# it possible to run the testsuite against other servers, such as Samba 3 or
# Windows that have a different set of features.
# The syntax for a testsuite is "-- TEST --" on a single line, followed
# by the name of the test, the environment it needs and the command to run, all
# three separated by newlines. All other lines in the output are considered
# comments.
2018-07-30 09:21:38 +03:00
import os
import sys
2011-02-21 03:16:03 +03:00
sys . path . insert ( 0 , os . path . join ( os . path . dirname ( __file__ ) , " ../../selftest " ) )
2012-10-27 01:38:32 +04:00
import selftesthelpers
2018-10-11 06:52:28 +03:00
from selftesthelpers import bindir , srcdir , binpath , python
from selftesthelpers import configuration , plantestsuite
from selftesthelpers import planpythontestsuite , planperltestsuite
2019-02-15 06:31:32 +03:00
from selftesthelpers import plantestsuite_loadlist
2018-10-11 06:52:28 +03:00
from selftesthelpers import skiptestsuite , source4dir , valgrindify
from selftesthelpers import smbtorture4_options , smbtorture4_testsuites
2023-11-09 00:55:24 +03:00
from selftesthelpers import smbtorture4 , samba3srcdir
2018-10-11 06:52:28 +03:00
2010-09-30 16:55:04 +04:00
2018-03-09 17:02:52 +03:00
print ( " OPTIONS %s " % " " . join ( smbtorture4_options ) , file = sys . stderr )
2012-10-27 01:38:32 +04:00
2018-07-30 09:20:39 +03:00
2023-02-23 05:53:58 +03:00
def plansmbtorture4testsuite ( name , env , options , modname = None , environ = None ) :
if environ is None :
environ = { }
2021-07-28 12:57:02 +03:00
return selftesthelpers . plansmbtorture4testsuite ( name ,
env ,
options ,
target = ' samba4 ' ,
modname = modname ,
environ = environ )
2012-10-27 01:38:32 +04:00
2018-07-30 09:21:29 +03:00
2011-02-21 03:16:03 +03:00
samba4srcdir = source4dir ( )
2019-04-12 15:21:29 +03:00
DSDB_PYTEST_DIR = os . path . join ( samba4srcdir , " dsdb/tests/python/ " )
2023-11-08 05:07:41 +03:00
subunitrun = valgrindify ( python ) + " " + os . path . join ( samba4srcdir , " scripting/bin/subunitrun " )
def planoldpythontestsuite ( env , module , name = None , extra_path = None , environ = None , extra_args = None ) :
if extra_path is None :
extra_path = [ ]
if environ is None :
environ = { }
if extra_args is None :
extra_args = [ ]
environ = dict ( environ )
py_path = list ( extra_path )
if py_path :
environ [ " PYTHONPATH " ] = " : " . join ( [ " $PYTHONPATH " ] + py_path )
args = [ " %s = %s " % item for item in environ . items ( ) ]
args + = [ subunitrun , " $LISTOPT " , " $LOADLIST " , module ]
args + = extra_args
if name is None :
name = module
plantestsuite_loadlist ( name , env , args )
2019-04-12 15:21:29 +03:00
2011-02-21 03:16:03 +03:00
samba4bindir = bindir ( )
2010-09-30 16:55:04 +04:00
validate = os . getenv ( " VALIDATE " , " " )
2010-09-30 20:23:20 +04:00
if validate :
validate_list = [ validate ]
else :
validate_list = [ ]
2011-02-21 03:16:03 +03:00
2012-10-27 01:52:55 +04:00
nmblookup4 = binpath ( ' nmblookup4 ' )
smbclient4 = binpath ( ' smbclient4 ' )
2019-12-09 14:30:00 +03:00
smbclient3 = binpath ( ' smbclient ' )
2012-05-29 18:35:18 +04:00
2011-02-21 03:16:03 +03:00
bbdir = os . path . join ( srcdir ( ) , " testprogs/blackbox " )
2010-09-30 16:55:04 +04:00
2018-11-22 04:05:01 +03:00
# alias to highlight what tests we want to run against a DC with SMBv1 disabled
smbv1_disabled_testenv = " restoredc "
2019-02-21 17:07:42 +03:00
all_fl_envs = [ " fl2000dc " , " fl2003dc " , " fl2008dc " , " fl2008r2dc " ]
2010-09-30 16:55:04 +04:00
# Simple tests for LDAP and CLDAP
2015-12-18 13:46:22 +03:00
for auth_type in [ ' ' , ' -k no ' , ' -k yes ' ] :
2020-12-02 20:06:24 +03:00
for auth_level in [ ' --option=clientldapsaslwrapping=plain ' , ' --client-protection=sign ' , ' --client-protection=encrypt ' ] :
2015-12-18 13:46:22 +03:00
creds = ' -U " $USERNAME % $PASSWORD " '
options = creds + ' ' + auth_type + ' ' + auth_level
2019-02-26 16:04:42 +03:00
plantestsuite ( " samba4.ldb.ldap with options %r (ad_dc_default) " % options , " ad_dc_default " , " %s /test_ldb.sh ldap $SERVER %s " % ( bbdir , options ) )
2010-09-30 16:55:04 +04:00
2011-06-07 07:22:58 +04:00
# see if we support ADS on the Samba3 side
2010-09-30 16:55:04 +04:00
try :
config_h = os . environ [ " CONFIG_H " ]
except KeyError :
2011-06-07 07:22:58 +04:00
config_h = os . path . join ( samba4bindir , " default/include/config.h " )
2016-01-14 12:32:57 +03:00
# check available features
config_hash = dict ( )
2010-09-30 16:55:04 +04:00
f = open ( config_h , ' r ' )
try :
2016-01-14 12:32:57 +03:00
lines = f . readlines ( )
config_hash = dict ( ( x [ 0 ] , ' ' . join ( x [ 1 : ] ) )
2018-07-30 09:16:12 +03:00
for x in map ( lambda line : line . strip ( ) . split ( ' ' ) [ 1 : ] ,
2018-11-28 17:15:23 +03:00
list ( filter ( lambda line : ( line [ 0 : 7 ] == ' #define ' ) and ( len ( line . split ( ' ' ) ) > 2 ) , lines ) ) ) )
2010-09-30 16:55:04 +04:00
finally :
f . close ( )
2016-01-14 12:32:57 +03:00
have_heimdal_support = ( " SAMBA4_USES_HEIMDAL " in config_hash )
2021-04-13 18:48:21 +03:00
have_gnutls_fips_mode_support = ( " HAVE_GNUTLS_FIPS_MODE_SUPPORTED " in config_hash )
2023-04-12 01:15:30 +03:00
have_cluster_support = " CLUSTER_SUPPORT " in config_hash
2016-01-14 12:32:57 +03:00
2018-02-12 01:06:25 +03:00
for options in [ ' -U " $USERNAME % $PASSWORD " ' ] :
2019-11-25 16:17:50 +03:00
plantestsuite ( " samba4.ldb.ldaps with options %s (ad_dc_ntvfs) " % options , " ad_dc_ntvfs " ,
2018-07-30 09:16:12 +03:00
" %s /test_ldb.sh ldaps $SERVER_IP %s " % ( bbdir , options ) )
2018-02-12 01:06:25 +03:00
creds_options = [
' --simple-bind-dn=$USERNAME@$REALM --password=$PASSWORD ' ,
]
peer_options = {
' SERVER_IP ' : ' $SERVER_IP ' ,
' SERVER_NAME ' : ' $SERVER ' ,
' SERVER.REALM ' : ' $SERVER.$REALM ' ,
}
tls_verify_options = [
' --option= " tlsverifypeer=no_check " ' ,
' --option= " tlsverifypeer=ca_only " ' ,
' --option= " tlsverifypeer=ca_and_name_if_available " ' ,
' --option= " tlsverifypeer=ca_and_name " ' ,
' --option= " tlsverifypeer=as_strict_as_possible " ' ,
]
# we use :local for fl2008r2dc because of the self-signed certificate
for env in [ " ad_dc_ntvfs " , " fl2008r2dc:local " ] :
for peer_key in peer_options . keys ( ) :
peer_val = peer_options [ peer_key ]
for creds in creds_options :
for tls_verify in tls_verify_options :
options = creds + ' ' + tls_verify
plantestsuite ( " samba4.ldb.simple.ldaps with options %s %s ( %s ) " % (
peer_key , options , env ) , env ,
" %s /test_ldb_simple.sh ldaps %s %s " % ( bbdir , peer_val , options ) )
2016-03-16 17:07:36 +03:00
2015-12-21 12:04:48 +03:00
# test all "ldap server require strong auth" combinations
for env in [ " ad_dc_ntvfs " , " fl2008r2dc " , " fl2003dc " ] :
options = ' --simple-bind-dn= " $USERNAME@$REALM " --password= " $PASSWORD " '
plantestsuite ( " samba4.ldb.simple.ldap with SIMPLE-BIND %s ( %s ) " % ( options , env ) ,
env , " %s /test_ldb_simple.sh ldap $SERVER %s " % ( bbdir , options ) )
2018-02-12 01:06:25 +03:00
options + = ' --option= " tlsverifypeer=no_check " '
plantestsuite ( " samba4.ldb.simple.ldaps with SIMPLE-BIND %s ( %s ) " % ( options , env ) ,
env , " %s /test_ldb_simple.sh ldaps $SERVER %s " % ( bbdir , options ) )
2015-12-21 12:04:48 +03:00
auth_options = [
' --option=clientldapsaslwrapping=plain ' ,
2020-12-02 20:06:24 +03:00
' --client-protection=sign ' ,
' --client-protection=encrypt ' ,
' --use-kerberos=required --option=clientldapsaslwrapping=plain ' ,
' --use-kerberos=required --client-protection=sign ' ,
' --use-kerberos=required --client-protection=encrypt ' ,
2024-02-13 17:50:14 +03:00
' --use-kerberos=required --client-protection=sign --option= " ldap_testing:channel_bound=yes " ' ,
' --use-kerberos=required --client-protection=sign --option= " ldap_testing:channel_bound=no " ' ,
' --use-kerberos=required --client-protection=sign --option= " ldap_testing:channel_bound=yes " --option= " ldap_testing:forced_channel_binding=wRoNg " ' ,
' --use-kerberos=required --client-protection=sign --option= " ldap_testing:channel_bound=no " --option= " ldap_testing:forced_channel_binding=wRoNg " ' ,
2020-12-02 20:06:24 +03:00
' --use-kerberos=disabled --option=clientldapsaslwrapping=plain ' ,
' --use-kerberos=disabled --client-protection=sign --option=ntlmssp_client:ldap_style_send_seal=no ' ,
' --use-kerberos=disabled --client-protection=sign ' ,
' --use-kerberos=disabled --client-protection=encrypt ' ,
2024-02-13 17:50:14 +03:00
' --use-kerberos=disabled --client-protection=sign --option= " ldap_testing:channel_bound=yes " ' ,
' --use-kerberos=disabled --client-protection=sign --option= " ldap_testing:channel_bound=no " ' ,
' --use-kerberos=disabled --client-protection=sign --option= " ldap_testing:channel_bound=yes " --option= " ldap_testing:forced_channel_binding=wRoNg " ' ,
' --use-kerberos=disabled --client-protection=sign --option= " ldap_testing:channel_bound=no " --option= " ldap_testing:forced_channel_binding=wRoNg " ' ,
2015-12-21 12:04:48 +03:00
]
for auth_option in auth_options :
options = ' -U " $USERNAME % $PASSWORD " ' + ' ' + auth_option
plantestsuite ( " samba4.ldb.simple.ldap with SASL-BIND %s ( %s ) " % ( options , env ) ,
env , " %s /test_ldb_simple.sh ldap $SERVER %s " % ( bbdir , options ) )
2024-02-13 17:50:14 +03:00
auth_options = [
' --use-kerberos=required --option= " ldap_testing:channel_bound=yes " --option= " ldap_testing:tls_channel_bindings=yes " ' ,
' --use-kerberos=required --option= " ldap_testing:channel_bound=yes " --option= " ldap_testing:tls_channel_bindings=no " ' ,
' --use-kerberos=required --option= " ldap_testing:channel_bound=yes " --option= " ldap_testing:forced_channel_binding=wRoNg " ' ,
' --use-kerberos=required --option= " ldap_testing:channel_bound=no " --option= " ldap_testing:tls_channel_bindings=no " ' ,
' --use-kerberos=required --option= " ldap_testing:channel_bound=no " --option= " ldap_testing:tls_channel_bindings=yes " ' ,
' --use-kerberos=required --option= " ldap_testing:channel_bound=no " --option= " ldap_testing:forced_channel_binding=wRoNg " ' ,
' --use-kerberos=disabled --option= " ldap_testing:channel_bound=yes " --option= " ldap_testing:tls_channel_bindings=yes " ' ,
' --use-kerberos=disabled --option= " ldap_testing:channel_bound=yes " --option= " ldap_testing:tls_channel_bindings=no " ' ,
' --use-kerberos=disabled --option= " ldap_testing:channel_bound=yes " --option= " ldap_testing:forced_channel_binding=wRoNg " ' ,
' --use-kerberos=disabled --option= " ldap_testing:channel_bound=no " --option= " ldap_testing:tls_channel_bindings=no " ' ,
' --use-kerberos=disabled --option= " ldap_testing:channel_bound=no " --option= " ldap_testing:tls_channel_bindings=yes " ' ,
' --use-kerberos=disabled --option= " ldap_testing:channel_bound=no " --option= " ldap_testing:forced_channel_binding=wRoNg " ' ,
]
for auth_option in auth_options :
options = ' -U " $USERNAME % $PASSWORD " --option= " tlsverifypeer=no_check " ' + auth_option
plantestsuite ( " samba4.ldb.simple.ldaps with SASL-BIND %s ( %s ) " % ( options , env ) ,
env , " %s /test_ldb_simple.sh ldaps $SERVER %s " % ( bbdir , options ) )
2024-02-13 18:04:57 +03:00
options + = ' --option= " clientldapsaslwrapping=starttls " '
plantestsuite ( " samba4.ldb.simple.ldap starttls with SASL-BIND %s ( %s ) " % ( options , env ) ,
env , " %s /test_ldb_simple.sh ldap $SERVER %s " % ( bbdir , options ) )
2024-02-13 17:50:14 +03:00
2015-12-21 12:04:48 +03:00
2023-06-05 16:23:11 +03:00
envraw = " fl2008r2dc "
env = " %s :local " % envraw
plantestsuite ( " samba4.ldap_tls_reload( %s ) " % ( env ) , env ,
" %s /test_ldap_tls_reload.sh $PREFIX_ABS $PREFIX_ABS/ %s /private/tls $SERVER.$REALM " % ( bbdir , envraw ) )
2010-09-30 20:23:20 +04:00
for options in [ ' -U " $USERNAME % $PASSWORD " ' ] :
2015-03-06 01:38:26 +03:00
plantestsuite ( " samba4.ldb.ldapi with options %s (ad_dc_ntvfs:local) " % options , " ad_dc_ntvfs:local " ,
2018-07-30 09:16:12 +03:00
" %s /test_ldb.sh ldapi $PREFIX_ABS/ad_dc_ntvfs/private/ldapi %s " % ( bbdir , options ) )
2010-09-30 16:55:04 +04:00
2012-10-26 23:50:41 +04:00
for t in smbtorture4_testsuites ( " ldap. " ) :
2019-12-16 20:42:54 +03:00
if t == " ldap.nested-search " :
plansmbtorture4testsuite ( t , " ad_dc_default_smb1 " , ' -U " $USERNAME % $PASSWORD " //$SERVER_IP/_none_ ' )
2020-08-12 16:50:58 +03:00
elif t == " ldap.session-expiry " :
# This requires kerberos and thus the server name
plansmbtorture4testsuite (
t , " ad_dc_default " , ' -U " $USERNAME % $PASSWORD " //$DC_SERVER/_none_ ' )
2019-12-16 20:42:54 +03:00
else :
2020-08-04 13:50:22 +03:00
plansmbtorture4testsuite (
t ,
" ad_dc_default " ,
' -U " $USERNAME % $PASSWORD " //$SERVER_IP/_none_ -D " $USERNAME " @ " $REALM " ## " $PASSWORD " ' )
2010-09-30 16:55:04 +04:00
2019-03-25 03:13:33 +03:00
for t in smbtorture4_testsuites ( " dsdb. " ) :
plansmbtorture4testsuite ( t , " ad_dc:local " , " localhost " )
2018-09-28 03:35:35 +03:00
plantestsuite_loadlist ( " samba4.tests.attr_from_server.python(ad_dc_ntvfs) " ,
" ad_dc_ntvfs:local " ,
2019-04-12 15:21:29 +03:00
[ python , os . path . join ( DSDB_PYTEST_DIR , " attr_from_server.py " ) ,
2018-09-28 03:35:35 +03:00
' $PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2010-09-30 16:55:04 +04:00
# Tests for RPC
# add tests to this list as they start passing, so we test
# that they stay passing
2015-03-23 22:37:23 +03:00
ncacn_np_tests = [ " rpc.schannel " , " rpc.join " , " rpc.lsa " , " rpc.dssetup " , " rpc.altercontext " , " rpc.netlogon " , " rpc.netlogon.admin " , " rpc.handles " , " rpc.samsync " , " rpc.samba3-sessionkey " , " rpc.samba3-getusername " , " rpc.samba3-lsa " , " rpc.samba3-bind " , " rpc.samba3-netlogon " , " rpc.asyncbind " , " rpc.lsalookup " , " rpc.lsa-getuser " , " rpc.schannel2 " , " rpc.authcontext " ]
2020-09-27 23:29:25 +03:00
ncalrpc_tests = [ " rpc.schannel " , " rpc.join " , " rpc.lsa " , " rpc.dssetup " , " rpc.altercontext " , " rpc.netlogon " , " rpc.netlogon.admin " , " rpc.netlogon.zerologon " , " rpc.asyncbind " , " rpc.lsalookup " , " rpc.lsa-getuser " , " rpc.schannel2 " , " rpc.authcontext " ]
2012-10-26 23:50:41 +04:00
drs_rpc_tests = smbtorture4_testsuites ( " drs.rpc " )
2020-09-27 23:29:25 +03:00
ncacn_ip_tcp_tests = [ " rpc.schannel " , " rpc.join " , " rpc.lsa " , " rpc.dssetup " , " rpc.drsuapi " , " rpc.drsuapi_w2k8 " , " rpc.netlogon " , " rpc.netlogon.admin " , " rpc.netlogon.zerologon " , " rpc.asyncbind " , " rpc.lsalookup " , " rpc.lsa-getuser " , " rpc.schannel2 " , " rpc.authcontext " , " rpc.samr.passwords.validate " ] + drs_rpc_tests
2022-07-15 11:06:36 +03:00
slow_ncacn_np_tests = [ " rpc.samlogon " ,
" rpc.samr " ,
" rpc.samr.users " ,
" rpc.samr.large-dc " ,
" rpc.samr.users.privileges " ,
2022-07-15 11:09:02 +03:00
" rpc.samr.passwords.default " ,
2022-07-15 11:06:36 +03:00
" rpc.samr.passwords.pwdlastset " ,
" rpc.samr.passwords.lockout " ,
" rpc.samr.passwords.badpwdcount " ]
2015-12-18 22:18:42 +03:00
slow_ncacn_ip_tcp_tests = [ " rpc.cracknames " ]
2010-09-30 16:55:04 +04:00
2010-12-11 05:26:31 +03:00
all_rpc_tests = ncalrpc_tests + ncacn_np_tests + ncacn_ip_tcp_tests + slow_ncacn_np_tests + slow_ncacn_ip_tcp_tests + [ " rpc.lsa.secrets " , " rpc.pac " , " rpc.samba3-sharesec " , " rpc.countcalls " ]
2010-09-30 16:55:04 +04:00
2019-04-16 17:54:21 +03:00
# Filter RPC tests that should not run against ad_dc_ntvfs
rpc_s3only = [
" rpc.mdssvc " ,
]
2021-07-26 11:18:05 +03:00
rpc_fipsonly = [
" rpc.fips.netlogon.crypto " ,
]
rpc_exclude = rpc_s3only + rpc_fipsonly
rpc_tests = [ x for x in smbtorture4_testsuites ( " rpc. " ) if x not in rpc_exclude ]
2018-11-28 17:15:23 +03:00
auto_rpc_tests = list ( filter ( lambda t : t not in all_rpc_tests , rpc_tests ) )
2010-09-30 16:55:04 +04:00
2010-09-30 20:23:20 +04:00
for bindoptions in [ " seal,padcheck " ] + validate_list + [ " bigendian " ] :
2010-09-30 16:55:04 +04:00
for transport in [ " ncalrpc " , " ncacn_np " , " ncacn_ip_tcp " ] :
2019-02-26 16:04:42 +03:00
env = " ad_dc_default "
2019-11-26 15:35:29 +03:00
local = " "
2010-09-30 16:55:04 +04:00
if transport == " ncalrpc " :
tests = ncalrpc_tests
2019-11-26 15:35:29 +03:00
local = " :local "
2010-09-30 16:55:04 +04:00
elif transport == " ncacn_np " :
tests = ncacn_np_tests
elif transport == " ncacn_ip_tcp " :
tests = ncacn_ip_tcp_tests
2011-12-08 05:42:08 +04:00
else :
2018-07-30 09:18:03 +03:00
raise AssertionError ( " invalid transport %r " % transport )
2010-09-30 16:55:04 +04:00
for t in tests :
2019-11-26 15:39:31 +03:00
if t == " rpc.netlogon " :
env = " ad_dc_ntvfs "
2019-12-16 21:08:47 +03:00
elif t == " rpc.join " :
env = " ad_dc_default_smb1 "
2019-11-26 15:35:29 +03:00
plansmbtorture4testsuite ( t , env + local , [ " %s :$SERVER[ %s ] " % ( transport , bindoptions ) , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4. %s on %s with %s " % ( t , transport , bindoptions ) )
plansmbtorture4testsuite ( ' rpc.samba3-sharesec ' , env + local , [ " %s :$SERVER[ %s ] " % ( transport , bindoptions ) , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' , ' --option=torture:share=tmp ' ] , " samba4.rpc.samba3.sharesec on %s with %s " % ( transport , bindoptions ) )
2010-09-30 16:55:04 +04:00
2018-07-30 09:19:49 +03:00
# Plugin S4 DC tests (confirms named pipe auth forwarding). This can be expanded once kerberos is supported in the plugin DC
2011-07-18 14:26:26 +04:00
#
2012-02-14 02:05:21 +04:00
for bindoptions in [ " seal,padcheck " ] + validate_list + [ " bigendian " ] :
for t in ncacn_np_tests :
2015-03-05 20:08:43 +03:00
env = " ad_dc "
2012-02-14 02:05:21 +04:00
transport = " ncacn_np "
2019-12-11 15:53:24 +03:00
if t in [ " rpc.authcontext " , " rpc.join " ] :
2020-03-03 20:24:36 +03:00
env = " ad_dc_smb1 "
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( t , env , [ " %s :$SERVER[ %s ] " % ( transport , bindoptions ) , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4. %s with %s " % ( t , bindoptions ) )
2011-07-18 14:26:26 +04:00
2010-09-30 20:23:20 +04:00
for bindoptions in [ " " ] + validate_list + [ " bigendian " ] :
2010-09-30 16:55:04 +04:00
for t in auto_rpc_tests :
2019-11-25 18:14:49 +03:00
env = " ad_dc_default "
if t in [ " rpc.srvsvc " , " rpc.mgmt " ] :
env = " ad_dc_ntvfs "
2019-12-16 21:08:47 +03:00
elif t == " rpc.join " :
env = " ad_dc_default_smb1 "
2019-11-25 18:14:49 +03:00
plansmbtorture4testsuite ( t , env , [ " $SERVER[ %s ] " % bindoptions , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4. %s with %s " % ( t , bindoptions ) )
2010-09-30 16:55:04 +04:00
2010-12-11 05:26:31 +03:00
t = " rpc.countcalls "
2019-02-26 16:04:42 +03:00
plansmbtorture4testsuite ( t , " ad_dc_default:local " , [ " $SERVER[ %s ] " % bindoptions , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , modname = " samba4. %s " % t )
2010-09-30 16:55:04 +04:00
for transport in [ " ncacn_np " , " ncacn_ip_tcp " ] :
2019-02-26 16:04:42 +03:00
env = " ad_dc_slowtests "
2010-09-30 16:55:04 +04:00
if transport == " ncacn_np " :
tests = slow_ncacn_np_tests
elif transport == " ncacn_ip_tcp " :
tests = slow_ncacn_ip_tcp_tests
2011-12-08 05:42:08 +04:00
else :
raise AssertionError ( " Invalid transport %r " % transport )
2010-09-30 16:55:04 +04:00
for t in tests :
2015-07-14 10:13:00 +03:00
bindoptions = ' '
if t == ' rpc.cracknames ' :
bindoptions = ' seal '
2018-07-30 09:19:05 +03:00
plansmbtorture4testsuite ( t , env , [ " %s :$SERVER[ %s ] " % ( transport , bindoptions ) , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4. %s on %s with %s " % ( t , transport , bindoptions ) )
2010-09-30 16:55:04 +04:00
# Tests for the DFS referral calls implementation
2012-10-26 23:50:41 +04:00
for t in smbtorture4_testsuites ( " dfs. " ) :
2023-02-21 01:41:34 +03:00
plansmbtorture4testsuite ( t , " ad_dc_ntvfs " , r ' //$SERVER/ipc \ $ -U$USERNAME % $PASSWORD ' )
plansmbtorture4testsuite ( t , " ad_dc_smb1 " , r ' //$SERVER/ipc \ $ -U$USERNAME % $PASSWORD ' )
2010-09-30 16:55:04 +04:00
2010-12-11 05:26:31 +03:00
# Tests for the NET API (net.api.become.dc tested below against all the roles)
2018-11-28 17:15:23 +03:00
net_tests = list ( filter ( lambda x : " net.api.become.dc " not in x , smbtorture4_testsuites ( " net. " ) ) )
2010-09-30 16:55:04 +04:00
for t in net_tests :
2019-02-26 16:04:42 +03:00
plansmbtorture4testsuite ( t , " ad_dc_default " , ' $SERVER[ %s ] -U$USERNAME %% $PASSWORD -W$DOMAIN ' % validate )
2010-09-30 16:55:04 +04:00
# Tests for session keys and encryption of RPC pipes
# FIXME: Integrate these into a single smbtorture test
transport = " ncacn_np "
2019-02-26 16:04:42 +03:00
for env in [ " ad_dc_default " , " nt4_dc " ] :
2012-06-28 14:42:31 +04:00
for ntlmoptions in [
2017-12-07 15:00:10 +03:00
" -k no --option=clientusespnego=yes " ,
" -k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no " ,
" -k no --option=clientusespnego=yes --option=ntlmssp_client:56bit=yes " ,
" -k no --option=clientusespnego=yes --option=ntlmssp_client:56bit=no " ,
" -k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=yes " ,
" -k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=no " ,
" -k no --option=clientusespnego=yes --option=clientntlmv2auth=yes " ,
" -k no --option=clientusespnego=yes --option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no " ,
" -k no --option=clientusespnego=yes --option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=yes " ,
" -k no --option=clientusespnego=no --option=clientntlmv2auth=yes " ,
2012-06-28 14:42:31 +04:00
" -k no --option=gensec:spnego=no --option=clientntlmv2auth=yes " ,
2017-12-07 15:00:10 +03:00
" -k no --option=clientusespnego=no " ] :
2012-06-28 14:42:31 +04:00
name = " rpc.lsa.secrets on %s with with %s " % ( transport , ntlmoptions )
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' rpc.lsa.secrets ' , env , [ " %s :$SERVER[] " % ( transport ) , ntlmoptions , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' , ' --option=gensec:target_hostname=$NETBIOSNAME ' ] , " samba4. %s " % name )
2019-12-09 22:40:09 +03:00
plantestsuite ( " samba.blackbox.pdbtest( %s ) " % env , " %s :local " % env , [ os . path . join ( bbdir , " test_pdbtest.sh " ) , ' $SERVER ' , " $PREFIX " , " pdbtest " , smbclient3 , ' $SMB_CONF_PATH ' , configuration ] )
2014-05-16 06:30:43 +04:00
2017-03-03 22:54:30 +03:00
gpo = smbtorture4_testsuites ( " gpo. " )
for t in gpo :
plansmbtorture4testsuite ( t , ' ad_dc:local ' , [ ' //$SERVER/sysvol ' , ' -U$USERNAME % $PASSWORD ' ] )
2010-09-30 16:55:04 +04:00
transports = [ " ncacn_np " , " ncacn_ip_tcp " ]
2018-07-30 09:19:49 +03:00
# Kerberos varies between functional levels, so it is important to check this on all of them
2019-02-21 17:07:42 +03:00
for env in all_fl_envs :
2010-11-02 13:57:13 +03:00
transport = " ncacn_np "
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' rpc.pac ' , env , [ " %s :$SERVER[] " % ( transport , ) , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.pac on %s " % ( transport , ) )
plansmbtorture4testsuite ( ' rpc.lsa.secrets ' , env , [ " %s :$SERVER[] " % ( transport , ) , ' -k ' , ' yes ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' , ' --option=gensec:target_hostname=$NETBIOSNAME ' , ' rpc.lsa.secrets ' ] , " samba4.rpc.lsa.secrets on %s with Kerberos " % ( transport , ) )
2015-03-24 01:10:02 +03:00
plansmbtorture4testsuite ( ' rpc.lsa.secrets ' , env , [ " %s :$SERVER[target_principal=dcom/$NETBIOSNAME] " % ( transport , ) , ' -k ' , ' yes ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal dcom " % ( transport , ) )
2023-02-21 01:41:34 +03:00
plansmbtorture4testsuite ( ' rpc.lsa.secrets ' , env , [ r " %s :$SERVER[target_principal=$NETBIOSNAME \ $] " % ( transport , ) , ' -k ' , ' yes ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal dollar " % ( transport , ) )
2015-03-24 01:10:02 +03:00
plansmbtorture4testsuite ( ' rpc.lsa.secrets ' , env , [ " %s :$SERVER[target_principal=$NETBIOSNAME] " % ( transport , ) , ' -k ' , ' yes ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal " % ( transport , ) )
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' rpc.lsa.secrets.none* ' , env , [ " %s :$SERVER " % transport , ' -k ' , ' yes ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' , " --option=gensec:fake_gssapi_krb5=yes " , ' --option=gensec:gssapi_krb5=no ' , ' --option=gensec:target_hostname=$NETBIOSNAME ' ] , " samba4.rpc.lsa.secrets on %s with Kerberos - use Samba3 style login " % transport )
2015-06-26 10:15:31 +03:00
plansmbtorture4testsuite ( ' rpc.lsa.secrets.none* ' , env , [ " %s :$SERVER " % transport , ' -k ' , ' yes ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' , " --option=gensec:fake_gssapi_krb5=yes " , ' --option=gensec:gssapi_krb5=no ' , ' --option=gensec:target_hostname=$NETBIOSNAME ' , ' --option=gensec_krb5:send_authenticator_checksum=false ' ] , " samba4.rpc.lsa.secrets on %s with Kerberos - use raw-krb5-no-authenticator-checksum style login " % transport )
2015-06-23 11:27:27 +03:00
# Winreg tests test bulk Kerberos encryption of DCE/RPC
# We test rpc.winreg here too, because the winreg interface if
# handled by the source3/rpc_server code.
2016-09-19 08:29:59 +03:00
for bindoptions in [ " connect " , " packet " , " krb5 " , " krb5,packet " , " krb5,sign " , " krb5,seal " , " spnego " , " spnego,packet " , " spnego,sign " , " spnego,seal " ] :
2015-06-23 11:27:27 +03:00
plansmbtorture4testsuite ( ' rpc.winreg ' , env , [ " %s :$SERVER[ %s ] " % ( transport , bindoptions ) , ' -k ' , ' yes ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.winreg on %s with %s " % ( transport , bindoptions ) )
2010-09-30 16:55:04 +04:00
for transport in transports :
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' rpc.echo ' , env , [ " %s :$SERVER[] " % ( transport , ) , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.echo on %s " % ( transport , ) )
2010-09-30 16:55:04 +04:00
# Echo tests test bulk Kerberos encryption of DCE/RPC
2015-06-19 01:35:29 +03:00
for bindoptions in [ " connect " , " krb5 " , " krb5,sign " , " krb5,seal " , " spnego " , " spnego,sign " , " spnego,seal " ] + validate_list + [ " padcheck " , " bigendian " , " bigendian,seal " ] :
2010-09-30 16:55:04 +04:00
echooptions = " --option=socket:testnonblock=True --option=torture:quick=yes -k yes "
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' rpc.echo ' , env , [ " %s :$SERVER[ %s ] " % ( transport , bindoptions ) , echooptions , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.echo on %s with %s and %s " % ( transport , bindoptions , echooptions ) )
2018-03-22 06:49:53 +03:00
for env in [ " fl2000dc " , " fl2008r2dc " ] :
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( " net.api.become.dc " , env , ' $SERVER[ %s ] -U$USERNAME %% $PASSWORD -W$DOMAIN ' % validate )
2010-09-30 16:55:04 +04:00
2011-01-09 15:55:24 +03:00
for bindoptions in [ " sign " , " seal " ] :
2019-02-26 16:04:42 +03:00
plansmbtorture4testsuite ( ' rpc.backupkey ' , " ad_dc_default " , [ " ncacn_np:$SERVER[ %s ] " % ( bindoptions ) , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.backupkey with %s " % ( bindoptions ) )
2011-01-09 15:55:24 +03:00
2010-09-30 16:55:04 +04:00
for transport in transports :
for bindoptions in [ " sign " , " seal " ] :
for ntlmoptions in [
2018-07-30 09:14:21 +03:00
" --option=ntlmssp_client:ntlm2=yes --option=torture:quick=yes " ,
" --option=ntlmssp_client:ntlm2=no --option=torture:quick=yes " ,
" --option=ntlmssp_client:ntlm2=yes --option=ntlmssp_client:128bit=no --option=torture:quick=yes " ,
" --option=ntlmssp_client:ntlm2=no --option=ntlmssp_client:128bit=no --option=torture:quick=yes " ,
" --option=ntlmssp_client:ntlm2=yes --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes " ,
" --option=ntlmssp_client:ntlm2=no --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes " ,
" --option=clientntlmv2auth=yes --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes " ,
" --option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:keyexchange=yes --option=torture:quick=yes " ,
" --option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes " ] :
2010-09-30 16:55:04 +04:00
if transport == " ncalrpc " :
2019-02-26 16:04:42 +03:00
env = " ad_dc_default:local "
2010-09-30 16:55:04 +04:00
else :
2019-02-26 16:04:42 +03:00
env = " ad_dc_default "
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' rpc.echo ' , env , [ " %s :$SERVER[ %s ] " % ( transport , bindoptions ) , ntlmoptions , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.echo on %s with %s and %s " % ( transport , bindoptions , ntlmoptions ) )
2010-09-30 16:55:04 +04:00
2019-02-26 16:04:42 +03:00
plansmbtorture4testsuite ( ' rpc.echo ' , " ad_dc_default " , [ ' ncacn_np:$SERVER[smb2] ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.rpc.echo on ncacn_np over smb2 " )
2016-09-24 09:47:44 +03:00
for env in [ " ad_dc " , " nt4_dc " ] :
plansmbtorture4testsuite ( ' rpc.echo ' , env , [ ' 60a15ec5-4de8-11d7-a637-005056a20182@ncacn_np:$SERVER[] ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' , ' --option=torture:quick=yes ' ] , " samba4.rpc.echo on ncacn_np with object " )
plansmbtorture4testsuite ( ' rpc.echo ' , env , [ ' 60a15ec5-4de8-11d7-a637-005056a20182@ncacn_ip_tcp:$SERVER[] ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' , ' --option=torture:quick=yes ' ] , " samba4.rpc.echo on ncacn_ip_tcp with object " )
2010-09-30 16:55:04 +04:00
2019-02-26 16:04:42 +03:00
plansmbtorture4testsuite ( ' ntp.signd ' , " ad_dc_default:local " , [ ' ncacn_np:$SERVER ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , " samba4.ntp.signd " )
2010-09-30 16:55:04 +04:00
2012-10-26 23:50:41 +04:00
nbt_tests = smbtorture4_testsuites ( " nbt. " )
2011-09-19 07:11:50 +04:00
for t in nbt_tests :
2015-03-06 01:38:26 +03:00
plansmbtorture4testsuite ( t , " ad_dc_ntvfs " , " //$SERVER/_none_ -U \" $USERNAME % $PASSWORD \" " )
2011-09-19 07:11:50 +04:00
2010-09-30 16:55:04 +04:00
# Tests against the NTVFS POSIX backend
2015-06-19 07:49:41 +03:00
ntvfsargs = [ " --option=torture:sharedelay=100000 " , " --option=torture:oplocktimeout=3 " , " --option=torture:writetimeupdatedelay=500000 " ]
2010-09-30 16:55:04 +04:00
2016-06-23 20:13:05 +03:00
# Filter smb2 tests that should not run against ad_dc_ntvfs
2018-08-31 09:28:46 +03:00
smb2_s3only = [
" smb2.change_notify_disabled " ,
" smb2.dosmode " ,
" smb2.credits " ,
" smb2.kernel-oplocks " ,
2018-08-30 20:15:19 +03:00
" smb2.durable-v2-delay " ,
2018-10-28 21:29:26 +03:00
" smb2.aio_delay " ,
2019-08-30 15:49:24 +03:00
" smb2.fileid " ,
2019-11-21 18:47:33 +03:00
" smb2.timestamps " ,
2022-01-25 19:59:37 +03:00
" smb2.async_dosmode " ,
2022-03-28 21:05:26 +03:00
" smb2.twrp " ,
2022-06-03 06:37:01 +03:00
" smb2.ea " ,
2022-09-01 19:55:23 +03:00
" smb2.create_no_streams " ,
2018-08-31 09:28:46 +03:00
]
2016-06-23 20:13:05 +03:00
smb2 = [ x for x in smbtorture4_testsuites ( " smb2. " ) if x not in smb2_s3only ]
2015-08-12 12:06:15 +03:00
2018-07-30 09:19:49 +03:00
# The QFILEINFO-IPC test needs to be on ipc$
2018-08-03 20:45:35 +03:00
raw = list ( filter ( lambda x : " raw.qfileinfo.ipc " not in x , smbtorture4_testsuites ( " raw. " ) ) )
2012-10-26 23:50:41 +04:00
base = smbtorture4_testsuites ( " base. " )
2010-09-30 16:55:04 +04:00
2012-10-26 23:50:41 +04:00
netapi = smbtorture4_testsuites ( " netapi. " )
2011-05-11 00:14:34 +04:00
2018-08-23 15:12:43 +03:00
for t in base + raw + smb2 + netapi :
plansmbtorture4testsuite ( t , " ad_dc_ntvfs " , [ ' //$SERVER/tmp ' , ' -U$USERNAME % $PASSWORD ' ] + ntvfsargs )
2011-05-11 00:14:34 +04:00
2018-08-23 15:12:43 +03:00
libsmbclient = smbtorture4_testsuites ( " libsmbclient. " )
2018-09-03 17:55:02 +03:00
protocols = [ ' NT1 ' , ' SMB3 ' ]
2018-08-23 15:12:43 +03:00
for t in libsmbclient :
2020-03-10 21:51:09 +03:00
url = " smb://$USERNAME:$PASSWORD@$SERVER/tmp "
if t == " libsmbclient.list_shares " :
url = " smb://$USERNAME:$PASSWORD@$SERVER "
2020-03-30 23:08:40 +03:00
if t == " libsmbclient.utimes " :
url + = " /utimes.txt "
2020-03-10 21:51:09 +03:00
2020-02-23 15:34:18 +03:00
libsmbclient_testargs = [
' //$SERVER/tmp ' ,
' -U$USERNAME % $PASSWORD ' ,
2020-03-10 21:51:09 +03:00
" --option=torture:smburl= " + url ,
2020-02-23 15:34:18 +03:00
" --option=torture:replace_smbconf= "
" %s /testdata/samba3/smb_new.conf " % srcdir ( )
]
2018-09-03 17:55:02 +03:00
for proto in protocols :
2020-03-10 21:51:09 +03:00
plansmbtorture4testsuite (
t ,
2019-12-11 15:33:04 +03:00
" nt4_dc " if proto == " SMB3 " else " nt4_dc_smb1_done " ,
2020-03-10 21:51:09 +03:00
libsmbclient_testargs +
[ " --option=torture:clientprotocol= %s " % proto ] ,
" samba4. %s . %s " % ( t , proto ) )
2010-09-30 16:55:04 +04:00
2021-12-21 14:05:13 +03:00
url = " smb://baduser:invalidpw@$SERVER/tmpguest "
t = " libsmbclient.noanon_list "
libsmbclient_testargs = [
' //$SERVER/tmpguest ' ,
' -U$USERNAME % $PASSWORD ' ,
" --option=torture:smburl= " + url ,
" --option=torture:replace_smbconf= "
" %s /testdata/samba3/smb_new.conf " % srcdir ( )
]
for proto in protocols :
plansmbtorture4testsuite ( t ,
" maptoguest " ,
libsmbclient_testargs +
[ " --option=torture:clientprotocol= %s " % proto ] ,
" samba4. %s .baduser. %s " % ( t , proto ) )
2023-02-21 01:41:34 +03:00
plansmbtorture4testsuite ( " raw.qfileinfo.ipc " , " ad_dc_ntvfs " , r ' //$SERVER/ipc \ $ -U$USERNAME % $PASSWORD ' )
2010-09-30 16:55:04 +04:00
2012-10-26 23:50:41 +04:00
for t in smbtorture4_testsuites ( " rap. " ) :
2023-02-21 01:41:34 +03:00
plansmbtorture4testsuite ( t , " ad_dc_ntvfs " , r ' //$SERVER/IPC \ $ -U$USERNAME % $PASSWORD ' )
2010-09-30 16:55:04 +04:00
# Tests against the NTVFS CIFS backend
for t in base + raw :
2015-03-06 01:38:26 +03:00
plansmbtorture4testsuite ( t , " ad_dc_ntvfs " , [ ' //$NETBIOSNAME/cifs ' , ' -U$USERNAME % $PASSWORD ' , ' --kerberos=yes ' ] + ntvfsargs , modname = " samba4.ntvfs.cifs.krb5. %s " % t )
2011-03-18 21:13:43 +03:00
# Test NTVFS CIFS backend with S4U2Self and S4U2Proxy
t = " base.unlink "
2015-03-06 01:38:26 +03:00
plansmbtorture4testsuite ( t , " ad_dc_ntvfs " , [ ' //$NETBIOSNAME/cifs ' , ' -U$USERNAME % $PASSWORD ' , ' --kerberos=no ' ] + ntvfsargs , " samba4.ntvfs.cifs.ntlm. %s " % t )
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( t , " rpc_proxy " , [ ' //$NETBIOSNAME/cifs_to_dc ' , ' -U$DC_USERNAME % $DC_PASSWORD ' , ' --kerberos=yes ' ] + ntvfsargs , " samba4.ntvfs.cifs.krb5. %s " % t )
plansmbtorture4testsuite ( t , " rpc_proxy " , [ ' //$NETBIOSNAME/cifs_to_dc ' , ' -U$DC_USERNAME % $DC_PASSWORD ' , ' --kerberos=no ' ] + ntvfsargs , " samba4.ntvfs.cifs.ntlm. %s " % t )
2010-09-30 16:55:04 +04:00
2015-03-06 01:38:26 +03:00
plansmbtorture4testsuite ( ' echo.udp ' , ' ad_dc_ntvfs:local ' , ' //$SERVER/whatever ' )
2010-11-16 01:01:57 +03:00
2010-09-30 16:55:04 +04:00
# Local tests
2012-10-26 23:50:41 +04:00
for t in smbtorture4_testsuites ( " local. " ) :
2018-07-30 09:19:49 +03:00
# The local.resolve test needs a name to look up using real system (not emulated) name routines
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( t , " none " , " ncalrpc:localhost " )
2010-09-30 16:55:04 +04:00
2011-09-10 03:53:29 +04:00
# Confirm these tests with the system iconv too
for t in [ " local.convert_string_handle " , " local.convert_string " , " local.ndr " ] :
2011-11-14 04:54:26 +04:00
options = " ncalrpc: --option= ' iconv:use_builtin_handlers=false ' "
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( t , " none " , options ,
2018-07-30 09:16:12 +03:00
modname = " samba4. %s .system.iconv " % t )
2011-09-10 03:53:29 +04:00
2010-09-30 16:55:04 +04:00
tdbtorture4 = binpath ( " tdbtorture " )
if os . path . exists ( tdbtorture4 ) :
plantestsuite ( " tdb.stress " , " none " , valgrindify ( tdbtorture4 ) )
else :
skiptestsuite ( " tdb.stress " , " Using system TDB, tdbtorture not available " )
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( " drs.unit " , " none " , " ncalrpc: " )
2010-09-30 16:55:04 +04:00
# Pidl tests
2010-09-30 20:23:20 +04:00
for f in sorted ( os . listdir ( os . path . join ( samba4srcdir , " ../pidl/tests " ) ) ) :
2010-09-30 16:55:04 +04:00
if f . endswith ( " .pl " ) :
2010-09-30 20:29:58 +04:00
planperltestsuite ( " pidl. %s " % f [ : - 3 ] , os . path . normpath ( os . path . join ( samba4srcdir , " ../pidl/tests " , f ) ) )
2010-09-30 16:55:04 +04:00
2011-11-11 03:32:09 +04:00
# DNS tests
2016-01-29 07:03:56 +03:00
plantestsuite_loadlist ( " samba.tests.dns " , " fl2003dc:local " , [ python , os . path . join ( srcdir ( ) , " python/samba/tests/dns.py " ) , ' $SERVER ' , ' $SERVER_IP ' , ' --machine-pass ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2017-06-08 07:20:42 +03:00
plantestsuite_loadlist ( " samba.tests.dns " , " rodc:local " , [ python , os . path . join ( srcdir ( ) , " python/samba/tests/dns.py " ) , ' $SERVER ' , ' $SERVER_IP ' , ' --machine-pass ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
plantestsuite_loadlist ( " samba.tests.dns " , " vampire_dc:local " , [ python , os . path . join ( srcdir ( ) , " python/samba/tests/dns.py " ) , ' $SERVER ' , ' $SERVER_IP ' , ' --machine-pass ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2016-01-28 02:54:58 +03:00
2021-04-28 08:40:08 +03:00
plantestsuite_loadlist ( " samba.tests.dns_aging " , " fl2003dc:local " ,
[ python ,
f " { srcdir ( ) } /python/samba/tests/dns_aging.py " ,
' $SERVER ' ,
' $SERVER_IP ' ,
' --machine-pass ' ,
' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' ,
' $LOADLIST ' , ' $LISTOPT ' ] )
2016-04-11 06:18:34 +03:00
plantestsuite_loadlist ( " samba.tests.dns_forwarder " , " fl2003dc:local " , [ python , os . path . join ( srcdir ( ) , " python/samba/tests/dns_forwarder.py " ) , ' $SERVER ' , ' $SERVER_IP ' , ' $DNS_FORWARDER1 ' , ' $DNS_FORWARDER2 ' , ' --machine-pass ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2016-03-17 07:13:28 +03:00
2024-05-29 12:39:56 +03:00
plantestsuite_loadlist ( " samba.tests.dns_tkey " , " fl2008r2dc " ,
[ ' USERNAME_UNPRIV=$DOMAIN_USER ' , ' PASSWORD_UNPRIV=$DOMAIN_USER_PASSWORD ' ,
python , os . path . join ( srcdir ( ) , " python/samba/tests/dns_tkey.py " ) ,
' $SERVER ' , ' $SERVER_IP ' , ' --machine-pass ' , ' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2017-07-25 05:14:53 +03:00
plantestsuite_loadlist ( " samba.tests.dns_wildcard " , " ad_dc " , [ python , os . path . join ( srcdir ( ) , " python/samba/tests/dns_wildcard.py " ) , ' $SERVER ' , ' $SERVER_IP ' , ' --machine-pass ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2018-06-08 19:20:16 +03:00
plantestsuite_loadlist ( " samba.tests.dns_invalid " , " ad_dc " , [ python , os . path . join ( srcdir ( ) , " python/samba/tests/dns_invalid.py " ) , ' $SERVER_IP ' , ' --machine-pass ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2020-06-11 08:38:51 +03:00
plantestsuite_loadlist ( " samba.tests.dns_packet " ,
" ad_dc " ,
[ python ,
' -msamba.subunit.run ' ,
' $LOADLIST ' ,
" $LISTOPT "
" samba.tests.dns_packet "
] )
2021-04-16 18:32:27 +03:00
plantestsuite_loadlist ( " samba.tests.sddl " ,
" none " ,
[ python ,
' -msamba.subunit.run ' ,
' $LOADLIST ' ,
" $LISTOPT "
" samba.tests.sddl "
] )
2020-06-11 08:38:51 +03:00
2023-08-24 04:44:41 +03:00
plantestsuite_loadlist ( " samba.tests.sddl_conditional_ace " ,
" none " ,
[ python ,
' -msamba.subunit.run ' ,
' $LOADLIST ' ,
" $LISTOPT "
" samba.tests.sddl_conditional_ace "
] )
2012-10-26 23:50:41 +04:00
for t in smbtorture4_testsuites ( " dns_internal. " ) :
2019-02-26 16:04:42 +03:00
plansmbtorture4testsuite ( t , " ad_dc_default:local " , ' //$SERVER/whavever ' )
2012-09-11 02:14:39 +04:00
2024-02-28 05:32:41 +03:00
# These tests want to run on a barely changed fresh provision, before
2024-04-11 07:26:49 +03:00
# too much happens to this environment, it is read only and local
# (direct to the DB) so we use proclimitdc as it is otherwise empty
# bar a test for process limits.
planpythontestsuite ( " proclimitdc:local " , " samba.tests.dsdb_quiet_provision_tests " )
# We want this local test to run in an environment where not much is happening that could use root keys
planpythontestsuite ( " chgdcpass:local " , " samba.tests.dsdb_quiet_env_tests " )
2024-02-28 05:32:41 +03:00
2012-09-06 08:26:57 +04:00
# Local tests
2012-10-26 23:50:41 +04:00
for t in smbtorture4_testsuites ( " dlz_bind9. " ) :
2018-07-30 09:19:49 +03:00
# The dlz_bind9 tests needs to look at the DNS database
2012-12-28 14:00:28 +04:00
plansmbtorture4testsuite ( t , " chgdcpass:local " , [ " ncalrpc:$SERVER " , ' -U$USERNAME % $PASSWORD ' ] )
2011-11-11 03:32:09 +04:00
2023-02-17 17:40:30 +03:00
planpythontestsuite ( " fileserver_smb1 " , " samba.tests.libsmb-basic " )
2012-08-15 16:08:45 +04:00
2020-07-20 17:49:39 +03:00
planpythontestsuite ( " ad_member " , " samba.tests.smb-notify " ,
environ = { ' USERNAME ' : ' $DC_USERNAME ' ,
' PASSWORD ' : ' $DC_PASSWORD ' ,
' USERNAME_UNPRIV ' : ' alice ' ,
' PASSWORD_UNPRIV ' : ' Secret007 ' ,
' STRICT_CHECKING ' : ' 0 ' ,
' NOTIFY_SHARE ' : ' notify_priv ' } )
2010-09-30 16:55:04 +04:00
# Blackbox Tests:
# tests that interact directly with the command-line tools rather than using
# the API. These mainly test that the various command-line options of commands
# work correctly.
2020-06-26 19:35:38 +03:00
# smbtorture --fullname parameter test
plantestsuite ( " samba4.blackbox.smbtorture_subunit_names " , " none " ,
[
os . path . join ( bbdir , " test_smbtorture_test_names.sh " ) ,
smbtorture4
] )
2022-02-12 01:26:37 +03:00
for env in [ " ad_member " , " ad_dc_ntvfs " , " chgdcpass " ] :
2012-10-27 01:52:55 +04:00
plantestsuite ( " samba4.blackbox.smbclient( %s :local) " % env , " %s :local " % env , [ os . path . join ( samba4srcdir , " utils/tests/test_smbclient.sh " ) , ' $SERVER ' , ' $SERVER_IP ' , ' $USERNAME ' , ' $PASSWORD ' , ' $DOMAIN ' , smbclient4 ] )
2012-08-27 15:02:28 +04:00
2019-12-09 21:11:41 +03:00
plantestsuite ( " samba4.blackbox.samba_tool(ad_dc_default:local) " , " ad_dc_default:local " , [ os . path . join ( samba4srcdir , " utils/tests/test_samba_tool.sh " ) , ' $SERVER ' , ' $SERVER_IP ' , ' $USERNAME ' , ' $PASSWORD ' , ' $DOMAIN ' , smbclient3 ] )
2017-05-02 13:31:48 +03:00
plantestsuite ( " samba4.blackbox.net_rpc_user(ad_dc) " , " ad_dc " , [ os . path . join ( bbdir , " test_net_rpc_user.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $DOMAIN ' ] )
2016-01-14 12:32:57 +03:00
2018-10-16 16:16:18 +03:00
plantestsuite ( " samba4.blackbox.test_primary_group " , " ad_dc:local " , [ os . path . join ( bbdir , " test_primary_group.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $DOMAIN ' , ' $PREFIX_ABS ' ] )
2023-04-12 10:29:18 +03:00
plantestsuite ( " samba4.blackbox.test_alias_membership " , " ad_member_idmap_rid:local " , [ os . path . join ( bbdir , " test_alias_membership.sh " ) , ' $PREFIX_ABS ' ] )
2020-04-27 15:00:38 +03:00
plantestsuite ( " samba4.blackbox.test_old_enctypes " , " fl2003dc:local " , [ os . path . join ( bbdir , " test_old_enctypes.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $NETBIOSNAME ' , ' $PREFIX_ABS ' ] )
2023-11-13 13:48:52 +03:00
planpythontestsuite ( " ad_dc_default " , " samba.tests.blackbox.claims " )
2024-03-01 01:22:03 +03:00
planpythontestsuite ( " ad_dc_default " , " samba.tests.blackbox.gmsa " )
2016-01-14 12:32:57 +03:00
if have_heimdal_support :
2023-03-13 13:38:02 +03:00
plantestsuite ( " samba4.blackbox.kpasswd " ,
2023-03-14 10:08:22 +03:00
" ad_dc:local " ,
2023-03-13 13:38:02 +03:00
[
os . path . join ( bbdir , " test_kpasswd_heimdal.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
2023-03-13 14:23:08 +03:00
" $PREFIX " ,
configuration
2023-03-13 13:38:02 +03:00
] )
plantestsuite ( " samba4.blackbox.krb5.s4u " ,
" fl2008r2dc:local " ,
[
os . path . join ( bbdir , " test_s4u_heimdal.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $TRUST_SERVER ' ,
' $TRUST_USERNAME ' ,
' $TRUST_PASSWORD ' ,
' $TRUST_REALM ' ,
' $TRUST_DOMAIN ' ,
' $PREFIX ' ,
configuration
] )
2016-01-14 18:41:36 +03:00
else :
2023-03-13 13:38:02 +03:00
plantestsuite ( " samba4.blackbox.kpasswd " ,
2023-03-14 10:08:22 +03:00
" ad_dc:local " ,
2023-03-13 13:38:02 +03:00
[
os . path . join ( bbdir , " test_kpasswd_mit.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
2023-03-13 14:23:26 +03:00
" $PREFIX " ,
configuration
2023-03-13 13:38:02 +03:00
] )
2016-01-14 12:32:57 +03:00
2023-03-14 12:22:36 +03:00
plantestsuite ( " samba4.blackbox.kinit_simple " ,
" ad_dc:local " ,
[
os . path . join ( bbdir , " test_kinit.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $PREFIX ' ,
smbclient3 ,
configuration
] )
plantestsuite ( " samba4.blackbox.kinit_simple " ,
" fl2000dc:local " ,
[
os . path . join ( bbdir , " test_kinit.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $PREFIX ' ,
smbclient3 ,
configuration
] )
plantestsuite ( " samba4.blackbox.kinit_simple " ,
" fl2008r2dc:local " ,
[
os . path . join ( bbdir , " test_kinit.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $PREFIX ' ,
smbclient3 ,
configuration
] )
2023-03-15 10:43:54 +03:00
plantestsuite ( " samba4.blackbox.kinit_trust " ,
" fl2008r2dc:local " ,
[
os . path . join ( bbdir , " test_kinit_trusts.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $TRUST_SERVER ' ,
' $TRUST_USERNAME ' ,
' $TRUST_PASSWORD ' ,
' $TRUST_REALM ' ,
' $TRUST_DOMAIN ' ,
' $PREFIX ' ,
" forest " ,
configuration
] )
plantestsuite ( " samba4.blackbox.kinit_trust " ,
" fl2003dc:local " ,
[
os . path . join ( bbdir , " test_kinit_trusts.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $TRUST_SERVER ' ,
' $TRUST_USERNAME ' ,
' $TRUST_PASSWORD ' ,
' $TRUST_REALM ' ,
' $TRUST_DOMAIN ' ,
' $PREFIX ' ,
" external " ,
configuration
] )
plantestsuite ( " samba4.blackbox.kinit_trust " ,
" fl2000dc:local " ,
[
os . path . join ( bbdir , " test_kinit_trusts.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $TRUST_SERVER ' ,
' $TRUST_USERNAME ' ,
' $TRUST_PASSWORD ' ,
' $TRUST_REALM ' ,
' $TRUST_DOMAIN ' ,
' $PREFIX ' ,
" external " ,
configuration
] )
2023-03-15 15:14:16 +03:00
plantestsuite ( " samba4.blackbox.kinit.export.keytab " ,
" ad_dc:local " ,
[
os . path . join ( bbdir , " test_kinit_export_keytab.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $REALM ' ,
' $DOMAIN ' ,
" $PREFIX " ,
smbclient3 ,
configuration
] )
2022-03-24 03:04:54 +03:00
plantestsuite ( " samba4.blackbox.pkinit_simple " ,
" ad_dc:local " ,
[ os . path . join ( bbdir , " test_pkinit_simple.sh " ) ,
' $SERVER ' ,
' pkinit ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $PREFIX/ad_dc ' ,
smbclient3 ,
configuration ] )
2022-01-25 21:35:06 +03:00
plantestsuite ( " samba4.blackbox.pkinit_pac " ,
" ad_dc:local " ,
[ os . path . join ( bbdir , " test_pkinit_pac.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
' $PREFIX/ad_dc ' ,
configuration ] )
2022-03-24 03:04:54 +03:00
2019-07-19 13:35:57 +03:00
plantestsuite ( " samba.blackbox.client_kerberos " , " ad_dc " , [ os . path . join ( bbdir , " test_client_kerberos.sh " ) , ' $DOMAIN ' , ' $REALM ' , ' $USERNAME ' , ' $PASSWORD ' , ' $SERVER ' , ' $PREFIX_ABS ' , ' $SMB_CONF_PATH ' ] )
2021-11-17 13:46:04 +03:00
env = " ad_member:local "
plantestsuite ( " samba.blackbox.rpcclient_schannel " ,
env ,
[ os . path . join ( bbdir , " test_rpcclient_schannel.sh " ) ,
' $DOMAIN ' ,
' $REALM ' ,
' $DC_USERNAME ' ,
' $DC_PASSWORD ' ,
' $DC_SERVER ' ,
' $PREFIX_ABS ' ,
' $SMB_CONF_PATH ' ,
env ] )
env = " ad_member_fips:local "
plantestsuite ( " samba.blackbox.rpcclient_schannel " ,
env ,
[ os . path . join ( bbdir , " test_rpcclient_schannel.sh " ) ,
' $DOMAIN ' ,
' $REALM ' ,
' $DC_USERNAME ' ,
' $DC_PASSWORD ' ,
' $DC_SERVER ' ,
' $PREFIX_ABS ' ,
' $SMB_CONF_PATH ' ,
env ] ,
environ = { ' GNUTLS_FORCE_FIPS_MODE ' : ' 1 ' ,
' OPENSSL_FORCE_FIPS_MODE ' : ' 1 ' } )
2017-06-17 02:06:46 +03:00
plantestsuite ( " samba4.blackbox.trust_ntlm " , " fl2008r2dc:local " , [ os . path . join ( bbdir , " test_trust_ntlm.sh " ) , ' $SERVER_IP ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' forest ' , ' auto ' , ' NT_STATUS_LOGON_FAILURE ' ] )
plantestsuite ( " samba4.blackbox.trust_ntlm " , " fl2003dc:local " , [ os . path . join ( bbdir , " test_trust_ntlm.sh " ) , ' $SERVER_IP ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' external ' , ' auto ' , ' NT_STATUS_LOGON_FAILURE ' ] )
2017-06-09 16:03:29 +03:00
plantestsuite ( " samba4.blackbox.trust_ntlm " , " fl2000dc:local " , [ os . path . join ( bbdir , " test_trust_ntlm.sh " ) , ' $SERVER_IP ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' external ' , ' auto ' , ' NT_STATUS_LOGON_FAILURE ' ] )
2017-04-06 20:44:16 +03:00
plantestsuite ( " samba4.blackbox.trust_ntlm " , " ad_member:local " , [ os . path . join ( bbdir , " test_trust_ntlm.sh " ) , ' $SERVER_IP ' , ' $USERNAME ' , ' $PASSWORD ' , ' $SERVER ' , ' $SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' member ' , ' auto ' , ' NT_STATUS_LOGON_FAILURE ' ] )
plantestsuite ( " samba4.blackbox.trust_ntlm " , " nt4_member:local " , [ os . path . join ( bbdir , " test_trust_ntlm.sh " ) , ' $SERVER_IP ' , ' $USERNAME ' , ' $PASSWORD ' , ' $SERVER ' , ' $SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $DOMAIN ' , ' $DOMAIN ' , ' member ' , ' auto ' , ' NT_STATUS_LOGON_FAILURE ' ] )
2016-02-15 10:22:58 +03:00
2024-06-18 20:34:30 +03:00
plantestsuite ( " samba4.blackbox.ldap_token " , " fl2008r2dc:local " , [ os . path . join ( bbdir , " test_ldap_token.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $DOMSID ' ] )
plantestsuite ( " samba4.blackbox.ldap_token " , " fl2003dc:local " , [ os . path . join ( bbdir , " test_ldap_token.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $DOMSID ' ] )
plantestsuite ( " samba4.blackbox.ldap_token " , " fl2000dc:local " , [ os . path . join ( bbdir , " test_ldap_token.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $DOMSID ' ] )
plantestsuite ( " samba4.blackbox.ldap_token " , " ad_member:local " , [ os . path . join ( bbdir , " test_ldap_token.sh " ) , ' $DC_SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $DOMSID ' ] )
2015-05-11 14:35:17 +03:00
plantestsuite ( " samba4.blackbox.trust_utils(fl2008r2dc:local) " , " fl2008r2dc:local " , [ os . path . join ( bbdir , " test_trust_utils.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $TRUST_SERVER ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' $PREFIX ' , " forest " ] )
plantestsuite ( " samba4.blackbox.trust_utils(fl2003dc:local) " , " fl2003dc:local " , [ os . path . join ( bbdir , " test_trust_utils.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $TRUST_SERVER ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' $PREFIX ' , " external " ] )
2017-06-09 16:03:29 +03:00
plantestsuite ( " samba4.blackbox.trust_utils(fl2000dc:local) " , " fl2000dc:local " , [ os . path . join ( bbdir , " test_trust_utils.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $TRUST_SERVER ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' $PREFIX ' , " external " ] )
2018-02-26 19:46:55 +03:00
plantestsuite ( " samba4.blackbox.trust_token " , " fl2008r2dc " , [ os . path . join ( bbdir , " test_trust_token.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $DOMSID ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' $TRUST_DOMSID ' , ' forest ' ] )
plantestsuite ( " samba4.blackbox.trust_token " , " fl2003dc " , [ os . path . join ( bbdir , " test_trust_token.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $DOMSID ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' $TRUST_DOMSID ' , ' external ' ] )
2017-06-09 16:03:29 +03:00
plantestsuite ( " samba4.blackbox.trust_token " , " fl2000dc " , [ os . path . join ( bbdir , " test_trust_token.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , ' $DOMSID ' , ' $TRUST_USERNAME ' , ' $TRUST_PASSWORD ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' , ' $TRUST_DOMSID ' , ' external ' ] )
2015-03-06 01:38:26 +03:00
plantestsuite ( " samba4.blackbox.ktpass(ad_dc_ntvfs) " , " ad_dc_ntvfs " , [ os . path . join ( bbdir , " test_ktpass.sh " ) , ' $PREFIX/ad_dc_ntvfs ' ] )
2023-03-15 23:24:44 +03:00
plantestsuite ( " samba4.blackbox.password_settings " ,
" ad_dc:local " ,
2023-03-13 16:29:48 +03:00
[
os . path . join ( bbdir , " test_password_settings.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
2023-03-13 16:32:50 +03:00
" $PREFIX " ,
configuration
2023-03-13 16:29:48 +03:00
] )
2018-02-16 19:15:28 +03:00
plantestsuite ( " samba4.blackbox.trust_user_account " , " fl2008r2dc:local " , [ os . path . join ( bbdir , " test_trust_user_account.sh " ) , ' $PREFIX ' , ' $REALM ' , ' $DOMAIN ' , ' $TRUST_REALM ' , ' $TRUST_DOMAIN ' ] )
2015-03-06 01:38:26 +03:00
plantestsuite ( " samba4.blackbox.cifsdd(ad_dc_ntvfs) " , " ad_dc_ntvfs " , [ os . path . join ( samba4srcdir , " client/tests/test_cifsdd.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , " $DOMAIN " ] )
plantestsuite ( " samba4.blackbox.nmblookup(ad_dc_ntvfs) " , " ad_dc_ntvfs " , [ os . path . join ( samba4srcdir , " utils/tests/test_nmblookup.sh " ) , ' $NETBIOSNAME ' , ' $NETBIOSALIAS ' , ' $SERVER ' , ' $SERVER_IP ' , nmblookup4 ] )
plantestsuite ( " samba4.blackbox.locktest(ad_dc_ntvfs) " , " ad_dc_ntvfs " , [ os . path . join ( samba4srcdir , " torture/tests/test_locktest.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $DOMAIN ' , ' $PREFIX ' ] )
plantestsuite ( " samba4.blackbox.masktest " , " ad_dc_ntvfs " , [ os . path . join ( samba4srcdir , " torture/tests/test_masktest.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $DOMAIN ' , ' $PREFIX ' ] )
plantestsuite ( " samba4.blackbox.gentest(ad_dc_ntvfs) " , " ad_dc_ntvfs " , [ os . path . join ( samba4srcdir , " torture/tests/test_gentest.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $DOMAIN ' , " $PREFIX " ] )
2023-03-17 00:09:34 +03:00
plantestsuite ( " samba4.blackbox.rfc2307_mapping " ,
" ad_dc:local " ,
2023-03-17 00:08:46 +03:00
[
os . path . join ( samba4srcdir ,
" ../nsswitch/tests/test_rfc2307_mapping.sh " ) ,
' $DOMAIN ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
" $SERVER " ,
" $UID_RFC2307TEST " ,
" $GID_RFC2307TEST " ,
configuration
] )
2023-02-21 01:41:34 +03:00
plantestsuite ( " samba4.blackbox.chgdcpass " , " chgdcpass " , [ os . path . join ( bbdir , " test_chgdcpass.sh " ) , ' $SERVER ' , r " CHGDCPASS \ $ " , ' $REALM ' , ' $DOMAIN ' , ' $PREFIX/chgdcpass ' , " aes256-cts-hmac-sha1-96 " , ' $PREFIX/chgdcpass ' , smbclient3 ] )
2012-12-28 03:06:39 +04:00
plantestsuite ( " samba4.blackbox.samba_upgradedns(chgdcpass:local) " , " chgdcpass:local " , [ os . path . join ( bbdir , " test_samba_upgradedns.sh " ) , ' $SERVER ' , ' $REALM ' , ' $PREFIX ' , ' $SELFTEST_PREFIX/chgdcpass ' ] )
2019-10-10 10:14:24 +03:00
plantestsuite ( " samba4.blackbox.net_ads " , " ad_dc:client " , [ os . path . join ( bbdir , " test_net_ads.sh " ) , ' $DC_SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $PREFIX_ABS ' ] )
2021-06-05 01:32:17 +03:00
plantestsuite ( " samba4.blackbox.net_offlinejoin " , " ad_dc:client " , [ os . path . join ( bbdir , " test_net_offline.sh " ) , ' $DC_SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $PREFIX_ABS ' ] )
2016-07-05 06:07:04 +03:00
plantestsuite ( " samba4.blackbox.client_etypes_all(ad_dc:client) " , " ad_dc:client " , [ os . path . join ( bbdir , " test_client_etypes.sh " ) , ' $DC_SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $PREFIX_ABS ' , ' all ' , ' 17_18_23 ' ] )
plantestsuite ( " samba4.blackbox.client_etypes_legacy(ad_dc:client) " , " ad_dc:client " , [ os . path . join ( bbdir , " test_client_etypes.sh " ) , ' $DC_SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $PREFIX_ABS ' , ' legacy ' , ' 23 ' ] )
plantestsuite ( " samba4.blackbox.client_etypes_strong(ad_dc:client) " , " ad_dc:client " , [ os . path . join ( bbdir , " test_client_etypes.sh " ) , ' $DC_SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $PREFIX_ABS ' , ' strong ' , ' 17_18 ' ] )
2016-06-19 07:51:26 +03:00
plantestsuite ( " samba4.blackbox.net_ads_dns(ad_member:local) " , " ad_member:local " , [ os . path . join ( bbdir , " test_net_ads_dns.sh " ) , ' $DC_SERVER ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , ' $REALM ' , ' $USERNAME ' , ' $PASSWORD ' ] )
2023-05-17 12:26:48 +03:00
plantestsuite ( " samba4.blackbox.samba-tool_ntacl(ad_member:local) " , " ad_member:local " , [ os . path . join ( bbdir , " test_samba-tool_ntacl.sh " ) , ' $PREFIX ' , ' $DOMSID ' , configuration ] )
2020-03-11 20:35:57 +03:00
2023-04-05 17:45:21 +03:00
env = " ad_member:local "
plantestsuite ( " samba4.blackbox.net_ads_search_server_P.primary " , env ,
[ os . path . join ( bbdir , " test_net_ads_search_server.sh " ) ,
' $DC_SERVER ' , ' $REALM ' ] )
plantestsuite ( " samba4.blackbox.net_ads_search_server_P.trust_e_both " , env ,
[ os . path . join ( bbdir , " test_net_ads_search_server.sh " ) ,
' $TRUST_E_BOTH_SERVER ' , ' $TRUST_E_BOTH_REALM ' ] )
plantestsuite ( " samba4.blackbox.net_ads_search_server_P.trust_f_both " , env ,
[ os . path . join ( bbdir , " test_net_ads_search_server.sh " ) ,
' $TRUST_F_BOTH_SERVER ' , ' $TRUST_F_BOTH_REALM ' ] )
2021-04-13 18:48:21 +03:00
if have_gnutls_fips_mode_support :
2020-03-13 18:15:52 +03:00
plantestsuite ( " samba4.blackbox.weak_crypto.client " , " ad_dc " , [ os . path . join ( bbdir , " test_weak_crypto.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' , ' $REALM ' , ' $DOMAIN ' , " $PREFIX/ad_dc " ] )
2022-01-04 14:00:20 +03:00
plantestsuite ( " samba4.blackbox.test_weak_disable_ntlmssp_ldap " , " ad_member:local " , [ os . path . join ( bbdir , " test_weak_disable_ntlmssp_ldap.sh " ) , ' $DC_USERNAME ' , ' $DC_PASSWORD ' ] )
2020-05-15 12:41:55 +03:00
for env in [ " ad_dc_fips " , " ad_member_fips " ] :
2021-07-27 15:11:39 +03:00
plantestsuite ( " samba4.blackbox.weak_crypto.server " ,
env ,
[ os . path . join ( bbdir , " test_weak_crypto_server.sh " ) ,
' $SERVER ' ,
' $USERNAME ' ,
' $PASSWORD ' ,
' $REALM ' ,
' $DOMAIN ' ,
" $PREFIX/ad_dc_fips " ,
configuration ] ,
environ = { ' GNUTLS_FORCE_FIPS_MODE ' : ' 1 ' ,
' OPENSSL_FORCE_FIPS_MODE ' : ' 1 ' } )
plantestsuite ( " samba4.blackbox.net_ads_fips " ,
" ad_dc_fips:client " ,
[ os . path . join ( bbdir , " test_net_ads_fips.sh " ) ,
' $DC_SERVER ' ,
' $DC_USERNAME ' ,
' $DC_PASSWORD ' ,
' $PREFIX_ABS ' ] ,
environ = { ' GNUTLS_FORCE_FIPS_MODE ' : ' 1 ' ,
' OPENSSL_FORCE_FIPS_MODE ' : ' 1 ' } )
2020-03-11 20:35:57 +03:00
2020-05-15 12:41:55 +03:00
t = " --krb5auth=$DOMAIN/$DC_USERNAME % $DC_PASSWORD "
2021-07-27 15:11:39 +03:00
plantestsuite ( " samba3.wbinfo_simple.fips. %s " % t ,
" ad_member_fips:local " ,
[ os . path . join ( srcdir ( ) , " nsswitch/tests/test_wbinfo_simple.sh " ) , t ] ,
environ = { ' GNUTLS_FORCE_FIPS_MODE ' : ' 1 ' ,
' OPENSSL_FORCE_FIPS_MODE ' : ' 1 ' } )
plantestsuite ( " samba4.wbinfo_name_lookup.fips " ,
" ad_member_fips " ,
[ os . path . join ( srcdir ( ) , " nsswitch/tests/test_wbinfo_name_lookup.sh " ) ,
' $DOMAIN ' ,
' $REALM ' ,
' $DC_USERNAME ' ] ,
environ = { ' GNUTLS_FORCE_FIPS_MODE ' : ' 1 ' ,
' OPENSSL_FORCE_FIPS_MODE ' : ' 1 ' } )
2020-05-15 12:41:55 +03:00
2021-07-26 11:18:05 +03:00
plansmbtorture4testsuite ( ' rpc.fips.netlogon.crypto ' ,
' ad_dc_fips ' ,
[ ' ncacn_np:$SERVER[krb5] ' ,
' -U$USERNAME % $PASSWORD ' ,
' --workgroup=$DOMAIN ' ,
' --client-protection=encrypt ' ] ,
' samba4.rpc.fips.netlogon.crypto ' ,
environ = { ' GNUTLS_FORCE_FIPS_MODE ' : ' 1 ' ,
' OPENSSL_FORCE_FIPS_MODE ' : ' 1 ' } )
2020-11-23 00:43:36 +03:00
plansmbtorture4testsuite ( ' rpc.echo ' , " ad_dc_ntvfs " , [ ' ncacn_np:$NETBIOSALIAS ' , ' -U$DOMAIN/$USERNAME % $PASSWORD ' ] , " samba4.rpc.echo against NetBIOS alias " )
2020-10-08 15:00:44 +03:00
# Test wbinfo trust auth
for env in [ " ad_member_oneway:local " , " fl2000dc:local " , " fl2003dc:local " , " fl2008r2dc:local " ] :
for t in [ " --krb5auth=$TRUST_REALM/$TRUST_USERNAME % $TRUST_PASSWORD " ,
" --krb5auth=$TRUST_DOMAIN/$TRUST_USERNAME % $TRUST_PASSWORD " ,
" --authenticate=$TRUST_REALM/$TRUST_USERNAME % $TRUST_PASSWORD " ,
" --authenticate=$TRUST_DOMAIN/$TRUST_USERNAME % $TRUST_PASSWORD " ] :
plantestsuite ( " samba3.wbinfo_simple.trust: %s " % t , env , [ os . path . join ( srcdir ( ) , " nsswitch/tests/test_wbinfo_simple.sh " ) , t ] )
2018-08-20 15:50:39 +03:00
# json tests hook into ``chgdcpass'' to make them run in contributor CI on
# gitlab
planpythontestsuite ( " chgdcpass " , " samba.tests.blackbox.netads_json " )
2010-09-30 16:55:04 +04:00
# Tests using the "Simple" NTVFS backend
2010-12-11 05:26:31 +03:00
for t in [ " base.rw1 " ] :
2015-03-06 01:38:26 +03:00
plansmbtorture4testsuite ( t , " ad_dc_ntvfs " , [ " //$SERVER/simple " , ' -U$USERNAME % $PASSWORD ' ] , modname = " samba4.ntvfs.simple. %s " % t )
2010-09-30 16:55:04 +04:00
2011-04-18 12:57:22 +04:00
# Domain S4member Tests
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' rpc.echo ' , " s4member " , [ ' ncacn_np:$NETBIOSNAME ' , ' -U$NETBIOSNAME/$USERNAME % $PASSWORD ' ] , " samba4.rpc.echo against s4member server with local creds " )
plansmbtorture4testsuite ( ' rpc.echo ' , " s4member " , [ ' ncacn_np:$NETBIOSNAME ' , ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] , " samba4.rpc.echo against s4member server with domain creds " )
plansmbtorture4testsuite ( ' rpc.samr ' , " s4member " , [ ' ncacn_np:$NETBIOSNAME ' , ' -U$NETBIOSNAME/$USERNAME % $PASSWORD ' ] , " samba4.rpc.samr against s4member server with local creds " )
plansmbtorture4testsuite ( ' rpc.samr.users ' , " s4member " , [ ' ncacn_np:$NETBIOSNAME ' , ' -U$NETBIOSNAME/$USERNAME % $PASSWORD ' ] , " samba4.rpc.samr.users against s4member server with local creds " , )
2022-07-15 11:09:02 +03:00
plansmbtorture4testsuite ( ' rpc.samr.passwords.default ' ,
2022-07-15 11:08:09 +03:00
" s4member " ,
[ ' ncacn_np:$NETBIOSNAME ' ,
' -U$NETBIOSNAME/$USERNAME % $PASSWORD ' ] ,
" samba4.rpc.samr.passwords.default against s4member server with local creds " )
2012-10-27 01:52:55 +04:00
plantestsuite ( " samba4.blackbox.smbclient against s4member server with local creds " , " s4member " , [ os . path . join ( samba4srcdir , " client/tests/test_smbclient.sh " ) , ' $NETBIOSNAME ' , ' $USERNAME ' , ' $PASSWORD ' , ' $NETBIOSNAME ' , ' $PREFIX ' , smbclient4 ] )
2010-09-30 16:55:04 +04:00
# RPC Proxy
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( " rpc.echo " , " rpc_proxy " , [ ' ncacn_ip_tcp:$NETBIOSNAME ' , ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] , modname = " samba4.rpc.echo against rpc proxy with domain creds " )
2010-09-30 16:55:04 +04:00
# Tests SMB signing
for mech in [
" -k no " ,
2017-12-07 15:00:10 +03:00
" -k no --option=clientusespnego=no " ,
2010-09-30 16:55:04 +04:00
" -k no --option=gensec:spengo=no " ,
" -k yes " ,
" -k yes --option=gensec:fake_gssapi_krb5=yes --option=gensec:gssapi_krb5=no " ] :
2020-12-02 19:24:22 +03:00
for signing in [ " --option=clientsigning=desired " , " --option=clientsigning=required " ] :
2010-09-30 16:55:04 +04:00
signoptions = " %s %s " % ( mech , signing )
name = " smb.signing on with %s " % signoptions
2015-03-06 01:38:26 +03:00
plansmbtorture4testsuite ( ' base.xcopy ' , " ad_dc_ntvfs " , [ ' //$NETBIOSNAME/xcopy_share ' , signoptions , ' -U$USERNAME % $PASSWORD ' ] , modname = " samba4. %s " % name )
2010-09-30 16:55:04 +04:00
for mech in [
" -k no " ,
2017-12-07 15:00:10 +03:00
" -k no --option=clientusespnego=no " ,
2010-09-30 16:55:04 +04:00
" -k no --option=gensec:spengo=no " ,
2011-04-19 10:38:46 +04:00
" -k yes " ] :
2020-12-02 19:24:22 +03:00
signoptions = " %s --client-protection=off " % mech
2011-04-19 10:38:46 +04:00
name = " smb.signing disabled on with %s " % signoptions
2015-03-06 01:46:14 +03:00
plansmbtorture4testsuite ( ' base.xcopy ' , " ad_member " , [ ' //$NETBIOSNAME/xcopy_share ' , signoptions , ' -U$DC_USERNAME % $DC_PASSWORD ' ] , " samba4. %s domain-creds " % name )
2015-03-05 20:08:43 +03:00
plansmbtorture4testsuite ( ' base.xcopy ' , " ad_dc " , [ ' //$NETBIOSNAME/xcopy_share ' , signoptions , ' -U$USERNAME % $PASSWORD ' ] , " samba4. %s " % name )
plansmbtorture4testsuite ( ' base.xcopy ' , " ad_dc " ,
2018-07-30 09:16:12 +03:00
[ ' //$NETBIOSNAME/xcopy_share ' , signoptions , ' -U$DC_USERNAME % $DC_PASSWORD ' ] , " samba4. %s administrator " % name )
2010-09-30 16:55:04 +04:00
2019-12-09 14:39:58 +03:00
plantestsuite ( " samba4.blackbox.bogusdomain " , " ad_member " , [ " testprogs/blackbox/bogus.sh " , " $NETBIOSNAME " , " xcopy_share " , ' $USERNAME ' , ' $PASSWORD ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , smbclient3 ] )
2010-09-30 16:55:04 +04:00
for mech in [
" -k no " ,
2017-12-07 15:00:10 +03:00
" -k no --option=clientusespnego=no " ,
2010-09-30 16:55:04 +04:00
" -k no --option=gensec:spengo=no " ] :
2020-12-02 19:24:22 +03:00
signoptions = " %s --client-protection=off " % mech
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' base.xcopy ' , " s4member " , [ ' //$NETBIOSNAME/xcopy_share ' , signoptions , ' -U$NETBIOSNAME/$USERNAME % $PASSWORD ' ] , modname = " samba4.smb.signing on with %s local-creds " % signoptions )
2011-07-26 10:17:30 +04:00
2020-12-02 19:24:22 +03:00
plansmbtorture4testsuite ( ' base.xcopy ' , " ad_dc_ntvfs " , [ ' //$NETBIOSNAME/xcopy_share ' , ' -k ' , ' no ' , ' --option=clientsigning=desired ' , ' -U % ' ] , modname = " samba4.smb.signing --option=clientsigning=desired anon " )
plansmbtorture4testsuite ( ' base.xcopy ' , " ad_dc_ntvfs " , [ ' //$NETBIOSNAME/xcopy_share ' , ' -k ' , ' no ' , ' --option=clientsigning=required ' , ' -U % ' ] , modname = " samba4.smb.signing --option=clientsigning=required anon " )
plansmbtorture4testsuite ( ' base.xcopy ' , " s4member " , [ ' //$NETBIOSNAME/xcopy_share ' , ' -k ' , ' no ' , ' --option=clientsigning=disabled ' , ' -U % ' ] , modname = " samba4.smb.signing --option=clientsigning=disabled anon " )
2010-09-30 16:55:04 +04:00
2019-09-04 16:39:43 +03:00
# Test SPNEGO without issuing an optimistic token
opt = ' --option=spnego:client_no_optimistic=yes '
2019-12-11 16:02:25 +03:00
plansmbtorture4testsuite ( ' base.xcopy ' , " ad_dc_smb1 " , [ ' //$NETBIOSNAME/xcopy_share ' , ' -U$USERNAME % $PASSWORD ' , opt , ' -k ' , ' no ' ] , modname = " samba4.smb.spnego.ntlmssp.no_optimistic " )
plansmbtorture4testsuite ( ' base.xcopy ' , " ad_dc_smb1 " , [ ' //$NETBIOSNAME/xcopy_share ' , ' -U$USERNAME % $PASSWORD ' , opt , ' -k ' , ' yes ' ] , modname = " samba4.smb.spnego.krb5.no_optimistic " )
2010-09-30 16:55:04 +04:00
2015-03-28 12:04:30 +03:00
wb_opts_default = [ " --option= \" torture:strict mode=no \" " , " --option= \" torture:timelimit=1 \" " , " --option= \" torture:winbindd_separator=/ \" " , " --option= \" torture:winbindd_netbios_name=$SERVER \" " , " --option= \" torture:winbindd_netbios_domain=$DOMAIN \" " ]
2010-09-30 16:55:04 +04:00
2014-05-19 09:32:56 +04:00
winbind_ad_client_tests = smbtorture4_testsuites ( " winbind.struct " ) + smbtorture4_testsuites ( " winbind.pac " )
winbind_wbclient_tests = smbtorture4_testsuites ( " winbind.wbclient " )
2022-02-12 01:26:37 +03:00
for env in [ " ad_dc " , " ad_member " , " nt4_member " ] :
2015-05-05 11:37:14 +03:00
wb_opts = wb_opts_default [ : ]
2015-03-28 11:31:05 +03:00
if env in [ " ad_member " ] :
wb_opts + = [ " --option= \" torture:winbindd_domain_without_prefix=$DOMAIN \" " ]
2014-05-19 09:32:56 +04:00
for t in winbind_ad_client_tests :
plansmbtorture4testsuite ( t , " %s :local " % env , wb_opts + [ ' //$SERVER/tmp ' , ' --realm=$REALM ' , ' --machine-pass ' , ' --option=torture:addc=$DC_SERVER ' ] )
2015-03-06 11:34:11 +03:00
for env in [ " nt4_dc " , " fl2003dc " ] :
2014-05-19 09:32:56 +04:00
for t in winbind_wbclient_tests :
plansmbtorture4testsuite ( t , " %s :local " % env , ' //$SERVER/tmp -U$DC_USERNAME % $DC_PASSWORD ' )
2022-02-12 01:26:37 +03:00
for env in [ " nt4_dc " , " nt4_member " , " ad_dc " , " ad_member " , " chgdcpass " , " rodc " ] :
2014-05-19 09:32:56 +04:00
tests = [ " --ping " , " --separator " ,
" --own-domain " ,
" --all-domains " ,
" --trusted-domains " ,
" --domain-info=BUILTIN " ,
" --domain-info=$DOMAIN " ,
" --online-status " ,
" --online-status --domain=BUILTIN " ,
" --online-status --domain=$DOMAIN " ,
" --check-secret --domain=$DOMAIN " ,
" --change-secret --domain=$DOMAIN " ,
" --check-secret --domain=$DOMAIN " ,
" --online-status --domain=$DOMAIN " ,
2014-05-20 01:23:33 +04:00
" --domain-users " ,
2014-05-19 09:32:56 +04:00
" --domain-groups " ,
" --name-to-sid=$DC_USERNAME " ,
" --name-to-sid=$DOMAIN/$DC_USERNAME " ,
2014-06-30 06:58:21 +04:00
" --user-info=$DOMAIN/$DC_USERNAME " ,
2014-05-19 09:32:56 +04:00
" --user-groups=$DOMAIN/$DC_USERNAME " ,
" --authenticate=$DOMAIN/$DC_USERNAME % $DC_PASSWORD " ,
" --allocate-uid " ,
" --allocate-gid " ]
for t in tests :
2018-03-02 13:01:33 +03:00
plantestsuite ( " samba.wbinfo_simple. %s " % ( t . replace ( " -- " , " . " ) . replace ( " -- " , " " ) ) , " %s :local " % env , [ os . path . join ( srcdir ( ) , " nsswitch/tests/test_wbinfo_simple.sh " ) , t ] )
2014-05-19 09:32:56 +04:00
plantestsuite (
" samba.wbinfo_sids2xids.( %s :local) " % env , " %s :local " % env ,
[ os . path . join ( samba3srcdir , " script/tests/test_wbinfo_sids2xids.sh " ) ] )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( env + " :local " , " samba.tests.ntlm_auth " )
2018-08-31 13:47:11 +03:00
winbind: Test wbinfo -u with more than 1000 users
winbind asks dcerpc_samr_LookupRids in one batch, where samr.idl has
NTSTATUS samr_LookupRids(
[in,ref] policy_handle *domain_handle,
[in,range(0,1000)] uint32 num_rids,
[in,size_is(1000),length_is(num_rids)] uint32 rids[],
[out,ref] lsa_Strings *names,
[out,ref] samr_Ids *types
);
limiting num_rids to 1000 entries. Test this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-27 13:25:24 +03:00
plantestsuite (
" samba.wbinfo_u_large_ad.(ad_dc:local) " ,
" ad_dc:local " ,
[ os . path . join ( samba3srcdir , " script/tests/test_wbinfo_u_large_ad.sh " ) ] )
2018-09-06 13:58:42 +03:00
for env in [ " ktest " ] :
2019-02-15 07:30:43 +03:00
planpythontestsuite ( env + " :local " , " samba.tests.ntlm_auth_krb5 " )
2018-09-06 13:58:42 +03:00
2016-09-29 18:50:58 +03:00
for env in [ " s4member_dflt_domain " , " s4member " ] :
for cmd in [ " id " , " getent " ] :
users = [ " $DC_USERNAME " , " $DC_USERNAME@$REALM " ]
if env == " s4member " :
users = [ " $DOMAIN/$DC_USERNAME " , " $DC_USERNAME@$REALM " ]
for usr in users :
2018-07-30 09:19:05 +03:00
plantestsuite ( " samba4.winbind.dom_name_parse.cmd " , env , " %s /dom_parse.sh %s %s " % ( bbdir , cmd , usr ) )
2010-09-30 16:55:04 +04:00
nsstest4 = binpath ( " nsstest " )
2016-06-14 11:25:21 +03:00
for env in [ " ad_dc:local " , " s4member:local " , " nt4_dc:local " , " ad_member:local " , " nt4_member:local " ] :
2012-02-16 08:10:00 +04:00
if os . path . exists ( nsstest4 ) :
nsswitch: reduce dependecies to private libraries and link static/builtin if possible
Over the last month I got more and more reports,
that it's not possible to use a custom Samba version
on systems with sssd being installed, which depends on some
specific samba libraries installed in the system.
One major problem is that the custom libnss_winbind.so.2
depends on the libreplace-samba4.so of the custom build
and also injects an RPATH into the running process.
When sssd uses any nss library call it will get this,
when it then tries to load some of its plugins via dlopen(),
e.g.
ldd /usr/lib64/sssd/libsss_ad.so| grep samba
libsamba-util.so.0 => /lib64/libsamba-util.so.0
libreplace-samba4.so => /usr/lib64/samba/libreplace-samba4.so
libsamba-security-samba4.so => /usr/lib64/samba/libsamba-security-samba4.so
libsamba-errors.so.1 => /lib64/libsamba-errors.so.1
libsamba-debug-samba4.so => /usr/lib64/samba/libsamba-debug-samba4.so
libgenrand-samba4.so => /usr/lib64/samba/libgenrand-samba4.so
libsocket-blocking-samba4.so => /usr/lib64/samba/libsocket-blocking-samba4.so
libtime-basic-samba4.so => /usr/lib64/samba/libtime-basic-samba4.so
libsys-rw-samba4.so => /usr/lib64/samba/libsys-rw-samba4.so
libiov-buf-samba4.so => /usr/lib64/samba/libiov-buf-samba4.so
When that loads dlopen() will fail as a soname libreplace-samba4.so is
already loaded, but the symbol version within the other one don't match, as the
contain the exact version, e.g. replace_dummy@@SAMBA_4.13.3.
This is just an example and similar things can happen in all situations
where we provide libraries, which are potentially injected into every
process of the running system. These should only depend on libc.so and
related basic system libraries in order to avoid the problem.
We have the following libraries, which are in the that category:
- libnss_winbind.so.2
- libnss_wins.so.2
- pam_winbind.so
- winbind_krb5_locator.so
- async_dns_krb5_locator.so
The rules of library loading are really complex and symbol versioning
is not enough to solve it, only the combination of unique soname and
unique symbol version suffix seem to solve the problem, but injecting
an RPATH is still a problem.
In order to solve the problem I experimented with adding SAMBA_SUBSYSTEM()
definitions with 'hide_symbols=True' in order to do some static linking
of selected components, e.g.
bld.SAMBA_SUBSYSTEM('replace-hidden',
source=REPLACE_SOURCE,
group='base_libraries',
hide_symbols=True,
deps='dl attr' + extra_libs)
It's relatively simple to get to the point where the following are
completely static:
- libnss_winbind.so.2
- libnss_wins.so.2
- pam_winbind.so
- winbind_krb5_locator.so
But 'async_dns_krb5_locator.so' links in almost everything!
It seems we install the krb5 plugins into our own $MODULESDIR/krb5/,
so it may not be so critical, as long it's the admin who created
the desired symlinks into the location the kerberos libraries search
for plugins. Note the at least the locator plugins are always loaded
without any configuration, every .so in a special path are loaded with dlopen().
This is done by every application using kerberos, so we load a lot of samba libraries
into them.
Packagers should not put async_dns_krb5_locator.so (nor a symlink) into
the path that's reachable by libkrb5.so.
As a longterm solution we may want to change async_dns_krb5_locator.so
to use a helper process with posix_spawn() instead of doing everything
within the process.
Note I added hiden_symbols=True to the nss modules for Linux and
FreeBSD only, because these are the only platforms I'm able to test
on. We most likely should do the same on other platforms, but some
with access to the platform should provide a tested patch.
In order to avoid manual definitions of SAMBA_SUBSYSTEMS() with
'-hidden', I added the 'provide_builtin_linking=True' option,
as the logic is very similar to what we already have with the
'--builtin-libraries=BUILTIN_LIBRARIES' configure option.
SAMBA_PLUGIN() is used in order to use SAMBA_LIBRARY() in order
to make it more strict that these plugins can't be used as
normal depedency by other subsystems and libraries.
While being there it was easy enough to make libwbclient.so
also standalone without dependecies to other samba libraries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14780
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2021-07-01 13:08:16 +03:00
plantestsuite ( " samba.nss.test using winbind( %s ) " % env , env , [ os . path . join ( bbdir , " nsstest.sh " ) , nsstest4 , os . path . join ( samba4bindir , " plugins/libnss_wrapper_winbind.so.2 " ) ] )
2012-02-16 08:10:00 +04:00
else :
2014-05-19 09:32:56 +04:00
skiptestsuite ( " samba.nss.test using winbind( %s ) " % env , " nsstest not available " )
2010-09-30 16:55:04 +04:00
2010-12-09 18:28:31 +03:00
2021-04-13 18:48:21 +03:00
if have_gnutls_fips_mode_support :
2021-07-27 15:11:39 +03:00
planoldpythontestsuite ( " ad_dc " ,
2024-03-21 16:06:46 +03:00
" samba.tests.dcerpc.lsa_utils " ,
2021-07-27 15:11:39 +03:00
environ = { ' GNUTLS_FORCE_FIPS_MODE ' : ' 1 ' ,
' OPENSSL_FORCE_FIPS_MODE ' : ' 1 ' } )
planoldpythontestsuite ( " ad_dc_fips " ,
2024-03-21 16:06:46 +03:00
" samba.tests.dcerpc.lsa_utils " ,
2021-07-27 15:11:39 +03:00
environ = { ' GNUTLS_FORCE_FIPS_MODE ' : ' 1 ' ,
' OPENSSL_FORCE_FIPS_MODE ' : ' 1 ' } )
2020-09-01 20:14:29 +03:00
2018-09-21 08:55:42 +03:00
# Run complex search expressions test once for each database backend.
# Right now ad_dc has mdb and ad_dc_ntvfs has tdb
mdb_testenv = " ad_dc "
tdb_testenv = " ad_dc_ntvfs "
for testenv in [ mdb_testenv , tdb_testenv ] :
2019-02-15 07:30:43 +03:00
planoldpythontestsuite ( testenv , " samba.tests.complex_expressions " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2023-11-28 07:07:15 +03:00
# samba.tests.gensec is only run in ad_dc to ensure it runs with and
# MIT and Heimdal build, it can run against any environment that
# supports FAST
planoldpythontestsuite ( " ad_dc:local " , " samba.tests.gensec " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-02-15 07:30:43 +03:00
planoldpythontestsuite ( " none " , " simple " , extra_path = [ " %s /lib/tdb/python/tests " % srcdir ( ) ] , name = " tdb.python " )
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.dcerpc.sam " )
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.dsdb " )
2023-06-09 00:17:39 +03:00
planpythontestsuite ( " none " , " samba.tests.samba_startup_fl_change " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " none " , " samba.tests.dsdb_lock " )
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.dcerpc.bare " )
2021-08-25 12:54:04 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.dcerpc.lsa " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.dcerpc.unix " )
2019-11-25 18:49:34 +03:00
planpythontestsuite ( " ad_dc_ntvfs:local " , " samba.tests.dcerpc.srvsvc " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.timecmd " )
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.join " )
2023-04-21 17:04:30 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.ldap_whoami " )
2021-11-23 18:59:01 +03:00
planpythontestsuite ( " ad_member_s3_join " , " samba.tests.samba_tool.join_member " )
2019-06-27 01:19:51 +03:00
planpythontestsuite ( " ad_dc_default " ,
" samba.tests.samba_tool.join_lmdb_size " )
2019-06-27 23:54:31 +03:00
planpythontestsuite ( " ad_dc_default " ,
" samba.tests.samba_tool.drs_clone_dc_data_lmdb_size " )
2019-06-28 06:14:51 +03:00
planpythontestsuite ( " ad_dc_default " ,
" samba.tests.samba_tool.promote_dc_lmdb_size " )
2012-11-05 05:57:17 +04:00
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " none " , " samba.tests.samba_tool.visualize " )
2017-08-10 02:57:24 +03:00
2016-03-31 14:07:00 +03:00
# test fsmo show
2019-02-21 17:07:42 +03:00
for env in all_fl_envs :
2019-02-15 07:30:43 +03:00
planpythontestsuite ( env + " :local " , " samba.tests.samba_tool.fsmo " )
2016-03-31 14:07:00 +03:00
2023-12-07 05:53:01 +03:00
# test getpassword for group managed service accounts
planpythontestsuite ( " ad_dc_default " , " samba.tests.samba_tool.user_getpassword_gmsa " )
2019-03-20 19:17:05 +03:00
# test samba-tool user, group, contact and computer edit command
2019-02-21 17:07:42 +03:00
for env in all_fl_envs :
env + = " :local "
2019-03-14 18:47:36 +03:00
plantestsuite ( " samba.tests.samba_tool.user_edit " , env , [ os . path . join ( srcdir ( ) , " python/samba/tests/samba_tool/user_edit.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' ] )
2019-03-18 15:31:04 +03:00
plantestsuite ( " samba.tests.samba_tool.group_edit " , env , [ os . path . join ( srcdir ( ) , " python/samba/tests/samba_tool/group_edit.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' ] )
2019-03-20 19:17:05 +03:00
plantestsuite ( " samba.tests.samba_tool.contact_edit " , env , [ os . path . join ( srcdir ( ) , " python/samba/tests/samba_tool/contact_edit.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' ] )
2019-03-18 14:00:24 +03:00
plantestsuite ( " samba.tests.samba_tool.computer_edit " , env , [ os . path . join ( srcdir ( ) , " python/samba/tests/samba_tool/computer_edit.sh " ) , ' $SERVER ' , ' $USERNAME ' , ' $PASSWORD ' ] )
2017-07-04 17:07:53 +03:00
2019-01-11 05:09:48 +03:00
# We run this test against both AD DC implementations because it is
2012-11-05 05:57:17 +04:00
# the only test we have of GPO get/set behaviour, and this involves
# the file server as well as the LDAP server.
2019-01-11 05:09:48 +03:00
# It's also a good sanity-check that sysvol backup worked correctly.
2019-01-15 07:12:20 +03:00
for env in [ " ad_dc_ntvfs " , " ad_dc " , " offlinebackupdc " , " renamedc " ,
smbv1_disabled_testenv ] :
2019-02-15 07:30:43 +03:00
planpythontestsuite ( env + " :local " , " samba.tests.samba_tool.gpo " )
2021-02-23 23:12:09 +03:00
for env in [ " ad_dc_ntvfs " , " ad_dc " ] :
planpythontestsuite ( env + " :local " , " samba.tests.samba_tool.gpo_exts " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.processes " )
2022-03-31 11:16:03 +03:00
2019-11-25 19:43:37 +03:00
planpythontestsuite ( " ad_dc_ntvfs:local " , " samba.tests.samba_tool.user " )
2023-10-31 05:20:25 +03:00
planpythontestsuite ( " ad_dc_default " , " samba.tests.samba_tool.user_auth_policy " )
planpythontestsuite ( " ad_dc_default " , " samba.tests.samba_tool.user_auth_silo " )
2022-03-31 11:16:03 +03:00
for env in [ " ad_dc_default:local " , " ad_dc_no_ntlm:local " ] :
planpythontestsuite ( env , " samba.tests.samba_tool.user_wdigest " )
for env , nt_hash in [ ( " ad_dc:local " , True ) ,
( " ad_dc_no_ntlm:local " , False ) ] :
planpythontestsuite ( env , " samba.tests.samba_tool.user " ,
environ = { " EXPECT_NT_HASH " : int ( nt_hash ) } )
2023-12-15 07:10:42 +03:00
# test get-kerberos-ticket for locally accessible and group managed service accounts
planpythontestsuite ( env , " samba.tests.samba_tool.user_get_kerberos_ticket " )
2022-03-31 11:16:03 +03:00
planpythontestsuite ( env , " samba.tests.samba_tool.user_virtualCryptSHA_userPassword " )
planpythontestsuite ( env , " samba.tests.samba_tool.user_virtualCryptSHA_gpg " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " chgdcpass:local " , " samba.tests.samba_tool.user_check_password_script " )
2022-03-31 11:16:03 +03:00
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.group " )
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.ou " )
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.computer " )
2020-08-21 09:43:17 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.contact " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.forest " )
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.schema " )
2023-05-16 03:27:41 +03:00
planpythontestsuite ( " ad_dc_default " , " samba.tests.samba_tool.domain_claim " )
2023-05-16 03:22:25 +03:00
planpythontestsuite ( " ad_dc_default " , " samba.tests.samba_tool.domain_auth_policy " )
planpythontestsuite ( " ad_dc_default " , " samba.tests.samba_tool.domain_auth_silo " )
2024-04-11 07:26:49 +03:00
# This test needs to be run in an environment well apart from most
# other tests as it deletes root keys and we don't want this to happen
# where a gMSA account might be live.
planpythontestsuite ( " chgdcpass " , " samba.tests.samba_tool.domain_kds_root_key " )
2023-05-25 03:32:13 +03:00
planpythontestsuite ( " ad_dc_default " , " samba.tests.samba_tool.domain_models " )
2024-02-23 03:48:02 +03:00
planpythontestsuite ( " ad_dc_default " , " samba.tests.samba_tool.service_account " )
2019-04-12 04:31:29 +03:00
planpythontestsuite ( " schema_dc:local " , " samba.tests.samba_tool.schema " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc:local " , " samba.tests.samba_tool.ntacl " )
planpythontestsuite ( " none " , " samba.tests.samba_tool.provision_password_check " )
2019-06-25 07:14:34 +03:00
planpythontestsuite ( " none " , " samba.tests.samba_tool.provision_lmdb_size " )
2021-02-23 13:50:30 +03:00
planpythontestsuite ( " none " , " samba.tests.samba_tool.provision_userPassword_crypt " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " none " , " samba.tests.samba_tool.help " )
2021-06-18 00:20:41 +03:00
# Make sure samba-tool can execute without import failures when run
# without the ad-dc built. The fileserver test environment runs against
# the samba-h5l-build autobuild. This build was chosen because it's
# configured with --without-ad-dc and does not disable ads, which is
# required to run some samba-tool commands.
planpythontestsuite ( " fileserver " , " samba.tests.samba_tool.help " )
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.samba_tool.passwordsettings " )
planpythontestsuite ( " ad_dc:local " , " samba.tests.samba_tool.dsacl " )
2011-11-02 18:02:47 +04:00
2019-12-19 06:31:24 +03:00
planpythontestsuite ( " none " , " samba.tests.samba_upgradedns_lmdb " )
2018-03-05 07:08:51 +03:00
# Run these against chgdcpass to share the runtime load
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " chgdcpass:local " , " samba.tests.samba_tool.sites " )
planpythontestsuite ( " chgdcpass:local " , " samba.tests.samba_tool.dnscmd " )
2015-09-17 09:16:49 +03:00
2018-08-17 00:31:10 +03:00
# Run this against chgdcpass to ensure at least one python3 test
# against this autobuild target (samba-ad-dc-2)
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " chgdcpass:local " , " samba.tests.dcerpc.rpcecho " )
2018-02-15 23:43:53 +03:00
2019-02-15 07:30:43 +03:00
planoldpythontestsuite ( " nt4_dc " , " samba.tests.netbios " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2021-07-02 23:44:43 +03:00
test_bin = os . path . abspath ( os . path . join ( os . getenv ( ' BINDIR ' , ' ./bin ' ) , ' ../python/samba/tests/bin ' ) )
planoldpythontestsuite ( " ad_dc:local " , " samba.tests.gpo " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
environ = { ' PATH ' : ' : ' . join ( [ test_bin , os . getenv ( ' PATH ' , ' ' ) ] ) } )
2021-02-24 20:53:17 +03:00
planoldpythontestsuite ( " ad_member " , " samba.tests.gpo_member " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-02-15 07:30:43 +03:00
planoldpythontestsuite ( " ad_dc:local " , " samba.tests.dckeytab " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-12-12 04:50:53 +03:00
2022-03-15 09:24:38 +03:00
planoldpythontestsuite ( " ad_dc " , " samba.tests.sid_strings " )
2020-12-07 17:39:00 +03:00
# Run the import test in environments that may not have the ad-dc built
2023-04-12 01:15:30 +03:00
envs = [ ' fileserver_smb1 ' , ' nt4_member ' , ' ktest ' , ' nt4_dc ' , ' nt4_dc_smb1_done ' , ' nt4_dc_smb1 ' , ' simpleserver ' , ' fileserver_smb1_done ' , ' fileserver ' , ' maptoguest ' , ' nt4_dc_schannel ' ]
if have_cluster_support :
envs . append ( ' clusteredmember ' )
for env in envs :
2020-12-07 17:39:00 +03:00
planoldpythontestsuite ( env , " samba.tests.imports " )
2021-12-30 07:07:10 +03:00
have_fast_support = 1
2023-03-20 06:58:47 +03:00
claims_support = 1
2022-11-09 03:45:13 +03:00
2023-07-18 05:34:47 +03:00
# MIT
kadmin_is_tgs = int ( ' SAMBA4_USES_HEIMDAL ' not in config_hash )
2022-05-31 10:23:06 +03:00
2023-07-18 05:34:47 +03:00
# Heimdal
compound_id_support = int ( ' SAMBA4_USES_HEIMDAL ' in config_hash )
2021-11-02 04:02:14 +03:00
expect_pac = int ( ' SAMBA4_USES_HEIMDAL ' in config_hash )
2021-11-24 23:29:42 +03:00
extra_pac_buffers = int ( ' SAMBA4_USES_HEIMDAL ' in config_hash )
2021-11-25 06:16:52 +03:00
check_cname = int ( ' SAMBA4_USES_HEIMDAL ' in config_hash )
2021-11-29 23:47:32 +03:00
check_padata = int ( ' SAMBA4_USES_HEIMDAL ' in config_hash )
2023-05-17 06:47:18 +03:00
expect_nt_status = int ( ' SAMBA4_USES_HEIMDAL ' in config_hash )
2023-06-14 07:25:16 +03:00
as_req_logging_support = int ( ' SAMBA4_USES_HEIMDAL ' in config_hash )
tgs_req_logging_support = int ( ' SAMBA4_USES_HEIMDAL ' in config_hash )
tests/krb5: Add PK-INIT testing framework
To run these tests standalone, you will need the certificate and private
key of the Certificate Authority. These can be specified together in the
same file with the environment variable CA_CERT, or the private key may
be specified in its own file with CA_PRIVATE_KEY.
If either of these files are encrypted, you can specify the password in
the environment variable CA_PASS.
These tests create a new certificate for the user account, signed with
the private key of the Certificate Authority. We negotiate the reply key
with either of the public-key and Diffie-Hellman PK-INIT variants, and
use the reply key to decrypt the enc-part in the response. We also check
that the KDC’s signatures are valid.
Most of the failures with the Heimdal KDC are due to the wrong nonce
being returned in the reply compared to Windows, which issue is simple
enough to correct.
An example command line for manual testing against Windows:
SMB_CONF_PATH=ad_dc.conf KRB5_CONFIG=krb5.conf SERVICE_USERNAME=win2k19-dc.example.com ADMIN_USERNAME=Administrator ADMIN_PASSWORD=locDCpass ADMIN_KVNO=1 FOR_USER=Administrator USERNAME=Administrator PASSWORD=locDCpass DC_SERVER=win2k19-dc.example.com SERVER=win2k19-dc.example.com DOMAIN=example REALM=example.com PYTHONPATH=bin/python STRICT_CHECKING=1 FAST_SUPPORT=1 CLAIMS_SUPPORT=1 COMPOUND_ID_SUPPORT=1 TKT_SIG_SUPPORT=1 FULL_SIG_SUPPORT=1 GNUTLS_PBKDF2_SUPPORT=1 EXPECT_PAC=1 EXPECT_EXTRA_PAC_BUFFERS=1 CHECK_CNAME=1 CHECK_PADATA=1 KADMIN_IS_TGS=0 FORCED_RC4=1 DEFAULT_ETYPES=36 CA_CERT=./win2k19-ca.pfx CA_PASS=1234 python3 python/samba/tests/krb5/pkinit_tests.py
To set up windows for this I first installed an Certificate Authority with an Enterprise CA.
Then I exported the private key and certificate of the CA:
1. go into the Certification Authority snap-in for the relevant computer,
2. right-clicking the CA
3. clicking ‘All Tasks’ → ‘Back up CA...’
4. and exporting the private key and CA certificate.
(I downloaded the resulting file via smbclient).
After setting up an Enterprise CA, I also needed to edit the domain
controller GPO to enable auto-enrollment, otherwise Windows would
refuse to accept as legitimate any certificates provided by the client.
That can be done by first enabling the policy:
‘Computer Configuration/Policies/Windows Settings/Security Settings/Public Key Policies/Certificate Services Client — Auto-Enrollment’,
and then ticking both ‘Renew expired certificates…’ and ‘Update certificates…’)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-07-03 05:43:10 +03:00
ca_dir = os . path . join ( ' selftest ' , ' manage-ca ' , ' CA-samba.example.com ' )
# This certificate is currently used just to get the name of the certificate
# issuer.
ca_cert_path = os . path . join ( ca_dir ,
' DCs ' ,
' addc.addom.samba.example.com ' ,
' DC-addc.addom.samba.example.com-cert.pem ' )
# The private key is used to issue new certificates.
ca_private_key_path = os . path . join ( ca_dir ,
' Private ' ,
' CA-samba.example.com-private-key.pem ' )
ca_pass = ' 1234 '
2022-03-04 06:57:27 +03:00
krb5_environ = {
' SERVICE_USERNAME ' : ' $SERVER ' ,
' ADMIN_USERNAME ' : ' $DC_USERNAME ' ,
' ADMIN_PASSWORD ' : ' $DC_PASSWORD ' ,
2022-05-26 07:35:03 +03:00
' ADMIN_KVNO ' : ' 1 ' ,
2022-03-04 06:57:27 +03:00
' FOR_USER ' : ' $DC_USERNAME ' ,
' STRICT_CHECKING ' : ' 0 ' ,
' FAST_SUPPORT ' : have_fast_support ,
' CLAIMS_SUPPORT ' : claims_support ,
' COMPOUND_ID_SUPPORT ' : compound_id_support ,
' EXPECT_PAC ' : expect_pac ,
' EXPECT_EXTRA_PAC_BUFFERS ' : extra_pac_buffers ,
' CHECK_CNAME ' : check_cname ,
' CHECK_PADATA ' : check_padata ,
2022-05-31 10:23:06 +03:00
' KADMIN_IS_TGS ' : kadmin_is_tgs ,
2023-05-04 05:55:36 +03:00
' EXPECT_NT_STATUS ' : expect_nt_status ,
2023-06-14 07:25:16 +03:00
' AS_REQ_LOGGING_SUPPORT ' : as_req_logging_support ,
' TGS_REQ_LOGGING_SUPPORT ' : tgs_req_logging_support ,
tests/krb5: Add PK-INIT testing framework
To run these tests standalone, you will need the certificate and private
key of the Certificate Authority. These can be specified together in the
same file with the environment variable CA_CERT, or the private key may
be specified in its own file with CA_PRIVATE_KEY.
If either of these files are encrypted, you can specify the password in
the environment variable CA_PASS.
These tests create a new certificate for the user account, signed with
the private key of the Certificate Authority. We negotiate the reply key
with either of the public-key and Diffie-Hellman PK-INIT variants, and
use the reply key to decrypt the enc-part in the response. We also check
that the KDC’s signatures are valid.
Most of the failures with the Heimdal KDC are due to the wrong nonce
being returned in the reply compared to Windows, which issue is simple
enough to correct.
An example command line for manual testing against Windows:
SMB_CONF_PATH=ad_dc.conf KRB5_CONFIG=krb5.conf SERVICE_USERNAME=win2k19-dc.example.com ADMIN_USERNAME=Administrator ADMIN_PASSWORD=locDCpass ADMIN_KVNO=1 FOR_USER=Administrator USERNAME=Administrator PASSWORD=locDCpass DC_SERVER=win2k19-dc.example.com SERVER=win2k19-dc.example.com DOMAIN=example REALM=example.com PYTHONPATH=bin/python STRICT_CHECKING=1 FAST_SUPPORT=1 CLAIMS_SUPPORT=1 COMPOUND_ID_SUPPORT=1 TKT_SIG_SUPPORT=1 FULL_SIG_SUPPORT=1 GNUTLS_PBKDF2_SUPPORT=1 EXPECT_PAC=1 EXPECT_EXTRA_PAC_BUFFERS=1 CHECK_CNAME=1 CHECK_PADATA=1 KADMIN_IS_TGS=0 FORCED_RC4=1 DEFAULT_ETYPES=36 CA_CERT=./win2k19-ca.pfx CA_PASS=1234 python3 python/samba/tests/krb5/pkinit_tests.py
To set up windows for this I first installed an Certificate Authority with an Enterprise CA.
Then I exported the private key and certificate of the CA:
1. go into the Certification Authority snap-in for the relevant computer,
2. right-clicking the CA
3. clicking ‘All Tasks’ → ‘Back up CA...’
4. and exporting the private key and CA certificate.
(I downloaded the resulting file via smbclient).
After setting up an Enterprise CA, I also needed to edit the domain
controller GPO to enable auto-enrollment, otherwise Windows would
refuse to accept as legitimate any certificates provided by the client.
That can be done by first enabling the policy:
‘Computer Configuration/Policies/Windows Settings/Security Settings/Public Key Policies/Certificate Services Client — Auto-Enrollment’,
and then ticking both ‘Renew expired certificates…’ and ‘Update certificates…’)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-07-03 05:43:10 +03:00
' CA_CERT ' : ca_cert_path ,
' CA_PRIVATE_KEY ' : ca_private_key_path ,
' CA_PASS ' : ca_pass ,
2022-03-04 06:57:27 +03:00
}
2020-03-26 00:07:39 +03:00
planoldpythontestsuite ( " none " , " samba.tests.krb5.kcrypto " )
2023-03-27 04:19:51 +03:00
planoldpythontestsuite ( " none " , " samba.tests.krb5.claims_in_pac " )
2020-02-13 18:29:38 +03:00
planoldpythontestsuite ( " ad_dc_default " , " samba.tests.krb5.simple_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2022-11-23 06:05:04 +03:00
for env , fast_support in [ ( " ad_dc_default:local " , True ) ,
( " fl2003dc:local " , False ) ] :
planoldpythontestsuite ( env , " samba.tests.krb5.s4u_tests " ,
environ = {
* * krb5_environ ,
2023-03-30 22:38:09 +03:00
' FAST_SUPPORT ' : int ( have_fast_support and fast_support ) ,
2022-11-23 06:05:04 +03:00
} )
2021-09-30 05:03:04 +03:00
planoldpythontestsuite ( " rodc:local " , " samba.tests.krb5.rodc_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2020-03-26 00:07:39 +03:00
2021-03-27 12:09:56 +03:00
planoldpythontestsuite ( " ad_dc_default " , " samba.tests.dsdb_dns " )
2021-10-12 01:34:59 +03:00
planoldpythontestsuite ( " fl2008r2dc:local " , " samba.tests.krb5.xrealm_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2020-05-06 16:54:55 +03:00
2021-06-16 03:52:11 +03:00
planoldpythontestsuite ( " ad_dc_default " , " samba.tests.krb5.test_ccache " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-06-16 03:52:11 +03:00
planoldpythontestsuite ( " ad_dc_default " , " samba.tests.krb5.test_ldap " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-08-24 18:11:24 +03:00
for env in [ ' ad_dc_default ' , ' ad_member ' ] :
planoldpythontestsuite ( env , " samba.tests.krb5.test_rpc " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-06-16 03:52:11 +03:00
planoldpythontestsuite ( " ad_dc_smb1 " , " samba.tests.krb5.test_smb " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-11-12 04:20:45 +03:00
planoldpythontestsuite ( " ad_member_idmap_nss:local " ,
2021-10-05 17:56:06 +03:00
" samba.tests.krb5.test_min_domain_uid " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-11-12 04:22:47 +03:00
planoldpythontestsuite ( " ad_member_idmap_nss:local " ,
" samba.tests.krb5.test_idmap_nss " ,
environ = {
2022-03-04 06:57:27 +03:00
* * krb5_environ ,
2021-11-12 04:22:47 +03:00
' MAPPED_USERNAME ' : ' bob ' ,
' MAPPED_PASSWORD ' : ' Secret007 ' ,
' UNMAPPED_USERNAME ' : ' jane ' ,
' UNMAPPED_PASSWORD ' : ' Secret007 ' ,
' INVALID_USERNAME ' : ' joe ' ,
' INVALID_PASSWORD ' : ' Secret007 ' ,
} )
2021-04-28 02:06:33 +03:00
2018-12-12 04:50:53 +03:00
for env in [ " ad_dc " , smbv1_disabled_testenv ] :
2019-02-15 07:30:43 +03:00
planoldpythontestsuite ( env , " samba.tests.smb " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-01-16 00:02:07 +03:00
planoldpythontestsuite ( env + " :local " , " samba.tests.ntacls_backup " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-02-15 23:43:53 +03:00
2018-04-11 07:42:54 +03:00
planoldpythontestsuite (
" ad_dc_ntvfs:local " , " samba.tests.dcerpc.registry " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-04-11 07:42:54 +03:00
2019-02-15 07:30:43 +03:00
planoldpythontestsuite ( " ad_dc_ntvfs " , " samba.tests.dcerpc.dnsserver " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( " ad_dc " , " samba.tests.dcerpc.dnsserver " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-10-03 15:18:17 +03:00
2024-09-23 16:13:59 +03:00
planoldpythontestsuite ( " chgdcpass " , " samba.tests.dcerpc.raw_protocol " ,
environ = { " MAX_NUM_AUTH " : " 8 " ,
" USERNAME " : " $DC_USERNAME " ,
" PASSWORD " : " $DC_PASSWORD " } )
planoldpythontestsuite ( " ad_member " , " samba.tests.dcerpc.raw_protocol " ,
environ = { " MAX_NUM_AUTH " : " 8 " ,
" AUTH_LEVEL_CONNECT_LSA " : " 1 " ,
" USERNAME " : " $DC_USERNAME " ,
" PASSWORD " : " $DC_PASSWORD " } )
2018-12-14 15:51:27 +03:00
2018-02-12 01:03:25 +03:00
if have_heimdal_support :
2019-12-12 14:22:35 +03:00
planoldpythontestsuite ( " ad_dc_smb1:local " , " samba.tests.auth_log " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
2019-01-24 00:29:19 +03:00
environ = { ' CLIENT_IP ' : ' 10.53.57.11 ' ,
2017-03-14 06:43:06 +03:00
' SOCKET_WRAPPER_DEFAULT_IFACE ' : 11 } )
planoldpythontestsuite ( " ad_dc_ntvfs:local " , " samba.tests.auth_log " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
2019-01-24 00:29:19 +03:00
environ = { ' CLIENT_IP ' : ' 10.53.57.11 ' ,
2017-03-14 06:43:06 +03:00
' SOCKET_WRAPPER_DEFAULT_IFACE ' : 11 } )
2019-12-12 14:23:54 +03:00
planoldpythontestsuite ( " ad_dc_smb1 " , " samba.tests.auth_log_pass_change " ,
2022-10-26 23:57:06 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-02-26 01:10:46 +03:00
planoldpythontestsuite ( " ad_dc_ntvfs " , " samba.tests.auth_log_pass_change " ,
2022-10-26 23:57:06 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-02-26 00:17:21 +03:00
# these tests use a NCA local RPC connection, so always run on the
# :local testenv, and so don't need to fake a client connection
2019-02-26 00:19:06 +03:00
for env in [ " ad_dc_ntvfs:local " , " ad_dc:local " ] :
planoldpythontestsuite ( env , " samba.tests.auth_log_ncalrpc " , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( env , " samba.tests.auth_log_samlogon " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( env , " samba.tests.auth_log_netlogon " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( env , " samba.tests.auth_log_netlogon_bad_creds " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-02-26 00:17:21 +03:00
2019-01-21 23:16:05 +03:00
planoldpythontestsuite ( " ad_member:local " ,
" samba.tests.auth_log_winbind " ,
2019-02-26 00:21:37 +03:00
extra_args = [ ' -U " $DC_USERNAME % $DC_PASSWORD " ' ] )
2019-02-26 00:53:43 +03:00
planoldpythontestsuite ( " ad_dc " , " samba.tests.audit_log_pass_change " ,
2022-10-26 23:57:06 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-02-26 00:53:43 +03:00
planoldpythontestsuite ( " ad_dc " , " samba.tests.audit_log_dsdb " ,
2019-02-26 01:06:52 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2019-02-26 00:53:43 +03:00
planoldpythontestsuite ( " ad_dc " , " samba.tests.group_audit " ,
2019-02-26 01:06:52 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-03-28 07:16:25 +03:00
2023-05-25 07:57:55 +03:00
planoldpythontestsuite ( " fl2008r2dc " ,
2018-03-28 07:16:25 +03:00
" samba.tests.getdcname " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-03-28 07:16:25 +03:00
2019-12-12 14:27:18 +03:00
planoldpythontestsuite ( " ad_dc_smb1 " ,
2017-04-27 03:02:29 +03:00
" samba.tests.net_join_no_spnego " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2017-05-23 04:03:03 +03:00
planoldpythontestsuite ( " ad_dc " ,
" samba.tests.net_join " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2020-10-27 00:13:50 +03:00
planoldpythontestsuite ( " ad_dc " ,
" samba.tests.s3_net_join " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-04-20 07:28:29 +03:00
planoldpythontestsuite ( " ad_dc " ,
" samba.tests.segfault " ,
2023-12-04 00:34:57 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
environ = { " TALLOC_FREE_FILL " : " 0xab " } )
2017-03-31 05:50:31 +03:00
# Need to test the password hashing in multiple environments to ensure that
# all the possible options are covered
#
# ad_dc:local functional_level >= 2008, gpg keys available
planoldpythontestsuite ( " ad_dc:local " ,
" samba.tests.password_hash_gpgme " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2017-03-31 05:50:31 +03:00
# ad_dc_ntvfs:local functional level >= 2008, gpg keys not available
planoldpythontestsuite ( " ad_dc_ntvfs:local " ,
" samba.tests.password_hash_fl2008 " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2017-03-31 05:50:31 +03:00
# fl2003dc:local functional level < 2008, gpg keys not available
planoldpythontestsuite ( " fl2003dc:local " ,
" samba.tests.password_hash_fl2003 " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2017-05-22 00:49:17 +03:00
# ad_dc: wDigest values over ldap
planoldpythontestsuite ( " ad_dc " ,
" samba.tests.password_hash_ldap " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-11-22 04:05:01 +03:00
2019-02-26 16:04:42 +03:00
for env in [ " ad_dc_backup " , smbv1_disabled_testenv ] :
2018-11-22 04:05:01 +03:00
planoldpythontestsuite ( env + " :local " , " samba.tests.domain_backup " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2021-05-24 05:58:40 +03:00
planoldpythontestsuite ( " ad_dc " ,
2018-05-01 02:10:31 +03:00
" samba.tests.domain_backup_offline " )
2017-12-14 21:17:54 +03:00
# Encrypted secrets
# ensure default provision (ad_dc) and join (vampire_dc)
# encrypt secret values on disk.
planoldpythontestsuite ( " ad_dc:local " ,
" samba.tests.encrypted_secrets " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2017-12-14 21:17:54 +03:00
planoldpythontestsuite ( " vampire_dc:local " ,
" samba.tests.encrypted_secrets " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2017-12-14 21:17:54 +03:00
# The fl2000dc environment is provisioned with the --plaintext_secrets option
# so this test will fail, which proves the secrets are not being encrypted.
# There is an entry in known_fail.d.
planoldpythontestsuite ( " fl2000dc:local " ,
" samba.tests.encrypted_secrets " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2017-04-28 01:16:39 +03:00
2018-08-17 00:31:48 +03:00
planpythontestsuite ( " none " ,
2019-02-15 07:30:43 +03:00
" samba.tests.lsa_string " )
2018-04-11 08:17:48 +03:00
2017-07-06 05:48:39 +03:00
planoldpythontestsuite ( " ad_dc_ntvfs " ,
" samba.tests.krb5_credentials " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-04-11 08:44:26 +03:00
2017-07-04 01:31:40 +03:00
for env in [ " ad_dc_ntvfs " , " vampire_dc " , " promoted_dc " ] :
planoldpythontestsuite ( env ,
" samba.tests.py_credentials " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( " ad_dc_ntvfs " ,
2017-06-29 02:08:37 +03:00
" samba.tests.emulate.traffic " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( " ad_dc_ntvfs " ,
2017-06-29 02:08:37 +03:00
" samba.tests.emulate.traffic_packet " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( " ad_dc_ntvfs " ,
2017-06-29 02:08:37 +03:00
" samba.tests.blackbox.traffic_replay " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( " ad_dc_ntvfs " ,
2017-06-29 02:08:37 +03:00
" samba.tests.blackbox.traffic_learner " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
planoldpythontestsuite ( " ad_dc_ntvfs " ,
2017-08-07 01:08:28 +03:00
" samba.tests.blackbox.traffic_summary " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2018-06-27 01:39:23 +03:00
planoldpythontestsuite ( " none " , " samba.tests.loadparm " )
2019-08-17 12:36:55 +03:00
planoldpythontestsuite ( " fileserver " ,
2020-07-05 00:16:40 +03:00
" samba.tests.blackbox.mdsearch " ,
2019-08-17 12:36:55 +03:00
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] )
2020-06-30 20:03:42 +03:00
planoldpythontestsuite ( " fileserver " ,
" samba.tests.blackbox.smbcacls_basic " )
2020-07-02 13:44:36 +03:00
planoldpythontestsuite ( " fileserver " ,
" samba.tests.blackbox.smbcacls_basic " ,
" samba.tests.blackbox.smbcacls_basic(DFS) " ,
environ = { ' SHARE ' : ' msdfs-share ' ,
' TESTDIR ' : ' smbcacls_sharedir_dfs ' } )
2020-07-27 18:58:31 +03:00
# Run smbcacls_propagate_inhertance tests on non msdfs root share
2020-07-03 13:55:44 +03:00
planoldpythontestsuite ( " fileserver " ,
" samba.tests.blackbox.smbcacls_propagate_inhertance " )
2022-09-02 14:48:08 +03:00
planoldpythontestsuite ( " fileserver " ,
" samba.tests.blackbox.smbcacls_save_restore " )
planoldpythontestsuite ( " ad_member " ,
" samba.tests.blackbox.smbcacls_save_restore " ,
environ = { ' USER ' : ' $DC_USERNAME ' ,
' PASSWORD ' : ' $DC_PASSWORD ' }
)
2020-07-27 18:58:31 +03:00
#
# A) Run the smbcacls_propagate_inhertance tests on a msdfs root share
# *without* any nested dfs links
# B) Run the smbcacls_propagate_inhertance tests on a msdfs root share
# *with* a nested dfs link
#
planoldpythontestsuite ( " fileserver " ,
" samba.tests.blackbox.smbcacls_dfs_propagate_inherit " ,
" samba.tests.blackbox.smbcacls_dfs_propagate_inherit(DFS-msdfs-root) " ,
environ = { ' SHARE ' : ' smbcacls_share ' } )
2024-06-11 13:19:50 +03:00
planoldpythontestsuite ( " fileserver " ,
" samba.tests.blackbox.misc_dfs_widelink " )
2017-09-13 02:21:02 +03:00
#
# Want a selection of environments across the process models
#
for env in [ " ad_dc_ntvfs:local " , " ad_dc:local " ,
2018-01-03 06:59:24 +03:00
" fl2003dc:local " , " fl2008r2dc:local " ,
2017-09-13 02:21:02 +03:00
" promoted_dc:local " ] :
2019-02-15 07:30:43 +03:00
planoldpythontestsuite ( env , " samba.tests.blackbox.smbcontrol " )
2017-06-14 22:57:23 +03:00
2019-05-23 04:21:19 +03:00
planoldpythontestsuite ( " none " , " samba.tests.blackbox.downgradedatabase " )
selftests: Convert "net ads dns async" test to python
The current test uses the dig tool from bind9 but this tool has been
rewritten in 9.17.7 to use bind's netmgr functions instead of isc_socket
(commit 94b7988efb0f9b96415dd2966e6070450d960263).
The problem is that these 'netmgr' functions use libuv internally, and, on
systems supporting it, they end up using the sendmmsg() syscall which is not
catched by socket wrapper so the test fails.
This commit converts the test to python and uses the dnspython module
instead of the dig tool. Backtraces follow as reference.
Backtrace from dig v9.16.28 (working):
#0 0x00007ffff778edee in sendmsg () from /lib64/libc.so.6
#1 0x00000000005e5dee in cmsgsend (s=s@entry=12, level=level@entry=0, type=type@entry=1, res=<optimized out>) at net.c:515
#2 0x00000000005e616c in try_dscp_v4 () at net.c:623
#3 try_dscp () at net.c:696
#4 0x00007ffff7708ad7 in __pthread_once_slow () from /lib64/libc.so.6
#5 0x00000000005e66d7 in initialize_dscp () at net.c:702
#6 isc_net_probedscp () at net.c:707
#7 0x00000000005e8460 in socket_create (manager=0x6b49c0, pf=2, type=<optimized out>, socketp=0x7ffff0012b00, dup_socket=0x0) at socket.c:2454
#8 0x000000000043cfcd in send_udp (query=0x7ffff00129a8) at dighost.c:2897
#9 0x000000000043f9c7 in onrun_callback (task=<optimized out>, event=<optimized out>) at dighost.c:4271
#10 0x00000000005dfefe in task_run (task=0x6b5c70) at task.c:851
#11 isc_task_run (task=0x6b5c70) at task.c:944
#12 0x00000000005ca0ce in isc__nm_async_task (worker=0x6b8970, ev0=0x716250) at netmgr.c:873
#13 process_netievent (worker=worker@entry=0x6b8970, ievent=0x716250) at netmgr.c:952
#14 0x00000000005ca2ba in process_queue (worker=worker@entry=0x6b8970, type=type@entry=NETIEVENT_TASK) at netmgr.c:1021
#15 0x00000000005caa43 in process_all_queues (worker=0x6b8970) at netmgr.c:792
#16 async_cb (handle=0x6b8cd0) at netmgr.c:821
#17 0x00007ffff7898a4d in ?? () from /lib64/libuv.so.1
#18 0x00007ffff78b4217 in ?? () from /lib64/libuv.so.1
#19 0x00007ffff789e40a in uv_run () from /lib64/libuv.so.1
#20 0x00000000005ca31e in nm_thread (worker0=0x6b8970) at netmgr.c:727
#21 0x00000000005e2315 in isc__trampoline_run (arg=0x6b7c40) at trampoline.c:198
#22 0x00007ffff7703767 in start_thread () from /lib64/libc.so.6
#23 0x00007ffff778dc10 in clone3 () from /lib64/libc.so.6
Backtrace from dig v9.17.7 (not working):
#0 0x00007ffff7684480 in syscall () from /lib64/libc.so.6
#1 0x00007ffff754aed0 in uv__sendmmsg (vlen=0, mmsg=0x0, fd=10) at src/unix/linux-syscalls.c:163
#2 uv__udp_mmsg_init () at src/unix/udp.c:74
#3 0x00007ffff7606ad7 in __pthread_once_slow () from /lib64/libc.so.6
#4 0x00007ffff7541bd9 in uv_once (guard=<optimized out>, callback=<optimized out>) at src/unix/thread.c:440
#5 0x00007ffff7539e9b in uv__udp_sendmsg (handle=0x7ffff50535b8) at src/unix/udp.c:415
#6 uv__udp_send (send_cb=0x7ffff7a41db0 <udp_send_cb>, addrlen=<optimized out>, addr=<optimized out>, nbufs=1, bufs=0x7ffff506c720, handle=0x7ffff50535b8, req=0x7ffff506c878) at src/unix/udp.c:773
#7 uv_udp_send (req=req@entry=0x7ffff506c878, handle=handle@entry=0x7ffff50535b8, bufs=bufs@entry=0x7ffff506c720, nbufs=nbufs@entry=1, addr=<optimized out>, send_cb=send_cb@entry=0x7ffff7a41db0 <udp_send_cb>) at src/uv-common.c:464
#8 0x00007ffff7a42308 in udp_send_direct (peer=0x7ffff5dfa988, req=0x7ffff506c700, sock=0x7ffff5053000) at netmgr/udp.c:839
#9 isc__nm_async_udpsend (worker=<optimized out>, ev0=0x7ffff5dfa950) at netmgr/udp.c:780
#10 0x00007ffff7a47de7 in isc__nm_udp_send (handle=<optimized out>, region=0x7ffff5dfaa90, cb=0x555555566250 <send_done>, cbarg=<optimized out>) at netmgr/udp.c:749
#11 0x0000555555562ac2 in send_udp (query=0x7ffff502a000) at /usr/src/debug/bind-9.18.2-1.1.x86_64/bin/dig/dighost.c:2899
#12 udp_ready (handle=0x7ffff5026180, eresult=ISC_R_SUCCESS, arg=<optimized out>) at /usr/src/debug/bind-9.18.2-1.1.x86_64/bin/dig/dighost.c:2974
#13 0x00007ffff7a37d34 in isc__nm_async_connectcb (worker=worker@entry=0x7ffff622f000, ev0=ev0@entry=0x7ffff5026480) at netmgr/netmgr.c:2704
#14 0x00007ffff7a3ca20 in process_netievent (worker=worker@entry=0x7ffff622f000, ievent=0x7ffff5026480) at netmgr/netmgr.c:940
#15 0x00007ffff7a3d027 in process_queue (worker=worker@entry=0x7ffff622f000, type=type@entry=NETIEVENT_NORMAL) at netmgr/netmgr.c:977
#16 0x00007ffff7a3d203 in process_all_queues (worker=0x7ffff622f000) at netmgr/netmgr.c:733
#17 async_cb (handle=0x7ffff622f360) at netmgr/netmgr.c:762
#18 0x00007ffff7531a4d in uv__async_io (loop=0x7ffff622f010, w=<optimized out>, events=<optimized out>) at src/unix/async.c:163
#19 0x00007ffff754d217 in uv__io_poll (loop=0x7ffff622f010, timeout=<optimized out>) at src/unix/epoll.c:374
#20 0x00007ffff753740a in uv__io_poll (timeout=<optimized out>, loop=0x7ffff622f010) at src/unix/udp.c:122
#21 uv_run (loop=loop@entry=0x7ffff622f010, mode=mode@entry=UV_RUN_DEFAULT) at src/unix/core.c:391
#22 0x00007ffff7a3d624 in nm_thread (worker0=0x7ffff622f000) at netmgr/netmgr.c:664
#23 0x00007ffff7a6c915 in isc__trampoline_run (arg=0x555555599210) at /usr/src/debug/bind-9.18.2-1.1.x86_64/lib/isc/trampoline.c:187
#24 0x00007ffff7601767 in start_thread () from /lib64/libc.so.6
#25 0x00007ffff768bc10 in clone3 () from /lib64/libc.so.6
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 4 00:27:29 UTC 2022 on sn-devel-184
2022-06-02 19:39:57 +03:00
planpythontestsuite ( " ad_member:local " , " samba.tests.blackbox.netads_dns " )
2019-04-12 15:21:29 +03:00
plantestsuite_loadlist ( " samba4.ldap.python(ad_dc_default) " , " ad_dc_default " , [ python , os . path . join ( DSDB_PYTEST_DIR , " ldap.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2019-04-12 15:23:26 +03:00
plantestsuite_loadlist ( " samba4.ldap_modify_order.python(ad_dc_default) " ,
" ad_dc_default " ,
[ python , os . path . join ( samba4srcdir ,
" dsdb/tests/python/ "
" ldap_modify_order.py " ) ,
2019-04-18 04:39:58 +03:00
# add "-v" here to diagnose
' $SERVER ' ,
' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' ,
' $LOADLIST ' ,
' $LISTOPT ' ] )
plantestsuite_loadlist ( " samba4.ldap_modify_order.normal_user.python(ad_dc_default) " ,
" ad_dc_default " ,
[ python , os . path . join ( samba4srcdir ,
" dsdb/tests/python/ "
" ldap_modify_order.py " ) ,
' --normal-user ' ,
# add "-v" here to diagnose
2019-04-12 15:23:26 +03:00
' $SERVER ' ,
' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' ,
' $LOADLIST ' ,
' $LISTOPT ' ] )
2020-04-14 04:32:32 +03:00
planoldpythontestsuite ( " ad_dc " ,
" samba.tests.ldap_raw " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
environ = { ' TEST_ENV ' : ' ad_dc ' } )
2021-08-06 03:03:18 +03:00
plantestsuite_loadlist ( " samba.tests.ldap_spn " , " ad_dc " ,
[ python ,
f " { srcdir ( ) } /python/samba/tests/ldap_spn.py " ,
' $SERVER ' ,
' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' ,
' $LOADLIST ' , ' $LISTOPT ' ] )
plantestsuite_loadlist ( " samba.tests.ldap_upn_sam_account " , " ad_dc_ntvfs " ,
2021-09-13 05:15:09 +03:00
[ python ,
f " { srcdir ( ) } /python/samba/tests/ldap_upn_sam_account.py " ,
' $SERVER ' ,
' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' ,
' $LOADLIST ' , ' $LISTOPT ' ] )
2022-02-22 13:39:21 +03:00
plantestsuite_loadlist ( " samba4.tokengroups.krb5.python " , " ad_dc_default:local " , [ python , os . path . join ( DSDB_PYTEST_DIR , " token_group.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' -k ' , ' yes ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
plantestsuite_loadlist ( " samba4.tokengroups.ntlm.python " , " ad_dc_default:local " , [ python , os . path . join ( DSDB_PYTEST_DIR , " token_group.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' -k ' , ' no ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2019-04-12 15:21:29 +03:00
plantestsuite ( " samba4.sam.python(fl2008r2dc) " , " fl2008r2dc " , [ python , os . path . join ( DSDB_PYTEST_DIR , " sam.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
plantestsuite ( " samba4.sam.python(ad_dc_default) " , " ad_dc_default " , [ python , os . path . join ( DSDB_PYTEST_DIR , " sam.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
2020-03-30 12:44:20 +03:00
plantestsuite ( " samba4.asq.python(ad_dc_default) " , " ad_dc_default " , [ python , os . path . join ( DSDB_PYTEST_DIR , " asq.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
2019-04-12 15:21:29 +03:00
plantestsuite ( " samba4.user_account_control.python(ad_dc_default) " , " ad_dc_default " , [ python , os . path . join ( DSDB_PYTEST_DIR , " user_account_control.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
2021-08-10 13:31:02 +03:00
plantestsuite ( " samba4.priv_attrs.python(ad_dc_default) " , " ad_dc_default " , [ " STRICT_CHECKING=0 " , python , os . path . join ( DSDB_PYTEST_DIR , " priv_attrs.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
plantestsuite ( " samba4.priv_attrs.strict.python(ad_dc_default) " , " ad_dc_default " , [ python , os . path . join ( DSDB_PYTEST_DIR , " priv_attrs.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
2023-04-05 03:30:03 +03:00
plantestsuite ( " samba4.unicodepwd_encrypted(fl2008r2dc) " , " fl2008r2dc " , [ python , os . path . join ( DSDB_PYTEST_DIR , " unicodepwd_encrypted.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
2017-06-07 02:47:15 +03:00
2019-04-12 04:31:29 +03:00
for env in [ ' ad_dc_default:local ' , ' schema_dc:local ' ] :
2019-02-12 03:31:57 +03:00
planoldpythontestsuite ( env , " dsdb_schema_info " ,
extra_path = [ os . path . join ( samba4srcdir , ' dsdb/tests/python ' ) ] ,
name = " samba4.schemaInfo.python( %s ) " % ( env ) ,
extra_args = [ ' -U " $DOMAIN/$DC_USERNAME % $DC_PASSWORD " ' ] )
planpythontestsuite ( env , " samba.tests.dsdb_schema_attributes " )
2017-06-07 02:47:15 +03:00
2019-04-12 15:21:29 +03:00
plantestsuite_loadlist ( " samba4.urgent_replication.python(ad_dc_ntvfs) " , " ad_dc_ntvfs:local " , [ python , os . path . join ( DSDB_PYTEST_DIR , " urgent_replication.py " ) , ' $PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2019-11-25 18:52:29 +03:00
plantestsuite_loadlist ( " samba4.ldap.dirsync.python(ad_dc_ntvfs) " , " ad_dc_ntvfs " , [ python , os . path . join ( DSDB_PYTEST_DIR , " dirsync.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2017-03-08 05:16:49 +03:00
plantestsuite_loadlist ( " samba4.ldap.match_rules.python " , " ad_dc_ntvfs " , [ python , os . path . join ( srcdir ( ) , " lib/ldb-samba/tests/match_rules.py " ) , ' $PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2023-03-02 06:51:25 +03:00
plantestsuite_loadlist ( " samba4.ldap.match_rules.python " , " ad_dc_ntvfs " , [ python , os . path . join ( srcdir ( ) , " lib/ldb-samba/tests/match_rules_remote.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2019-03-11 06:39:13 +03:00
plantestsuite ( " samba4.ldap.index.python " , " none " , [ python , os . path . join ( srcdir ( ) , " lib/ldb-samba/tests/index.py " ) ] )
2019-04-12 15:21:29 +03:00
plantestsuite_loadlist ( " samba4.ldap.notification.python(ad_dc_ntvfs) " , " ad_dc_ntvfs " , [ python , os . path . join ( DSDB_PYTEST_DIR , " notification.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
plantestsuite_loadlist ( " samba4.ldap.sites.python(ad_dc_default) " , " ad_dc_default " , [ python , os . path . join ( DSDB_PYTEST_DIR , " sites.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2016-03-09 01:25:36 +03:00
2019-05-13 06:32:23 +03:00
env = ' vampire_dc '
# Test with LMDB (GSSAPI/SASL bind)
plantestsuite_loadlist ( " samba4.ldap.large_ldap.gssapi.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " large_ldap.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --kerberos=yes ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
env = ' ad_dc_default '
# Test with TDB (NTLMSSP bind)
plantestsuite_loadlist ( " samba4.ldap.large_ldap.ntlmssp.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " large_ldap.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --kerberos=no ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
env = ' ad_dc_ntvfs '
# Test with ldaps://
plantestsuite_loadlist ( " samba4.ldap.large_ldap.ldaps.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " large_ldap.py " ) , ' ldaps://$SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
env = ' fl2008r2dc '
# Test with straight ldap
plantestsuite_loadlist ( " samba4.ldap.large_ldap.straight_ldap.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " large_ldap.py " ) , ' ldap://$SERVER ' , ' --simple-bind-dn=$USERNAME@$REALM ' , ' --password=$PASSWORD ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2019-02-15 07:30:43 +03:00
planoldpythontestsuite ( " ad_dc_default " , " sort " , environ = { ' SERVER ' : ' $SERVER ' , ' DATA_DIR ' : os . path . join ( samba4srcdir , ' dsdb/tests/python/testdata/ ' ) } , name = " samba4.ldap.sort.python " , extra_path = [ os . path . join ( samba4srcdir , ' dsdb/tests/python ' ) ] , extra_args = [ ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
2018-12-07 21:52:17 +03:00
2023-05-16 08:15:31 +03:00
plantestsuite_loadlist ( " samba4.ldap.linked_attributes.python(ad_dc) " , " ad_dc:local " , [ python , os . path . join ( DSDB_PYTEST_DIR , " linked_attributes.py " ) , ' $PREFIX_ABS/ad_dc/private/sam.ldb ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2016-03-09 01:25:36 +03:00
2019-01-31 02:18:59 +03:00
plantestsuite_loadlist ( " samba4.ldap.subtree_rename.python(ad_dc_ntvfs) " ,
" ad_dc_ntvfs:local " ,
[ python , os . path . join ( samba4srcdir ,
" dsdb/tests/python/subtree_rename.py " ) ,
' $PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb ' ,
' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' ,
' $LOADLIST ' ,
' $LISTOPT ' ] )
2019-05-21 04:14:08 +03:00
planoldpythontestsuite (
2019-11-25 18:52:41 +03:00
" ad_dc_ntvfs " ,
2019-05-21 04:14:08 +03:00
" samba.tests.ldap_referrals " ,
environ = {
' SERVER ' : ' $SERVER ' ,
} ,
name = " samba.ldap.referrals " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' ] )
2019-01-31 02:18:59 +03:00
2018-06-21 06:04:00 +03:00
# These should be the first tests run against testenvs created by backup/restore
2018-07-23 06:20:03 +03:00
for env in [ ' offlinebackupdc ' , ' restoredc ' , ' renamedc ' , ' labdc ' ] :
2018-06-21 06:04:00 +03:00
# check that a restored DC matches the original DC (backupfromdc)
plantestsuite ( " samba4.blackbox.ldapcmp_restore " , env ,
2018-07-30 09:16:12 +03:00
[ " PYTHON= %s " % python ,
os . path . join ( bbdir , " ldapcmp_restoredc.sh " ) ,
' $PREFIX_ABS/backupfromdc ' , ' $PREFIX_ABS/ %s ' % env ] )
2018-09-20 04:08:50 +03:00
# we also test joining backupfromdc here, as it's a bit special in that it
# doesn't have Default-First-Site-Name
for env in [ ' backupfromdc ' , ' offlinebackupdc ' , ' restoredc ' , ' renamedc ' ,
2023-10-05 04:47:46 +03:00
' labdc ' ] :
2018-06-21 06:04:00 +03:00
# basic test that we can join the testenv DC
plantestsuite ( " samba4.blackbox.join_ldapcmp " , env ,
2018-07-30 09:16:12 +03:00
[ " PYTHON= %s " % python , os . path . join ( bbdir , " join_ldapcmp.sh " ) ] )
2018-06-21 06:04:00 +03:00
2019-07-24 05:53:33 +03:00
env = ' backupfromdc '
planoldpythontestsuite ( " %s :local " % env , " samba_tool_drs_no_dns " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.samba_tool_drs_no_dns.python( %s ) " % env ,
environ = { ' DC1 ' : ' $DC_SERVER ' , ' DC2 ' : ' $DC_SERVER ' } ,
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2017-03-14 00:36:13 +03:00
plantestsuite_loadlist ( " samba4.ldap.rodc.python(rodc) " , " rodc " ,
[ python ,
2019-04-12 15:21:29 +03:00
os . path . join ( DSDB_PYTEST_DIR , " rodc.py " ) ,
2017-03-14 00:36:13 +03:00
' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2017-04-10 01:16:57 +03:00
plantestsuite_loadlist ( " samba4.ldap.rodc_rwdc.python(rodc) " , " rodc:local " ,
[ python ,
os . path . join ( samba4srcdir ,
" dsdb/tests/python/rodc_rwdc.py " ) ,
' $SERVER ' , ' $DC_SERVER ' , ' -U " $USERNAME % $PASSWORD " ' ,
' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2018-02-14 03:30:26 +03:00
planoldpythontestsuite ( " rodc:local " , " replica_sync_rodc " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
2018-07-30 09:13:51 +03:00
name = " samba4.drs.replica_sync_rodc.python(rodc) " ,
2019-02-13 05:37:24 +03:00
environ = { ' DC1 ' : ' $DC_SERVER ' , ' DC2 ' : ' $SERVER ' } ,
2023-10-05 04:47:46 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2018-03-12 05:22:24 +03:00
2019-12-16 20:43:58 +03:00
planoldpythontestsuite ( " ad_dc_default_smb1 " , " password_settings " ,
2018-03-12 05:22:24 +03:00
extra_path = [ os . path . join ( samba4srcdir , ' dsdb/tests/python ' ) ] ,
2018-09-20 04:46:32 +03:00
name = " samba4.ldap.passwordsettings.python " ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2018-02-14 03:30:26 +03:00
2019-04-12 04:31:29 +03:00
for env in all_fl_envs + [ " schema_dc " ] :
2019-04-12 15:21:29 +03:00
plantestsuite_loadlist ( " samba4.ldap_schema.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " ldap_schema.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2011-11-28 00:05:09 +04:00
plantestsuite ( " samba4.ldap.possibleInferiors.python( %s ) " % env , env , [ python , os . path . join ( samba4srcdir , " dsdb/samdb/ldb_modules/tests/possibleinferiors.py " ) , " ldap://$SERVER " , ' -U " $USERNAME % $PASSWORD " ' , " -W$DOMAIN " ] )
2019-04-12 15:21:29 +03:00
plantestsuite_loadlist ( " samba4.ldap.secdesc.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " sec_descriptor.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2020-10-07 14:21:06 +03:00
plantestsuite_loadlist ( " samba4.ldap.acl.python( %s ) " % env , env , [ " STRICT_CHECKING=0 " , python , os . path . join ( DSDB_PYTEST_DIR , " acl.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2023-01-04 11:37:49 +03:00
plantestsuite_loadlist ( " samba4.ldap.acl_modify.python( %s ) " % env , env , [ " STRICT_CHECKING=0 " , python , os . path . join ( DSDB_PYTEST_DIR , " acl_modify.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2022-03-31 11:16:03 +03:00
for env in all_fl_envs + [ " schema_dc " , " ad_dc_no_ntlm " ] :
2010-11-11 12:01:26 +03:00
if env != " fl2000dc " :
2011-11-10 23:39:34 +04:00
# This test makes excessive use of the "userPassword" attribute which
2010-11-11 12:01:26 +03:00
# isn't available on DCs with Windows 2000 domain function level -
# therefore skip it in that configuration
2019-04-12 15:21:29 +03:00
plantestsuite_loadlist ( " samba4.ldap.passwords.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " passwords.py " ) , " $SERVER " , ' -U " $USERNAME % $PASSWORD " ' , " -W$DOMAIN " , ' $LOADLIST ' , ' $LISTOPT ' ] )
2016-02-04 19:44:05 +03:00
2019-02-26 16:04:42 +03:00
for env in [ " ad_dc_slowtests " ] :
2016-02-04 19:44:05 +03:00
# This test takes a lot of time, so we run it against a minimum of
# environments, please only add new ones if there's really a
# difference we need to test
2019-04-12 15:21:29 +03:00
plantestsuite_loadlist ( " samba4.ldap.vlv.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " vlv.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
plantestsuite_loadlist ( " samba4.ldap.confidential_attr.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " confidential_attr.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
plantestsuite_loadlist ( " samba4.ldap.password_lockout.python( %s ) " % env , env , [ python , os . path . join ( DSDB_PYTEST_DIR , " password_lockout.py " ) , " $SERVER " , ' -U " $USERNAME % $PASSWORD " ' , " -W$DOMAIN " , " --realm=$REALM " , ' $LOADLIST ' , ' $LISTOPT ' ] )
2016-03-21 07:05:19 +03:00
planoldpythontestsuite ( env , " tombstone_reanimation " ,
name = " samba4.tombstone_reanimation.python " ,
environ = { ' TEST_SERVER ' : ' $SERVER ' , ' TEST_USERNAME ' : ' $USERNAME ' , ' TEST_PASSWORD ' : ' $PASSWORD ' } ,
2019-02-15 07:30:43 +03:00
extra_path = [ os . path . join ( samba4srcdir , ' dsdb/tests/python ' ) ]
2016-03-21 07:05:19 +03:00
)
2019-02-26 15:58:31 +03:00
planoldpythontestsuite ( env , " samba.tests.join " ,
name = " samba.tests.join.python( %s ) " % env ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2012-06-16 05:56:53 +04:00
2018-06-21 06:04:00 +03:00
# this is a basic sanity-check of Kerberos/NTLM user login
2022-03-31 11:16:03 +03:00
for env in [ " offlinebackupdc " , " restoredc " , " renamedc " , " labdc " , " ad_dc_no_ntlm " ] :
2018-06-21 06:04:00 +03:00
plantestsuite_loadlist ( " samba4.ldap.login_basics.python( %s ) " % env , env ,
2019-04-12 15:21:29 +03:00
[ python , os . path . join ( DSDB_PYTEST_DIR , " login_basics.py " ) ,
2018-07-30 09:16:12 +03:00
" $SERVER " , ' -U " $USERNAME % $PASSWORD " ' , " -W$DOMAIN " , " --realm=$REALM " ,
' $LOADLIST ' , ' $LISTOPT ' ] )
2018-06-21 06:04:00 +03:00
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc_ntvfs:local " , " samba.tests.upgradeprovisionneeddc " )
planpythontestsuite ( " ad_dc:local " , " samba.tests.posixacl " )
planpythontestsuite ( " ad_dc_no_nss:local " , " samba.tests.posixacl " )
2019-04-12 15:21:29 +03:00
plantestsuite_loadlist ( " samba4.deletetest.python(ad_dc_default) " , " ad_dc_default " , [ python , os . path . join ( DSDB_PYTEST_DIR , " deletetest.py " ) ,
2018-07-30 09:16:12 +03:00
' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' --workgroup=$DOMAIN ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2014-12-14 23:27:42 +03:00
plantestsuite ( " samba4.blackbox.samba3dump " , " none " , [ os . path . join ( samba4srcdir , " selftest/test_samba3dump.sh " ) ] )
2011-08-12 11:47:49 +04:00
plantestsuite ( " samba4.blackbox.upgrade " , " none " , [ " PYTHON= %s " % python , os . path . join ( samba4srcdir , " setup/tests/blackbox_s3upgrade.sh " ) , ' $PREFIX/provision ' ] )
2010-09-30 20:23:20 +04:00
plantestsuite ( " samba4.blackbox.provision.py " , " none " , [ " PYTHON= %s " % python , os . path . join ( samba4srcdir , " setup/tests/blackbox_provision.sh " ) , ' $PREFIX/provision ' ] )
2019-03-15 03:52:50 +03:00
plantestsuite ( " samba4.blackbox.provision_fileperms " , " none " , [ " PYTHON= %s " % python , os . path . join ( samba4srcdir , " setup/tests/provision_fileperms.sh " ) , ' $PREFIX/provision ' ] )
2017-01-12 06:51:45 +03:00
plantestsuite ( " samba4.blackbox.supported_features " , " none " ,
[ " PYTHON= %s " % python ,
os . path . join ( samba4srcdir ,
" setup/tests/blackbox_supported_features.sh " ) ,
' $PREFIX/provision ' ] )
2018-06-27 05:06:54 +03:00
plantestsuite ( " samba4.blackbox.start_backup " , " none " ,
[ " PYTHON= %s " % python ,
os . path . join ( samba4srcdir ,
" setup/tests/blackbox_start_backup.sh " ) ,
' $PREFIX/provision ' ] )
2013-02-16 06:12:53 +04:00
plantestsuite ( " samba4.blackbox.upgradeprovision.current " , " none " , [ " PYTHON= %s " % python , os . path . join ( samba4srcdir , " setup/tests/blackbox_upgradeprovision.sh " ) , ' $PREFIX/provision ' ] )
2010-09-30 20:23:20 +04:00
plantestsuite ( " samba4.blackbox.setpassword.py " , " none " , [ " PYTHON= %s " % python , os . path . join ( samba4srcdir , " setup/tests/blackbox_setpassword.sh " ) , ' $PREFIX/provision ' ] )
plantestsuite ( " samba4.blackbox.newuser.py " , " none " , [ " PYTHON= %s " % python , os . path . join ( samba4srcdir , " setup/tests/blackbox_newuser.sh " ) , ' $PREFIX/provision ' ] )
plantestsuite ( " samba4.blackbox.group.py " , " none " , [ " PYTHON= %s " % python , os . path . join ( samba4srcdir , " setup/tests/blackbox_group.sh " ) , ' $PREFIX/provision ' ] )
2015-03-06 01:38:26 +03:00
plantestsuite ( " samba4.blackbox.spn.py(ad_dc_ntvfs:local) " , " ad_dc_ntvfs:local " , [ " PYTHON= %s " % python , os . path . join ( samba4srcdir , " setup/tests/blackbox_spn.sh " ) , ' $PREFIX/ad_dc_ntvfs ' ] )
2016-03-26 20:07:02 +03:00
plantestsuite_loadlist ( " samba4.ldap.bind(fl2008r2dc) " , " fl2008r2dc " , [ python , os . path . join ( srcdir ( ) , " auth/credentials/tests/bind.py " ) , ' $SERVER ' , ' -U " $USERNAME % $PASSWORD " ' , ' $LOADLIST ' , ' $LISTOPT ' ] )
2010-09-30 16:55:04 +04:00
# This makes sure we test the rid allocation code
2010-12-11 05:26:31 +03:00
t = " rpc.samr.large-dc "
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( t , " vampire_dc " , [ ' $SERVER ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , modname = ( " samba4. %s .one " % t ) )
plansmbtorture4testsuite ( t , " vampire_dc " , [ ' $SERVER ' , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , modname = " samba4. %s .two " % t )
2010-09-30 16:55:04 +04:00
2018-06-21 06:04:00 +03:00
# RPC smoke-tests for testenvs of interest (RODC, etc)
2018-07-23 06:20:03 +03:00
for env in [ ' rodc ' , ' offlinebackupdc ' , ' restoredc ' , ' renamedc ' , ' labdc ' ] :
2012-10-26 23:51:19 +04:00
plansmbtorture4testsuite ( ' rpc.echo ' , env , [ ' ncacn_np:$SERVER ' , " -k " , " yes " , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' ] , modname = " samba4.rpc.echo " )
plansmbtorture4testsuite ( ' rpc.echo ' , " %s :local " % env , [ ' ncacn_np:$SERVER ' , " -k " , " yes " , ' -P ' , ' --workgroup=$DOMAIN ' ] , modname = " samba4.rpc.echo " )
2023-02-21 01:41:34 +03:00
plansmbtorture4testsuite ( ' rpc.echo ' , " %s :local " % env , [ ' ncacn_np:$SERVER ' , " -k " , " no " , r ' -Utestallowed \ account % $DC_PASSWORD ' , ' --workgroup=$DOMAIN ' ] , modname = " samba4.rpc.echo.testallowed " )
2017-03-24 02:12:43 +03:00
plansmbtorture4testsuite ( ' rpc.echo ' , " %s :local " % env , [ ' ncacn_np:$SERVER ' , " -k " , " no " , ' -Utestdenied % $DC_PASSWORD ' , ' --workgroup=$DOMAIN ' ] , modname = " samba4.rpc.echo.testdenied " )
2018-11-26 01:58:31 +03:00
plantestsuite ( " samba4.blackbox.smbclient( %s :local) " % env , " %s :local " % env , [ os . path . join ( samba4srcdir , " utils/tests/test_smbclient.sh " ) , ' $SERVER ' , ' $SERVER_IP ' , ' $USERNAME ' , ' $PASSWORD ' , ' $DOMAIN ' , binpath ( ' smbclient ' ) ] )
2017-03-15 06:40:16 +03:00
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " rodc:local " , " samba.tests.samba_tool.rodc " )
2016-02-24 06:39:38 +03:00
2017-03-24 02:12:43 +03:00
plantestsuite ( " samba.blackbox.rpcclient_samlogon " , " rodc:local " , [ os . path . join ( samba3srcdir , " script/tests/test_rpcclient_samlogon.sh " ) ,
2018-07-30 09:13:51 +03:00
" $DC_USERNAME " , " $DC_PASSWORD " , " ncacn_np:$SERVER " , configuration ] )
2017-03-24 02:12:43 +03:00
plantestsuite ( " samba.blackbox.rpcclient_samlogon_testallowed " , " rodc:local " , [ os . path . join ( samba3srcdir , " script/tests/test_rpcclient_samlogon.sh " ) ,
2023-02-21 01:41:34 +03:00
r " testallowed \ account " , " $DC_PASSWORD " , " ncacn_np:$SERVER " , configuration ] )
2017-03-24 02:12:43 +03:00
plantestsuite ( " samba.blackbox.rpcclient_samlogon_testdenied " , " rodc:local " , [ os . path . join ( samba3srcdir , " script/tests/test_rpcclient_samlogon.sh " ) ,
2018-07-30 09:13:51 +03:00
" testdenied " , " $DC_PASSWORD " , " ncacn_np:$SERVER " , configuration ] )
2017-03-24 02:12:43 +03:00
2011-05-20 23:50:55 +04:00
# Test renaming the DC
plantestsuite ( " samba4.blackbox.renamedc.sh " , " none " , [ " PYTHON= %s " % python , os . path . join ( bbdir , " renamedc.sh " ) , ' $PREFIX/provision ' ] )
2011-07-13 04:50:24 +04:00
2016-10-31 05:24:49 +03:00
# DRS python tests
2019-02-13 05:23:29 +03:00
# Note that $DC_SERVER is the PDC (e.g. ad_dc_ntvfs) and $SERVER is
# the 2nd DC (e.g. vampire_dc).
2016-10-31 05:24:49 +03:00
env = ' vampire_dc '
planoldpythontestsuite ( env , " ridalloc_exop " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.ridalloc_exop.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2013-04-19 09:03:23 +04:00
2021-09-04 03:28:20 +03:00
# This test can pollute the environment a little by creating and
# deleting DCs which can get into the replication state for a while.
#
# The setting of DC1 to $DC_SERVER means that it will join towards and
# operate on schema_dc. This matters most when running
# test_samba_tool_replicate_local as this sets up a full temp DC and
# does new replication to it, which can show up in the replication
# topology.
#
# That is why this test is run on the isolated environment and not on
# those connected with ad_dc (vampiredc/promoteddc)
2022-09-29 06:05:03 +03:00
#
2023-08-03 16:28:06 +03:00
# The chgdcpass environment is likewise isolated and emulates Samba 4.5
2022-09-29 06:05:03 +03:00
# with regard to GET_ANC
2021-09-04 03:28:20 +03:00
2019-04-12 04:31:29 +03:00
env = ' schema_pair_dc '
2019-02-12 03:31:57 +03:00
planoldpythontestsuite ( " %s :local " % env , " samba_tool_drs " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.samba_tool_drs.python( %s ) " % env ,
environ = { ' DC1 ' : ' $DC_SERVER ' , ' DC2 ' : ' $SERVER ' } ,
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2022-09-29 06:05:03 +03:00
for env in [ ' chgdcpass ' , ' schema_pair_dc ' ] :
planoldpythontestsuite ( " %s :local " % env , " samba_tool_drs_critical " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.samba_tool_drs_critical.python( %s ) " % env ,
environ = { ' DC1 ' : ' $DC_SERVER ' , ' DC2 ' : ' $SERVER ' } ,
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2023-02-23 06:18:42 +03:00
env = " schema_pair_dc "
2019-02-19 04:33:33 +03:00
planoldpythontestsuite ( env , " getnc_schema " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.getnc_schema.python( %s ) " % env ,
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' ,
" PLEASE_BREAK_MY_WINDOWS " : " 1 " } ,
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2019-02-12 03:31:57 +03:00
2023-02-21 03:11:13 +03:00
# This test can be sensitive to the DC joins and replications done in
2023-02-21 02:44:41 +03:00
# "samba_tool_drs" so it is run against schema_pair_dc/schema_dc
2021-09-04 04:11:08 +03:00
# not the set of environments connected with ad_dc.
# This will show the replication state of ad_dc
2023-02-23 06:56:30 +03:00
env = " schema_pair_dc "
planoldpythontestsuite ( " %s :local " % env , " samba_tool_drs_showrepl " ,
2021-09-04 04:11:08 +03:00
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.samba_tool_drs_showrepl.python( %s ) " % env ,
environ = { ' DC1 ' : ' $DC_SERVER ' , ' DC2 ' : ' $SERVER ' } ,
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2016-10-31 05:24:49 +03:00
for env in [ ' vampire_dc ' , ' promoted_dc ' ] :
2013-04-19 09:03:23 +04:00
planoldpythontestsuite ( " %s :local " % env , " replica_sync " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.replica_sync.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : ' $DC_SERVER ' , ' DC2 ' : ' $SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2013-04-19 09:03:23 +04:00
planoldpythontestsuite ( env , " delete_object " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.delete_object.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : ' $DC_SERVER ' , ' DC2 ' : ' $SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2013-04-19 09:03:23 +04:00
planoldpythontestsuite ( env , " fsmo " ,
name = " samba4.drs.fsmo.python( %s ) " % env ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
2019-11-28 07:16:16 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
planoldpythontestsuite ( env , " repl_secdesc " ,
name = " samba4.drs.repl_secdesc.python( %s ) " % env ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2015-12-09 04:00:10 +03:00
planoldpythontestsuite ( env , " repl_move " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.repl_move.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2017-08-04 02:44:19 +03:00
planoldpythontestsuite ( env , " getnc_unpriv " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.getnc_unpriv.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2016-07-14 09:03:33 +03:00
planoldpythontestsuite ( env , " linked_attributes_drs " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.linked_attributes_drs.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
2016-07-14 09:03:33 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2017-08-23 03:45:09 +03:00
planoldpythontestsuite ( env , " link_conflicts " ,
2018-07-30 09:13:51 +03:00
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.link_conflicts.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
2023-10-05 04:47:46 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2013-04-19 09:03:23 +04:00
2022-09-15 00:36:45 +03:00
# Environment chgdcpass has the Samba 4.5 GET_ANC behaviour, which we
# set a knownfail to expect
for env in [ ' vampire_dc ' , ' promoted_dc ' , ' chgdcpass ' ] :
planoldpythontestsuite ( env , " getnc_exop " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.getnc_exop.python( %s ) " % env ,
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2017-02-03 00:33:54 +03:00
for env in [ ' vampire_dc ' , ' promoted_dc ' , ' vampire_2000_dc ' ] :
planoldpythontestsuite ( env , " repl_schema " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.repl_schema.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
s4:selftest: run wbinfo tests at the end...
This avoids flakey crashes in the promoted_dc environment.
See the examples below, we had up to 50% of the daily build failing...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
https://git.samba.org/autobuild.flakey/2013-12-23-1942/samba.stdout
[1586/1594 in 1h39m20s] samba4.drs.fsmo.python(promoted_dc)
Testing for schema role transfer from localdc.samba.example.com to PROMOTEDVDC.samba.example.com
FSMO transfer of 'schema' role successful
Testing for schema role transfer from PROMOTEDVDC.samba.example.com to localdc.samba.example.com
ERROR: Failed to initiate transfer of 'schema' role: LDAP error 52 LDAP_UNAVAILABLE - <Failed FSMO transfer: WERR_DS_DRA_INTERNAL_ERROR> <>
UNEXPECTED(failure): samba4.drs.fsmo.python(promoted_dc).fsmo.DrsFsmoTestCase.test_SchemaMasterTransfer(promoted_dc)
REASON: _StringException: _StringException: Content-Type: text/x-traceback;charset=utf8,language=python
traceback
380
https://git.samba.org/autobuild.flakey/2013-12-24-1546/samba.stdout
[1583/1594 in 1h36m4s] samba.tests.blackbox.samba_tool_drs
ERROR: Testsuite[samba.tests.blackbox.samba_tool_drs]
REASON: unable to set up environment promoted_dc - exiting
https://git.samba.org/autobuild.flakey/2013-12-24-1546/samba.stderr
Unable to convert 1.2.840.86419.1.5.9939 to an attid, and can_change_pfm=false!
Unable to convert governsID on CN=test-class30318,CN=Schema,CN=Configuration,DC=samba,DC=example,DC=com to DRS object - WERR_NOT_FOUND
../source4/rpc_server/drsuapi/getncchanges.c:1646: DsGetNCChanges 2nd replication on different DN CN=Configuration,DC=samba,DC=example,DC=com CN=Schema,CN=Configuration,DC=samba,DC=example,DC=com (last_dn CN=Schema,CN=Configuration,DC=samba,DC=example,DC=com)
===============================================================
INTERNAL ERROR: Signal 11 in pid 884274 (4.2.0pre1-DEVELOPERBUILD)
Please read the Trouble-Shooting section of the Samba HOWTO
===============================================================
smb_panic(): calling panic action [/memdisk/autobuild/fl/b302436/samba/selftest/gdb_backtrace 884274]
[Thread debugging using libthread_db enabled]
0x00002af6b5c1977e in __libc_waitpid (pid=<value optimized out>,
stat_loc=0x7fff67c7709c, options=<value optimized out>)
at ../sysdeps/unix/sysv/linux/waitpid.c:32
32 ../sysdeps/unix/sysv/linux/waitpid.c: No such file or directory.
in ../sysdeps/unix/sysv/linux/waitpid.c
#0 0x00002af6b5c1977e in __libc_waitpid (pid=<value optimized out>,
stat_loc=0x7fff67c7709c, options=<value optimized out>)
at ../sysdeps/unix/sysv/linux/waitpid.c:32
oldtype = <value optimized out>
result = <value optimized out>
#1 0x00002af6b5baeb39 in do_system (line=<value optimized out>)
at ../sysdeps/posix/system.c:149
__result = -512
_buffer = {__routine = 0x2af6b5baee90 <cancel_handler>,
__arg = 0x7fff67c77098, __canceltype = 0, __prev = 0x0}
_avail = 1
status = <value optimized out>
save = <value optimized out>
pid = 886733
sa = {__sigaction_handler = {sa_handler = 0x1, sa_sigaction = 0x1},
sa_mask = {__val = {65536, 0 <repeats 15 times>}}, sa_flags = 0,
sa_restorer = 0x2af6b5b730f0}
omask = {__val = {7808, 4294967295, 140734934511616, 1, 2195512, 0,
0, 0, 47239032274944, 47239027992529, 140733193388033, 0, 0,
47239099003120, 140734934511792, 47239558787328}}
#2 0x00002af6b311821f in smb_panic_default (
why=0x2af6b312a875 "internal error") at ../lib/util/fault.c:134
result = 32767
pidstr = "884274\000\000\001\375\376\320\366*\000\000\260\377\377\377"
cmdstring = "/memdisk/autobuild/fl/b302436/samba/selftest/gdb_backtrace 884274\000\307g\377\177\000\000\001\000\000\000\000\000\000\000\320\301#", '\000' <repeats 30 times>"\240, \017\263\366*\000\000\321\247{\261\366*\000\000\001\000\000\000\005", '\000' <repeats 11 times>"\260, \016\v\321\366*\000\000X\351\017\263\366*\000\000\260q\307g\377\177\000\000\000\361\036\321\366*\000\000\020r\307g\377\177\000\000\240\301z\326\366*\000\000\000Z\304\320\366*\000"
__FUNCTION__ = "smb_panic_default"
#3 0x00002af6b31183b5 in smb_panic (why=0x2af6b312a875 "internal error")
at ../lib/util/fault.c:162
No locals.
#4 0x00002af6b311809f in fault_report (sig=11) at ../lib/util/fault.c:77
counter = 1
__FUNCTION__ = "fault_report"
#5 0x00002af6b31180b4 in sig_fault (sig=11) at ../lib/util/fault.c:88
No locals.
#6 <signal handler called>
No symbol table info available.
#7 0x00002af6cabef930 in replmd_check_urgent_objectclass (
objectclass_el=0x0, situation=REPL_URGENT_ON_UPDATE)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:205
i = 2
j = 0
#8 0x00002af6cabf29b6 in replmd_update_rpmd (module=0x2af6b17f2c20,
schema=0x2af6d05e5570, req=0x2af6d05e8ad0, rename_attrs=0x0,
msg=0x2af6d11ef100, seq_num=0x2af6d0c315b8, t=1387895162,
is_urgent=0x7fff67c778bf, rodc=0x7fff67c778be)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:1432
omd_value = 0x7fff67c77810
ndr_err = 3508465920
omd = {version = 1741125552, reserved = 32767, ctr = {ctr1 = {
count = 3008684740, reserved = 10998, array = 0x7fff67c777b0}}}
i = 10998
now = 130323687620000000
our_invocation_id = 0x2af6d1796390
ret = 0
attrs = 0x7fff67c77750
attrs1 = {0x2af6cabff775 "replPropertyMetaData", 0x2af6cabffc8b "*",
0x0}
attrs2 = {0x2af6cabff76a "uSNChanged", 0x2af6cabffa98 "objectClass",
0x2af6cabffc8d "instanceType", 0x0}
res = 0x2af6d10b0eb0
ldb = 0x2af6b17f2470
objectclass_el = 0x0
situation = REPL_URGENT_ON_UPDATE
rmd_is_provided = false
__FUNCTION__ = "replmd_update_rpmd"
#9 0x00002af6cabf5a06 in replmd_modify (module=0x2af6b17f2c20,
req=0x2af6d05e8ad0)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:2455
msds_intid_struct = 0x2af6d05e8ad0
ldb = 0x2af6b17f2470
ac = 0x2af6d0c31580
down_req = 0x2af6d0e6a100
msg = 0x2af6d11ef100
t = 1387895162
ret = 1741125936
is_urgent = false
rodc = false
functional_level = 3
guid_blob = 0x0
sd_propagation_control = 0x0
#10 0x00002af6bf69f94d in dsdb_module_modify (module=0x2af6b17f2c20,
message=0x2af6d1183fe0, dsdb_flags=4194304, parent=0x2af6ce6ea980)
at ../source4/dsdb/samdb/ldb_modules/util.c:460
ops = 0x2af6cae06b40
mod_req = 0x2af6d05e8ad0
ret = 0
ldb = 0x2af6b17f2470
tmp_ctx = 0x2af6d0ed62f0
res = 0x2af6d0e6a100
__FUNCTION__ = "dsdb_module_modify"
#11 0x00002af6cabf7ebc in replmd_delete_internals (module=0x2af6b17f2c20,
req=0x2af6ce6ea980, re_delete=true)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:3309
ret = 0
retb = true
disallow_move_on_delete = false
old_dn = 0x2af6d6a2a010
new_dn = 0x2af6d0794a90
rdn_name = 0x2af6d0885c10 "CN"
rdn_value = 0x2af6d10d7368
new_rdn_value = 0x2af6d0c45a00
guid = {time_low = 48, time_mid = 0, time_hi_and_version = 0,
clock_seq = "\200\251", node = "n\316\366*\000"}
ldb = 0x2af6b17f2470
schema = 0x2af6d05e5570
msg = 0x2af6d1183fe0
old_msg = 0x2af6d1902800
el = 0x2af6d0874900
tmp_ctx = 0x2af6d0b77560
res = 0x2af6d0d57980
parent_res = 0x30
preserved_attrs = {0x2af6cac00fe1 "nTSecurityDescriptor",
0x2af6cac055c3 "attributeID", 0x2af6cac055cf "attributeSyntax",
0x2af6cac055df "dNReferenceUpdate", 0x2af6cac055f1 "dNSHostName",
0x2af6cac055fd "flatName", 0x2af6cac05606 "governsID",
0x2af6cac05610 "groupType", 0x2af6cabffc8d "instanceType",
0x2af6cac0561a "lDAPDisplayName",
0x2af6cac0562a "legacyExchangeDN", 0x2af6cabfe94d "isDeleted",
0x2af6cabfe957 "isRecycled", 0x2af6cac020f8 "lastKnownParent",
0x2af6cac021e8 "msDS-LastKnownRDN",
0x2af6cac0563b "mS-DS-CreatorSID", 0x2af6cac0564c "mSMQOwnerID",
0x2af6cac05658 "nCName", 0x2af6cabffa98 "objectClass",
0x2af6cac0565f "distinguishedName", 0x2af6cabff5b5 "objectGUID",
0x2af6cac05671 "objectSid", 0x2af6cac0567b "oMSyntax",
0x2af6cac05684 "proxiedObjectName", 0x2af6cac014d8 "name",
0x2af6cabff775 "replPropertyMetaData",
0x2af6cac05696 "sAMAccountName",
0x2af6cac056a5 "securityIdentifier", 0x2af6cac056b8 "sIDHistory",
0x2af6cac056c3 "subClassOf", 0x2af6cac01ba8 "systemFlags",
0x2af6cac056ce "trustPartner", 0x2af6cac056db "trustDirection",
0x2af6cac056ea "trustType", 0x2af6cac056f4 "trustAttributes",
0x2af6cabfe9b8 "userAccountControl", 0x2af6cabff76a "uSNChanged",
0x2af6cabff75f "uSNCreated", 0x2af6cabff747 "whenCreated",
0x2af6cabff753 "whenChanged", 0x0}
i = 12
el_count = 1
deletion_state = OBJECT_TOMBSTONE
next_deletion_state = OBJECT_TOMBSTONE
__FUNCTION__ = "replmd_delete_internals"
#12 0x00002af6cabfbbe3 in replmd_replicated_apply_isDeleted (
ar=0x2af6d74c0b40)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:4718
del_req = 0x2af6ce6ea980
res = 0x2af6d0cdebf0
tmp_ctx = 0x2af6d0949230
deleted_objects_dn = 0x2af6d1a49f00
msg = 0x2af6d0a39620
ret = 0
#13 0x00002af6cabf0766 in replmd_op_callback (req=0x2af6d05a21e0,
ares=0x2af6d0d715c0)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:526
ret = 10998
ac = 0x2af6d74c0b40
replmd_private = 0x2af6b188c7c0
modified_partition = 0x2af6d141b670
partition_ctrl = 0x2af6d1905f40
partition = 0x2af6ce6bdbe0
controls = 0x0
__FUNCTION__ = "replmd_op_callback"
#14 0x00002af6b1df7ca2 in ldb_module_done (req=0x2af6d05a21e0,
ctrls=0x2af6d1629aa0, response=0x0, error=0)
at ../lib/ldb/common/ldb_modules.c:832
ares = 0x2af6d0d715c0
#15 0x00002af6cabf896b in replmd_op_possible_conflict_callback (
req=0x2af6d05a21e0, ares=0x2af6b1883eb0,
callback=0x2af6cabf0334 <replmd_op_callback>)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:3606
conflict_dn = 0x2af6cac03470
ar = 0x2af6d74c0b40
res = 0x2af6b354f89b
attrs = {0x2af6cabff775 "replPropertyMetaData",
0x2af6cabff5b5 "objectGUID", 0x0}
ret = -682882240
omd_value = 0x7fff67c77e20
omd = {version = 1741127104, reserved = 32767, ctr = {ctr1 = {
count = 0, reserved = 0, array = 0x28}}}
rmd = 0x2af6d74c0ae0
ndr_err = 10998
rename_incoming_record = false
rodc = false
rmd_name = 0x7fff67c77e10
omd_name = 0x2af6d74c0b40
msg = 0x2af6b1883e50
__FUNCTION__ = "replmd_op_possible_conflict_callback"
#16 0x00002af6cabf93fb in replmd_op_add_callback (req=0x2af6d05a21e0,
ares=0x2af6b1883eb0)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:3802
ar = 0x2af6d74c0b40
#17 0x00002af6b1df7ca2 in ldb_module_done (req=0x2af6d05a21e0,
ctrls=0x2af6d1629aa0, response=0x0, error=0)
at ../lib/ldb/common/ldb_modules.c:832
ares = 0x2af6b1883eb0
#18 0x00002af6ca3c8b6a in partition_req_callback (req=0x2af6d087a1e0,
ares=0x2af6d05a1fa0) at ../source4/dsdb/samdb/ldb_modules/partition.c:213
ac = 0x2af6d0949370
module = 0x2af6cd27bf12
nreq = 0x2af6d05b67b0
ret = 0
partition_ctrl = 0x2af6d0d71740
#19 0x00002af6cd2752ab in ltdb_request_done (ctx=0x2af6d1cd7ed0, error=0)
at ../lib/ldb/ldb_tdb/ldb_tdb.c:1280
ldb = 0x2af6b17f2470
req = 0x2af6d087a1e0
ares = 0x2af6d05a1fa0
#20 0x00002af6cd275597 in ltdb_callback (ev=0x2af6b17ef8c0,
te=0x2af6d17f75d0, t=..., private_data=0x2af6d1cd7ed0)
at ../lib/ldb/ldb_tdb/ldb_tdb.c:1390
ctx = 0x2af6d1cd7ed0
ret = 0
#21 0x00002af6b3343259 in tevent_common_loop_timer_delay (ev=0x2af6b17ef8c0)
at ../lib/tevent/tevent_timed.c:341
current_time = {tv_sec = 0, tv_usec = 0}
te = 0x2af6d17f75d0
#22 0x00002af6b334558a in epoll_event_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b1e1eef8 "../lib/ldb/common/ldb.c:621")
at ../lib/tevent/tevent_epoll.c:912
epoll_ev = 0x2af6b17efb00
tval = {tv_sec = 47239056876603, tv_usec = 47239028210096}
panic_triggered = false
#23 0x00002af6b3342363 in std_event_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b1e1eef8 "../lib/ldb/common/ldb.c:621")
at ../lib/tevent/tevent_standard.c:112
glue_ptr = 0x2af6b17ef9b0
glue = 0x2af6b17ef9b0
ret = 10998
#24 0x00002af6b333c799 in _tevent_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b1e1eef8 "../lib/ldb/common/ldb.c:621")
at ../lib/tevent/tevent.c:530
ret = 0
nesting_stack_ptr = 0x0
#25 0x00002af6b1e154c4 in ldb_wait (handle=0x2af6d67624c0, type=LDB_WAIT_ALL)
at ../lib/ldb/common/ldb.c:621
ev = 0x2af6b17ef8c0
ret = 0
#26 0x00002af6b1e1786b in ldb_extended (ldb=0x2af6b17f2470,
oid=0x2af6b4c4f9ce "1.3.6.1.4.1.7165.4.4.1", data=0x2af6d0e2bc60,
_res=0x7fff67c78240) at ../lib/ldb/common/ldb.c:1506
req = 0x2af6d0c45a00
ret = 0
res = 0x2af6d69238f0
#27 0x00002af6b4c4a0d6 in dsdb_replicated_objects_commit (ldb=0x2af6b17f2470,
working_schema=0x0, objects=0x2af6d0e2bc60, notify_uSN=0x2af6d14a65f0)
at ../source4/dsdb/repl/replicated_objects.c:773
werr = {w = 0}
ext_res = 0x0
cur_schema = 0x0
new_schema = 0x0
ret = 0
seq_num1 = 5554
seq_num2 = 47239626746464
used_global_schema = false
tmp_ctx = 0x2af6d03c5860
__FUNCTION__ = "dsdb_replicated_objects_commit"
#28 0x00002af6c1c6babb in dreplsrv_op_pull_source_apply_changes_trigger (
req=0x2af6d17daed0, r=0x2af6d17db0d0, ctr_level=6, ctr1=0x0,
ctr6=0x2af6d1b02bb0) at ../source4/dsdb/repl/drepl_out_helpers.c:717
state = 0x2af6d17db050
rf1 = {blobsize = 274, consecutive_sync_failures = 0,
last_success = 130323684670000000,
last_attempt = 130323687610000000, result_last_attempt = {w = 0},
other_info = 0x2af6d0949910, other_info_length = 66,
replica_flags = 112, schedule = '\021' <repeats 84 times>,
reserved = 0, highwatermark = {tmp_highest_usn = 12398,
reserved_usn = 0, highest_usn = 12398}, source_dsa_obj_guid = {
time_low = 984092159, time_mid = 850,
time_hi_and_version = 18870, clock_seq = "\251X",
node = "UF\324\223\205\241"}, source_dsa_invocation_id = {
time_low = 1460694408, time_mid = 52035,
time_hi_and_version = 18738, clock_seq = "\204}",
node = "\264\365\276\372\256\303"}, transport_guid = {
time_low = 0, time_mid = 0, time_hi_and_version = 0,
clock_seq = "\000", node = "\000\000\000\000\000"}}
service = 0x2af6d0ff6b00
partition = 0x2af6d0b6f220
drsuapi = 0x2af6d1c8d480
schema = 0x2af6d05e5570
working_schema = 0x0
mapping_ctr = 0x2af6d1b02c10
object_count = 50
first_object = 0x2af6d0571800
linked_attributes_count = 0
linked_attributes = 0x2af6d5212140
uptodateness_vector = 0x2af6d1a741c0
objects = 0x2af6d0e2bc60
more_data = false
status = {w = 0}
nt_status = {v = 3006553120}
dsdb_repl_flags = 0
__FUNCTION__ = "dreplsrv_op_pull_source_apply_changes_trigger"
#29 0x00002af6c1c6b3e7 in dreplsrv_op_pull_source_get_changes_done (
subreq=0x0) at ../source4/dsdb/repl/drepl_out_helpers.c:599
req = 0x2af6d17daed0
state = 0x2af6d17db050
status = {v = 0}
r = 0x2af6d17db0d0
ctr_level = 6
ctr1 = 0x0
ctr6 = 0x2af6d1b02bb0
extended_ret = DRSUAPI_EXOP_ERR_NONE
#30 0x00002af6b333e2f8 in _tevent_req_notify_callback (req=0x2af6d1a73f70,
location=0x2af6c1c7d5f8 "default/librpc/gen_ndr/ndr_drsuapi_c.c:712")
at ../lib/tevent/tevent_req.c:102
No locals.
#31 0x00002af6b333e34d in tevent_req_finish (req=0x2af6d1a73f70,
state=TEVENT_REQ_DONE,
location=0x2af6c1c7d5f8 "default/librpc/gen_ndr/ndr_drsuapi_c.c:712")
at ../lib/tevent/tevent_req.c:117
No locals.
#32 0x00002af6b333e374 in _tevent_req_done (req=0x2af6d1a73f70,
location=0x2af6c1c7d5f8 "default/librpc/gen_ndr/ndr_drsuapi_c.c:712")
at ../lib/tevent/tevent_req.c:123
No locals.
#33 0x00002af6c1c708df in dcerpc_drsuapi_DsGetNCChanges_r_done (
subreq=0x2af6d122f4c0) at default/librpc/gen_ndr/ndr_drsuapi_c.c:712
req = 0x2af6d1a73f70
status = {v = 0}
#34 0x00002af6b333e2f8 in _tevent_req_notify_callback (req=0x2af6d122f4c0,
location=0x2af6b575b688 "../librpc/rpc/binding_handle.c:517")
at ../lib/tevent/tevent_req.c:102
No locals.
#35 0x00002af6b333e34d in tevent_req_finish (req=0x2af6d122f4c0,
state=TEVENT_REQ_DONE,
location=0x2af6b575b688 "../librpc/rpc/binding_handle.c:517")
at ../lib/tevent/tevent_req.c:117
No locals.
#36 0x00002af6b333e374 in _tevent_req_done (req=0x2af6d122f4c0,
location=0x2af6b575b688 "../librpc/rpc/binding_handle.c:517")
at ../lib/tevent/tevent_req.c:123
No locals.
#37 0x00002af6b5757ede in dcerpc_binding_handle_call_done (subreq=0x0)
at ../librpc/rpc/binding_handle.c:517
req = 0x2af6d122f4c0
state = 0x2af6d122f640
h = 0x2af6d0959d10
error = {v = 0}
out_flags = 0
ndr_err = NDR_ERR_SUCCESS
#38 0x00002af6b333e2f8 in _tevent_req_notify_callback (req=0x2af6d522f7a0,
location=0x2af6b575b1d0 "../librpc/rpc/binding_handle.c:188")
at ../lib/tevent/tevent_req.c:102
No locals.
#39 0x00002af6b333e34d in tevent_req_finish (req=0x2af6d522f7a0,
state=TEVENT_REQ_DONE,
location=0x2af6b575b1d0 "../librpc/rpc/binding_handle.c:188")
at ../lib/tevent/tevent_req.c:117
No locals.
#40 0x00002af6b333e374 in _tevent_req_done (req=0x2af6d522f7a0,
location=0x2af6b575b1d0 "../librpc/rpc/binding_handle.c:188")
at ../lib/tevent/tevent_req.c:123
No locals.
#41 0x00002af6b5757398 in dcerpc_binding_handle_raw_call_done (subreq=0x0)
at ../librpc/rpc/binding_handle.c:188
req = 0x2af6d522f7a0
state = 0x2af6d522f920
error = {v = 0}
#42 0x00002af6b333e2f8 in _tevent_req_notify_callback (req=0x2af6d0712430,
location=0x2af6b44b8810 "../source4/librpc/rpc/dcerpc.c:322")
at ../lib/tevent/tevent_req.c:102
No locals.
#43 0x00002af6b333e34d in tevent_req_finish (req=0x2af6d0712430,
state=TEVENT_REQ_DONE,
location=0x2af6b44b8810 "../source4/librpc/rpc/dcerpc.c:322")
at ../lib/tevent/tevent_req.c:117
No locals.
#44 0x00002af6b333e472 in tevent_req_trigger (ev=0x2af6b17ef8c0,
im=0x2af6d0712500, private_data=0x2af6d0712430)
at ../lib/tevent/tevent_req.c:174
req = 0x2af6d0712430
#45 0x00002af6b333d6d4 in tevent_common_loop_immediate (ev=0x2af6b17ef8c0)
at ../lib/tevent/tevent_immediate.c:135
im = 0x2af6d0712500
handler = 0x2af6b333e423 <tevent_req_trigger>
private_data = 0x2af6d0712430
#46 0x00002af6b3345570 in epoll_event_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent_epoll.c:907
epoll_ev = 0x2af6b17efb00
tval = {tv_sec = 47239056876603, tv_usec = 47239028210096}
panic_triggered = false
#47 0x00002af6b3342363 in std_event_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent_standard.c:112
glue_ptr = 0x2af6b17ef9b0
glue = 0x2af6b17ef9b0
ret = 10998
#48 0x00002af6b333c799 in _tevent_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent.c:530
ret = 0
nesting_stack_ptr = 0x0
#49 0x00002af6b333ca11 in tevent_common_loop_wait (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent.c:634
ret = 0
#50 0x00002af6b3342405 in std_event_loop_wait (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent_standard.c:138
glue_ptr = 0x2af6b17ef9b0
glue = 0x2af6b17ef9b0
ret = 10998
#51 0x00002af6b333cadc in _tevent_loop_wait (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent.c:653
No locals.
#52 0x00002af6b15a37bc in binary_smbd_main (
binary_name=0x2af6b15a737b "samba", argc=6, argv=0x7fff67c78de8)
at ../source4/smbd/server.c:503
opt_daemon = false
opt_interactive = true
opt = -1
pc = 0x2af6b17d5040
static_init = {0x2af6b2ac7d8c <server_service_auth_init>,
0x2af6b2aca9e7 <server_service_echo_init>, 0}
shared_init = 0x2af6b18143b0
event_ctx = 0x2af6b17ef8c0
stdin_event_flags = 1
status = {v = 0}
model = 0x2af6b17d5b90 "single"
max_runtime = 7500
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jan 6 01:16:13 CET 2014 on sn-devel-104
2014-01-03 15:56:38 +04:00
2017-06-06 09:06:22 +03:00
# A side-effect of the getncchanges tests is that they will create hundreds of
2023-08-03 16:28:06 +03:00
# tombstone objects, so run them last to avoid interfering with (and slowing
2017-06-06 09:06:22 +03:00
# down) the other DRS tests
for env in [ ' vampire_dc ' , ' promoted_dc ' ] :
planoldpythontestsuite ( env , " getncchanges " ,
2018-07-30 09:13:51 +03:00
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.getncchanges.python( %s ) " % env ,
2019-02-13 05:23:29 +03:00
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $SERVER ' } ,
2023-10-05 04:47:46 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2017-06-06 09:06:22 +03:00
2017-02-13 05:46:37 +03:00
for env in [ ' ad_dc_ntvfs ' ] :
planoldpythontestsuite ( env , " repl_rodc " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.repl_rodc.python( %s ) " % env ,
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $DC_SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2017-07-05 02:08:45 +03:00
planoldpythontestsuite ( env , " cracknames " ,
extra_path = [ os . path . join ( samba4srcdir , ' torture/drs/python ' ) ] ,
name = " samba4.drs.cracknames.python( %s ) " % env ,
environ = { ' DC1 ' : " $DC_SERVER " , ' DC2 ' : ' $DC_SERVER ' } ,
2019-02-15 07:30:43 +03:00
extra_args = [ ' -U$DOMAIN/$DC_USERNAME % $DC_PASSWORD ' ] )
2017-02-13 05:46:37 +03:00
2015-09-01 06:58:30 +03:00
planoldpythontestsuite ( " chgdcpass:local " , " samba.tests.blackbox.samba_dnsupdate " ,
environ = { ' DNS_SERVER_IP ' : ' $SERVER_IP ' } )
2022-03-26 10:42:21 +03:00
for env in [ " s4member " , " rodc " , " promoted_dc " , " ad_dc " , " ad_member " ] :
2014-05-19 09:32:56 +04:00
plantestsuite ( " samba.blackbox.wbinfo( %s :local) " % env , " %s :local " % env , [ os . path . join ( samba4srcdir , " ../nsswitch/tests/test_wbinfo.sh " ) , ' $DOMAIN ' , ' $DC_USERNAME ' , ' $DC_PASSWORD ' , env ] )
s4:selftest: run wbinfo tests at the end...
This avoids flakey crashes in the promoted_dc environment.
See the examples below, we had up to 50% of the daily build failing...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
https://git.samba.org/autobuild.flakey/2013-12-23-1942/samba.stdout
[1586/1594 in 1h39m20s] samba4.drs.fsmo.python(promoted_dc)
Testing for schema role transfer from localdc.samba.example.com to PROMOTEDVDC.samba.example.com
FSMO transfer of 'schema' role successful
Testing for schema role transfer from PROMOTEDVDC.samba.example.com to localdc.samba.example.com
ERROR: Failed to initiate transfer of 'schema' role: LDAP error 52 LDAP_UNAVAILABLE - <Failed FSMO transfer: WERR_DS_DRA_INTERNAL_ERROR> <>
UNEXPECTED(failure): samba4.drs.fsmo.python(promoted_dc).fsmo.DrsFsmoTestCase.test_SchemaMasterTransfer(promoted_dc)
REASON: _StringException: _StringException: Content-Type: text/x-traceback;charset=utf8,language=python
traceback
380
https://git.samba.org/autobuild.flakey/2013-12-24-1546/samba.stdout
[1583/1594 in 1h36m4s] samba.tests.blackbox.samba_tool_drs
ERROR: Testsuite[samba.tests.blackbox.samba_tool_drs]
REASON: unable to set up environment promoted_dc - exiting
https://git.samba.org/autobuild.flakey/2013-12-24-1546/samba.stderr
Unable to convert 1.2.840.86419.1.5.9939 to an attid, and can_change_pfm=false!
Unable to convert governsID on CN=test-class30318,CN=Schema,CN=Configuration,DC=samba,DC=example,DC=com to DRS object - WERR_NOT_FOUND
../source4/rpc_server/drsuapi/getncchanges.c:1646: DsGetNCChanges 2nd replication on different DN CN=Configuration,DC=samba,DC=example,DC=com CN=Schema,CN=Configuration,DC=samba,DC=example,DC=com (last_dn CN=Schema,CN=Configuration,DC=samba,DC=example,DC=com)
===============================================================
INTERNAL ERROR: Signal 11 in pid 884274 (4.2.0pre1-DEVELOPERBUILD)
Please read the Trouble-Shooting section of the Samba HOWTO
===============================================================
smb_panic(): calling panic action [/memdisk/autobuild/fl/b302436/samba/selftest/gdb_backtrace 884274]
[Thread debugging using libthread_db enabled]
0x00002af6b5c1977e in __libc_waitpid (pid=<value optimized out>,
stat_loc=0x7fff67c7709c, options=<value optimized out>)
at ../sysdeps/unix/sysv/linux/waitpid.c:32
32 ../sysdeps/unix/sysv/linux/waitpid.c: No such file or directory.
in ../sysdeps/unix/sysv/linux/waitpid.c
#0 0x00002af6b5c1977e in __libc_waitpid (pid=<value optimized out>,
stat_loc=0x7fff67c7709c, options=<value optimized out>)
at ../sysdeps/unix/sysv/linux/waitpid.c:32
oldtype = <value optimized out>
result = <value optimized out>
#1 0x00002af6b5baeb39 in do_system (line=<value optimized out>)
at ../sysdeps/posix/system.c:149
__result = -512
_buffer = {__routine = 0x2af6b5baee90 <cancel_handler>,
__arg = 0x7fff67c77098, __canceltype = 0, __prev = 0x0}
_avail = 1
status = <value optimized out>
save = <value optimized out>
pid = 886733
sa = {__sigaction_handler = {sa_handler = 0x1, sa_sigaction = 0x1},
sa_mask = {__val = {65536, 0 <repeats 15 times>}}, sa_flags = 0,
sa_restorer = 0x2af6b5b730f0}
omask = {__val = {7808, 4294967295, 140734934511616, 1, 2195512, 0,
0, 0, 47239032274944, 47239027992529, 140733193388033, 0, 0,
47239099003120, 140734934511792, 47239558787328}}
#2 0x00002af6b311821f in smb_panic_default (
why=0x2af6b312a875 "internal error") at ../lib/util/fault.c:134
result = 32767
pidstr = "884274\000\000\001\375\376\320\366*\000\000\260\377\377\377"
cmdstring = "/memdisk/autobuild/fl/b302436/samba/selftest/gdb_backtrace 884274\000\307g\377\177\000\000\001\000\000\000\000\000\000\000\320\301#", '\000' <repeats 30 times>"\240, \017\263\366*\000\000\321\247{\261\366*\000\000\001\000\000\000\005", '\000' <repeats 11 times>"\260, \016\v\321\366*\000\000X\351\017\263\366*\000\000\260q\307g\377\177\000\000\000\361\036\321\366*\000\000\020r\307g\377\177\000\000\240\301z\326\366*\000\000\000Z\304\320\366*\000"
__FUNCTION__ = "smb_panic_default"
#3 0x00002af6b31183b5 in smb_panic (why=0x2af6b312a875 "internal error")
at ../lib/util/fault.c:162
No locals.
#4 0x00002af6b311809f in fault_report (sig=11) at ../lib/util/fault.c:77
counter = 1
__FUNCTION__ = "fault_report"
#5 0x00002af6b31180b4 in sig_fault (sig=11) at ../lib/util/fault.c:88
No locals.
#6 <signal handler called>
No symbol table info available.
#7 0x00002af6cabef930 in replmd_check_urgent_objectclass (
objectclass_el=0x0, situation=REPL_URGENT_ON_UPDATE)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:205
i = 2
j = 0
#8 0x00002af6cabf29b6 in replmd_update_rpmd (module=0x2af6b17f2c20,
schema=0x2af6d05e5570, req=0x2af6d05e8ad0, rename_attrs=0x0,
msg=0x2af6d11ef100, seq_num=0x2af6d0c315b8, t=1387895162,
is_urgent=0x7fff67c778bf, rodc=0x7fff67c778be)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:1432
omd_value = 0x7fff67c77810
ndr_err = 3508465920
omd = {version = 1741125552, reserved = 32767, ctr = {ctr1 = {
count = 3008684740, reserved = 10998, array = 0x7fff67c777b0}}}
i = 10998
now = 130323687620000000
our_invocation_id = 0x2af6d1796390
ret = 0
attrs = 0x7fff67c77750
attrs1 = {0x2af6cabff775 "replPropertyMetaData", 0x2af6cabffc8b "*",
0x0}
attrs2 = {0x2af6cabff76a "uSNChanged", 0x2af6cabffa98 "objectClass",
0x2af6cabffc8d "instanceType", 0x0}
res = 0x2af6d10b0eb0
ldb = 0x2af6b17f2470
objectclass_el = 0x0
situation = REPL_URGENT_ON_UPDATE
rmd_is_provided = false
__FUNCTION__ = "replmd_update_rpmd"
#9 0x00002af6cabf5a06 in replmd_modify (module=0x2af6b17f2c20,
req=0x2af6d05e8ad0)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:2455
msds_intid_struct = 0x2af6d05e8ad0
ldb = 0x2af6b17f2470
ac = 0x2af6d0c31580
down_req = 0x2af6d0e6a100
msg = 0x2af6d11ef100
t = 1387895162
ret = 1741125936
is_urgent = false
rodc = false
functional_level = 3
guid_blob = 0x0
sd_propagation_control = 0x0
#10 0x00002af6bf69f94d in dsdb_module_modify (module=0x2af6b17f2c20,
message=0x2af6d1183fe0, dsdb_flags=4194304, parent=0x2af6ce6ea980)
at ../source4/dsdb/samdb/ldb_modules/util.c:460
ops = 0x2af6cae06b40
mod_req = 0x2af6d05e8ad0
ret = 0
ldb = 0x2af6b17f2470
tmp_ctx = 0x2af6d0ed62f0
res = 0x2af6d0e6a100
__FUNCTION__ = "dsdb_module_modify"
#11 0x00002af6cabf7ebc in replmd_delete_internals (module=0x2af6b17f2c20,
req=0x2af6ce6ea980, re_delete=true)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:3309
ret = 0
retb = true
disallow_move_on_delete = false
old_dn = 0x2af6d6a2a010
new_dn = 0x2af6d0794a90
rdn_name = 0x2af6d0885c10 "CN"
rdn_value = 0x2af6d10d7368
new_rdn_value = 0x2af6d0c45a00
guid = {time_low = 48, time_mid = 0, time_hi_and_version = 0,
clock_seq = "\200\251", node = "n\316\366*\000"}
ldb = 0x2af6b17f2470
schema = 0x2af6d05e5570
msg = 0x2af6d1183fe0
old_msg = 0x2af6d1902800
el = 0x2af6d0874900
tmp_ctx = 0x2af6d0b77560
res = 0x2af6d0d57980
parent_res = 0x30
preserved_attrs = {0x2af6cac00fe1 "nTSecurityDescriptor",
0x2af6cac055c3 "attributeID", 0x2af6cac055cf "attributeSyntax",
0x2af6cac055df "dNReferenceUpdate", 0x2af6cac055f1 "dNSHostName",
0x2af6cac055fd "flatName", 0x2af6cac05606 "governsID",
0x2af6cac05610 "groupType", 0x2af6cabffc8d "instanceType",
0x2af6cac0561a "lDAPDisplayName",
0x2af6cac0562a "legacyExchangeDN", 0x2af6cabfe94d "isDeleted",
0x2af6cabfe957 "isRecycled", 0x2af6cac020f8 "lastKnownParent",
0x2af6cac021e8 "msDS-LastKnownRDN",
0x2af6cac0563b "mS-DS-CreatorSID", 0x2af6cac0564c "mSMQOwnerID",
0x2af6cac05658 "nCName", 0x2af6cabffa98 "objectClass",
0x2af6cac0565f "distinguishedName", 0x2af6cabff5b5 "objectGUID",
0x2af6cac05671 "objectSid", 0x2af6cac0567b "oMSyntax",
0x2af6cac05684 "proxiedObjectName", 0x2af6cac014d8 "name",
0x2af6cabff775 "replPropertyMetaData",
0x2af6cac05696 "sAMAccountName",
0x2af6cac056a5 "securityIdentifier", 0x2af6cac056b8 "sIDHistory",
0x2af6cac056c3 "subClassOf", 0x2af6cac01ba8 "systemFlags",
0x2af6cac056ce "trustPartner", 0x2af6cac056db "trustDirection",
0x2af6cac056ea "trustType", 0x2af6cac056f4 "trustAttributes",
0x2af6cabfe9b8 "userAccountControl", 0x2af6cabff76a "uSNChanged",
0x2af6cabff75f "uSNCreated", 0x2af6cabff747 "whenCreated",
0x2af6cabff753 "whenChanged", 0x0}
i = 12
el_count = 1
deletion_state = OBJECT_TOMBSTONE
next_deletion_state = OBJECT_TOMBSTONE
__FUNCTION__ = "replmd_delete_internals"
#12 0x00002af6cabfbbe3 in replmd_replicated_apply_isDeleted (
ar=0x2af6d74c0b40)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:4718
del_req = 0x2af6ce6ea980
res = 0x2af6d0cdebf0
tmp_ctx = 0x2af6d0949230
deleted_objects_dn = 0x2af6d1a49f00
msg = 0x2af6d0a39620
ret = 0
#13 0x00002af6cabf0766 in replmd_op_callback (req=0x2af6d05a21e0,
ares=0x2af6d0d715c0)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:526
ret = 10998
ac = 0x2af6d74c0b40
replmd_private = 0x2af6b188c7c0
modified_partition = 0x2af6d141b670
partition_ctrl = 0x2af6d1905f40
partition = 0x2af6ce6bdbe0
controls = 0x0
__FUNCTION__ = "replmd_op_callback"
#14 0x00002af6b1df7ca2 in ldb_module_done (req=0x2af6d05a21e0,
ctrls=0x2af6d1629aa0, response=0x0, error=0)
at ../lib/ldb/common/ldb_modules.c:832
ares = 0x2af6d0d715c0
#15 0x00002af6cabf896b in replmd_op_possible_conflict_callback (
req=0x2af6d05a21e0, ares=0x2af6b1883eb0,
callback=0x2af6cabf0334 <replmd_op_callback>)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:3606
conflict_dn = 0x2af6cac03470
ar = 0x2af6d74c0b40
res = 0x2af6b354f89b
attrs = {0x2af6cabff775 "replPropertyMetaData",
0x2af6cabff5b5 "objectGUID", 0x0}
ret = -682882240
omd_value = 0x7fff67c77e20
omd = {version = 1741127104, reserved = 32767, ctr = {ctr1 = {
count = 0, reserved = 0, array = 0x28}}}
rmd = 0x2af6d74c0ae0
ndr_err = 10998
rename_incoming_record = false
rodc = false
rmd_name = 0x7fff67c77e10
omd_name = 0x2af6d74c0b40
msg = 0x2af6b1883e50
__FUNCTION__ = "replmd_op_possible_conflict_callback"
#16 0x00002af6cabf93fb in replmd_op_add_callback (req=0x2af6d05a21e0,
ares=0x2af6b1883eb0)
at ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:3802
ar = 0x2af6d74c0b40
#17 0x00002af6b1df7ca2 in ldb_module_done (req=0x2af6d05a21e0,
ctrls=0x2af6d1629aa0, response=0x0, error=0)
at ../lib/ldb/common/ldb_modules.c:832
ares = 0x2af6b1883eb0
#18 0x00002af6ca3c8b6a in partition_req_callback (req=0x2af6d087a1e0,
ares=0x2af6d05a1fa0) at ../source4/dsdb/samdb/ldb_modules/partition.c:213
ac = 0x2af6d0949370
module = 0x2af6cd27bf12
nreq = 0x2af6d05b67b0
ret = 0
partition_ctrl = 0x2af6d0d71740
#19 0x00002af6cd2752ab in ltdb_request_done (ctx=0x2af6d1cd7ed0, error=0)
at ../lib/ldb/ldb_tdb/ldb_tdb.c:1280
ldb = 0x2af6b17f2470
req = 0x2af6d087a1e0
ares = 0x2af6d05a1fa0
#20 0x00002af6cd275597 in ltdb_callback (ev=0x2af6b17ef8c0,
te=0x2af6d17f75d0, t=..., private_data=0x2af6d1cd7ed0)
at ../lib/ldb/ldb_tdb/ldb_tdb.c:1390
ctx = 0x2af6d1cd7ed0
ret = 0
#21 0x00002af6b3343259 in tevent_common_loop_timer_delay (ev=0x2af6b17ef8c0)
at ../lib/tevent/tevent_timed.c:341
current_time = {tv_sec = 0, tv_usec = 0}
te = 0x2af6d17f75d0
#22 0x00002af6b334558a in epoll_event_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b1e1eef8 "../lib/ldb/common/ldb.c:621")
at ../lib/tevent/tevent_epoll.c:912
epoll_ev = 0x2af6b17efb00
tval = {tv_sec = 47239056876603, tv_usec = 47239028210096}
panic_triggered = false
#23 0x00002af6b3342363 in std_event_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b1e1eef8 "../lib/ldb/common/ldb.c:621")
at ../lib/tevent/tevent_standard.c:112
glue_ptr = 0x2af6b17ef9b0
glue = 0x2af6b17ef9b0
ret = 10998
#24 0x00002af6b333c799 in _tevent_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b1e1eef8 "../lib/ldb/common/ldb.c:621")
at ../lib/tevent/tevent.c:530
ret = 0
nesting_stack_ptr = 0x0
#25 0x00002af6b1e154c4 in ldb_wait (handle=0x2af6d67624c0, type=LDB_WAIT_ALL)
at ../lib/ldb/common/ldb.c:621
ev = 0x2af6b17ef8c0
ret = 0
#26 0x00002af6b1e1786b in ldb_extended (ldb=0x2af6b17f2470,
oid=0x2af6b4c4f9ce "1.3.6.1.4.1.7165.4.4.1", data=0x2af6d0e2bc60,
_res=0x7fff67c78240) at ../lib/ldb/common/ldb.c:1506
req = 0x2af6d0c45a00
ret = 0
res = 0x2af6d69238f0
#27 0x00002af6b4c4a0d6 in dsdb_replicated_objects_commit (ldb=0x2af6b17f2470,
working_schema=0x0, objects=0x2af6d0e2bc60, notify_uSN=0x2af6d14a65f0)
at ../source4/dsdb/repl/replicated_objects.c:773
werr = {w = 0}
ext_res = 0x0
cur_schema = 0x0
new_schema = 0x0
ret = 0
seq_num1 = 5554
seq_num2 = 47239626746464
used_global_schema = false
tmp_ctx = 0x2af6d03c5860
__FUNCTION__ = "dsdb_replicated_objects_commit"
#28 0x00002af6c1c6babb in dreplsrv_op_pull_source_apply_changes_trigger (
req=0x2af6d17daed0, r=0x2af6d17db0d0, ctr_level=6, ctr1=0x0,
ctr6=0x2af6d1b02bb0) at ../source4/dsdb/repl/drepl_out_helpers.c:717
state = 0x2af6d17db050
rf1 = {blobsize = 274, consecutive_sync_failures = 0,
last_success = 130323684670000000,
last_attempt = 130323687610000000, result_last_attempt = {w = 0},
other_info = 0x2af6d0949910, other_info_length = 66,
replica_flags = 112, schedule = '\021' <repeats 84 times>,
reserved = 0, highwatermark = {tmp_highest_usn = 12398,
reserved_usn = 0, highest_usn = 12398}, source_dsa_obj_guid = {
time_low = 984092159, time_mid = 850,
time_hi_and_version = 18870, clock_seq = "\251X",
node = "UF\324\223\205\241"}, source_dsa_invocation_id = {
time_low = 1460694408, time_mid = 52035,
time_hi_and_version = 18738, clock_seq = "\204}",
node = "\264\365\276\372\256\303"}, transport_guid = {
time_low = 0, time_mid = 0, time_hi_and_version = 0,
clock_seq = "\000", node = "\000\000\000\000\000"}}
service = 0x2af6d0ff6b00
partition = 0x2af6d0b6f220
drsuapi = 0x2af6d1c8d480
schema = 0x2af6d05e5570
working_schema = 0x0
mapping_ctr = 0x2af6d1b02c10
object_count = 50
first_object = 0x2af6d0571800
linked_attributes_count = 0
linked_attributes = 0x2af6d5212140
uptodateness_vector = 0x2af6d1a741c0
objects = 0x2af6d0e2bc60
more_data = false
status = {w = 0}
nt_status = {v = 3006553120}
dsdb_repl_flags = 0
__FUNCTION__ = "dreplsrv_op_pull_source_apply_changes_trigger"
#29 0x00002af6c1c6b3e7 in dreplsrv_op_pull_source_get_changes_done (
subreq=0x0) at ../source4/dsdb/repl/drepl_out_helpers.c:599
req = 0x2af6d17daed0
state = 0x2af6d17db050
status = {v = 0}
r = 0x2af6d17db0d0
ctr_level = 6
ctr1 = 0x0
ctr6 = 0x2af6d1b02bb0
extended_ret = DRSUAPI_EXOP_ERR_NONE
#30 0x00002af6b333e2f8 in _tevent_req_notify_callback (req=0x2af6d1a73f70,
location=0x2af6c1c7d5f8 "default/librpc/gen_ndr/ndr_drsuapi_c.c:712")
at ../lib/tevent/tevent_req.c:102
No locals.
#31 0x00002af6b333e34d in tevent_req_finish (req=0x2af6d1a73f70,
state=TEVENT_REQ_DONE,
location=0x2af6c1c7d5f8 "default/librpc/gen_ndr/ndr_drsuapi_c.c:712")
at ../lib/tevent/tevent_req.c:117
No locals.
#32 0x00002af6b333e374 in _tevent_req_done (req=0x2af6d1a73f70,
location=0x2af6c1c7d5f8 "default/librpc/gen_ndr/ndr_drsuapi_c.c:712")
at ../lib/tevent/tevent_req.c:123
No locals.
#33 0x00002af6c1c708df in dcerpc_drsuapi_DsGetNCChanges_r_done (
subreq=0x2af6d122f4c0) at default/librpc/gen_ndr/ndr_drsuapi_c.c:712
req = 0x2af6d1a73f70
status = {v = 0}
#34 0x00002af6b333e2f8 in _tevent_req_notify_callback (req=0x2af6d122f4c0,
location=0x2af6b575b688 "../librpc/rpc/binding_handle.c:517")
at ../lib/tevent/tevent_req.c:102
No locals.
#35 0x00002af6b333e34d in tevent_req_finish (req=0x2af6d122f4c0,
state=TEVENT_REQ_DONE,
location=0x2af6b575b688 "../librpc/rpc/binding_handle.c:517")
at ../lib/tevent/tevent_req.c:117
No locals.
#36 0x00002af6b333e374 in _tevent_req_done (req=0x2af6d122f4c0,
location=0x2af6b575b688 "../librpc/rpc/binding_handle.c:517")
at ../lib/tevent/tevent_req.c:123
No locals.
#37 0x00002af6b5757ede in dcerpc_binding_handle_call_done (subreq=0x0)
at ../librpc/rpc/binding_handle.c:517
req = 0x2af6d122f4c0
state = 0x2af6d122f640
h = 0x2af6d0959d10
error = {v = 0}
out_flags = 0
ndr_err = NDR_ERR_SUCCESS
#38 0x00002af6b333e2f8 in _tevent_req_notify_callback (req=0x2af6d522f7a0,
location=0x2af6b575b1d0 "../librpc/rpc/binding_handle.c:188")
at ../lib/tevent/tevent_req.c:102
No locals.
#39 0x00002af6b333e34d in tevent_req_finish (req=0x2af6d522f7a0,
state=TEVENT_REQ_DONE,
location=0x2af6b575b1d0 "../librpc/rpc/binding_handle.c:188")
at ../lib/tevent/tevent_req.c:117
No locals.
#40 0x00002af6b333e374 in _tevent_req_done (req=0x2af6d522f7a0,
location=0x2af6b575b1d0 "../librpc/rpc/binding_handle.c:188")
at ../lib/tevent/tevent_req.c:123
No locals.
#41 0x00002af6b5757398 in dcerpc_binding_handle_raw_call_done (subreq=0x0)
at ../librpc/rpc/binding_handle.c:188
req = 0x2af6d522f7a0
state = 0x2af6d522f920
error = {v = 0}
#42 0x00002af6b333e2f8 in _tevent_req_notify_callback (req=0x2af6d0712430,
location=0x2af6b44b8810 "../source4/librpc/rpc/dcerpc.c:322")
at ../lib/tevent/tevent_req.c:102
No locals.
#43 0x00002af6b333e34d in tevent_req_finish (req=0x2af6d0712430,
state=TEVENT_REQ_DONE,
location=0x2af6b44b8810 "../source4/librpc/rpc/dcerpc.c:322")
at ../lib/tevent/tevent_req.c:117
No locals.
#44 0x00002af6b333e472 in tevent_req_trigger (ev=0x2af6b17ef8c0,
im=0x2af6d0712500, private_data=0x2af6d0712430)
at ../lib/tevent/tevent_req.c:174
req = 0x2af6d0712430
#45 0x00002af6b333d6d4 in tevent_common_loop_immediate (ev=0x2af6b17ef8c0)
at ../lib/tevent/tevent_immediate.c:135
im = 0x2af6d0712500
handler = 0x2af6b333e423 <tevent_req_trigger>
private_data = 0x2af6d0712430
#46 0x00002af6b3345570 in epoll_event_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent_epoll.c:907
epoll_ev = 0x2af6b17efb00
tval = {tv_sec = 47239056876603, tv_usec = 47239028210096}
panic_triggered = false
#47 0x00002af6b3342363 in std_event_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent_standard.c:112
glue_ptr = 0x2af6b17ef9b0
glue = 0x2af6b17ef9b0
ret = 10998
#48 0x00002af6b333c799 in _tevent_loop_once (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent.c:530
ret = 0
nesting_stack_ptr = 0x0
#49 0x00002af6b333ca11 in tevent_common_loop_wait (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent.c:634
ret = 0
#50 0x00002af6b3342405 in std_event_loop_wait (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent_standard.c:138
glue_ptr = 0x2af6b17ef9b0
glue = 0x2af6b17ef9b0
ret = 10998
#51 0x00002af6b333cadc in _tevent_loop_wait (ev=0x2af6b17ef8c0,
location=0x2af6b15a7b9f "../source4/smbd/server.c:503")
at ../lib/tevent/tevent.c:653
No locals.
#52 0x00002af6b15a37bc in binary_smbd_main (
binary_name=0x2af6b15a737b "samba", argc=6, argv=0x7fff67c78de8)
at ../source4/smbd/server.c:503
opt_daemon = false
opt_interactive = true
opt = -1
pc = 0x2af6b17d5040
static_init = {0x2af6b2ac7d8c <server_service_auth_init>,
0x2af6b2aca9e7 <server_service_echo_init>, 0}
shared_init = 0x2af6b18143b0
event_ctx = 0x2af6b17ef8c0
stdin_event_flags = 1
status = {v = 0}
model = 0x2af6b17d5b90 "single"
max_runtime = 7500
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jan 6 01:16:13 CET 2014 on sn-devel-104
2014-01-03 15:56:38 +04:00
2021-05-10 13:52:18 +03:00
# Offline logon (ad_member)
plantestsuite ( " samba.blackbox.offline_logon " ,
2021-05-19 09:18:22 +03:00
" ad_member_offlogon " ,
2021-05-10 13:52:18 +03:00
[ os . path . join ( bbdir , " test_offline_logon.sh " ) ,
' $DOMAIN ' ,
' alice ' , ' Secret007 ' ,
' bob ' , ' Secret007 ' ,
' jane ' , ' Secret007 ' ,
' joe ' , ' Secret007 ' ] )
2016-06-07 04:51:09 +03:00
#
# KDC Tests
#
2017-08-10 02:57:24 +03:00
2016-06-07 04:51:09 +03:00
# This test is for users cached at the RODC
plansmbtorture4testsuite ( ' krb5.kdc ' , " rodc " , [ ' ncacn_np:$SERVER_IP ' , " -k " , " yes " , ' -Utestdenied % $PASSWORD ' ,
' --workgroup=$DOMAIN ' , ' --realm=$REALM ' ,
' --option=torture:krb5-upn=testdenied_upn@$REALM.upn ' ,
' --option=torture:expect_rodc=true ' ] ,
" samba4.krb5.kdc with account DENIED permission to replicate to an RODC " )
2023-02-21 01:41:34 +03:00
plansmbtorture4testsuite ( ' krb5.kdc ' , " rodc " , [ ' ncacn_np:$SERVER_IP ' , " -k " , " yes " , r ' -Utestallowed \ account % $PASSWORD ' ,
2016-06-07 04:51:09 +03:00
' --workgroup=$DOMAIN ' , ' --realm=$REALM ' ,
' --option=torture:expect_machine_account=true ' ,
2023-02-21 01:41:34 +03:00
r ' --option=torture:krb5-upn=testallowed \ upn@$REALM ' ,
2016-06-07 04:51:09 +03:00
' --option=torture:krb5-hostname=testallowed ' ,
' --option=torture:expect_rodc=true ' ,
' --option=torture:expect_cached_at_rodc=true ' ] ,
" samba4.krb5.kdc with account ALLOWED permission to replicate to an RODC " )
# This ensures we have correct behaviour on a server that is not not the PDC emulator
2018-07-30 09:18:03 +03:00
env = " promoted_dc "
2016-06-07 04:51:09 +03:00
plansmbtorture4testsuite ( ' krb5.kdc ' , env , [ ' ncacn_np:$SERVER_IP ' , " -k " , " yes " , ' -U$USERNAME % $PASSWORD ' , ' --workgroup=$DOMAIN ' , ' --realm=$REALM ' ] ,
" samba4.krb5.kdc with specified account " )
2018-08-27 06:00:12 +03:00
plansmbtorture4testsuite ( ' krb5.kdc ' , env , [ ' ncacn_np:$SERVER_IP ' , " -k " , " yes " , ' -Utestupnspn % $PASSWORD ' , ' --workgroup=$DOMAIN ' , ' --realm=$REALM ' ,
' --option=torture:expect_machine_account=true ' ,
' --option=torture:krb5-upn=http/testupnspn.$DNSNAME@$REALM ' ,
' --option=torture:krb5-hostname=testupnspn.$DNSNAME ' ,
' --option=torture:krb5-service=http ' ] ,
" samba4.krb5.kdc with account having identical UPN and SPN " )
2020-04-21 12:07:45 +03:00
for env in [ " fl2008r2dc " , " fl2003dc " ] :
2022-03-09 14:53:18 +03:00
fast_support = have_fast_support
if env in [ " fl2003dc " ] :
fast_support = 0
2020-04-21 12:07:45 +03:00
planoldpythontestsuite ( env , " samba.tests.krb5.as_req_tests " ,
environ = {
2022-03-04 06:57:27 +03:00
* * krb5_environ ,
2022-03-09 14:53:18 +03:00
' FAST_SUPPORT ' : fast_support ,
2020-04-21 12:07:45 +03:00
} )
2016-06-07 04:51:09 +03:00
2024-11-23 02:24:34 +03:00
for env in [ " ad_dc " ] :
fast_support = have_fast_support
planoldpythontestsuite ( env , " samba.tests.krb5.netlogon " ,
environ = {
* * krb5_environ ,
' FAST_SUPPORT ' : fast_support ,
2024-11-22 21:51:17 +03:00
' NETLOGON_STRONG_KEY_SUPPORT ' : ' 0 ' ,
2024-11-26 13:01:16 +03:00
' NETLOGON_AUTH_KRB5_SUPPORT ' : ' 1 ' ,
2024-11-23 02:24:34 +03:00
} )
2021-10-20 02:46:36 +03:00
planoldpythontestsuite ( ' fl2008r2dc ' , ' samba.tests.krb5.salt_tests ' ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2016-06-07 04:51:09 +03:00
2018-03-22 02:21:52 +03:00
for env in [ " rodc " , " promoted_dc " , " fl2000dc " , " fl2008r2dc " ] :
2015-01-21 05:57:40 +03:00
if env == " rodc " :
2016-06-07 04:51:09 +03:00
# The machine account is cached at the RODC, as it is the local account
2015-01-23 04:28:28 +03:00
extra_options = [ ' --option=torture:expect_rodc=true ' , ' --option=torture:expect_cached_at_rodc=true ' ]
2015-01-21 05:57:40 +03:00
else :
extra_options = [ ]
2015-01-05 04:54:45 +03:00
2015-03-27 16:41:19 +03:00
plansmbtorture4testsuite ( ' krb5.kdc ' , " %s :local " % env , [ ' ncacn_np:$SERVER_IP ' , " -k " , " yes " , ' -P ' ,
2018-07-30 09:16:12 +03:00
' --workgroup=$DOMAIN ' , ' --realm=$REALM ' ,
' --option=torture:krb5-hostname=$SERVER ' ,
' --option=torture:run_removedollar_test=true ' ,
' --option=torture:expect_machine_account=true ' ] + extra_options ,
2015-01-21 05:57:40 +03:00
" samba4.krb5.kdc with machine account " )
2015-01-05 04:54:45 +03:00
2021-06-16 03:52:11 +03:00
planpythontestsuite ( " ad_dc " , " samba.tests.krb5.as_canonicalization_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2022-11-09 03:45:13 +03:00
for env , fast_support in [ ( " ad_dc " , True ) ,
( " fl2003dc " , False ) ] :
planpythontestsuite ( env , " samba.tests.krb5.compatability_tests " ,
environ = {
* * krb5_environ ,
2023-03-30 22:38:09 +03:00
' FAST_SUPPORT ' : int ( have_fast_support and fast_support ) ,
2022-11-09 03:45:13 +03:00
} )
2021-10-12 01:34:59 +03:00
planpythontestsuite ( " ad_dc " , " samba.tests.krb5.kdc_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2020-11-30 04:19:15 +03:00
planpythontestsuite (
" ad_dc " ,
2021-06-16 03:52:11 +03:00
" samba.tests.krb5.kdc_tgs_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-06-10 00:56:58 +03:00
planpythontestsuite (
" ad_dc " ,
" samba.tests.krb5.fast_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-02-17 02:15:50 +03:00
planpythontestsuite (
" ad_dc " ,
2021-06-16 03:52:11 +03:00
" samba.tests.krb5.ms_kile_client_principal_lookup_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-10-21 05:45:00 +03:00
planpythontestsuite (
" ad_dc " ,
" samba.tests.krb5.spn_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-10-19 10:02:45 +03:00
planpythontestsuite (
" ad_dc " ,
" samba.tests.krb5.alias_tests " ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2021-12-09 01:56:55 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.pac_align_tests ' ,
2022-03-04 06:57:27 +03:00
environ = krb5_environ )
2022-02-01 11:00:16 +03:00
planoldpythontestsuite (
2022-03-04 06:57:27 +03:00
' ad_dc ' ,
2022-02-01 11:00:16 +03:00
' samba.tests.krb5.protected_users_tests ' ,
environ = krb5_environ )
2022-04-11 06:44:09 +03:00
for env , nt_hash in [ ( " ad_dc:local " , True ) ,
( " ad_dc_no_ntlm:local " , False ) ] :
planoldpythontestsuite (
env ,
' samba.tests.krb5.nt_hash_tests ' ,
environ = {
* * krb5_environ ,
' EXPECT_NT_HASH ' : int ( nt_hash ) ,
} )
2022-05-24 10:59:16 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.kpasswd_tests ' ,
environ = krb5_environ )
2022-03-04 06:23:32 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.claims_tests ' ,
environ = krb5_environ )
2023-03-03 01:48:22 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.device_tests ' ,
environ = krb5_environ )
2022-07-04 11:48:48 +03:00
planoldpythontestsuite (
' ad_dc:local ' ,
' samba.tests.krb5.lockout_tests ' ,
environ = krb5_environ )
2022-11-03 04:49:17 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.group_tests ' ,
environ = krb5_environ )
2022-11-18 02:11:39 +03:00
for env , forced_rc4 in [ ( ' ad_dc ' , False ) ,
( ' promoted_dc ' , True ) ] :
planoldpythontestsuite (
env ,
' samba.tests.krb5.etype_tests ' ,
environ = {
* * krb5_environ ,
' DC_SERVER ' : ' $SERVER ' ,
' DC_SERVER_IP ' : ' $SERVER_IP ' ,
' DC_SERVER_IPV6 ' : ' $SERVER_IPV6 ' ,
' FORCED_RC4 ' : int ( forced_rc4 ) ,
} )
2023-05-04 04:53:06 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.authn_policy_tests ' ,
environ = krb5_environ )
tests/krb5: Add PK-INIT testing framework
To run these tests standalone, you will need the certificate and private
key of the Certificate Authority. These can be specified together in the
same file with the environment variable CA_CERT, or the private key may
be specified in its own file with CA_PRIVATE_KEY.
If either of these files are encrypted, you can specify the password in
the environment variable CA_PASS.
These tests create a new certificate for the user account, signed with
the private key of the Certificate Authority. We negotiate the reply key
with either of the public-key and Diffie-Hellman PK-INIT variants, and
use the reply key to decrypt the enc-part in the response. We also check
that the KDC’s signatures are valid.
Most of the failures with the Heimdal KDC are due to the wrong nonce
being returned in the reply compared to Windows, which issue is simple
enough to correct.
An example command line for manual testing against Windows:
SMB_CONF_PATH=ad_dc.conf KRB5_CONFIG=krb5.conf SERVICE_USERNAME=win2k19-dc.example.com ADMIN_USERNAME=Administrator ADMIN_PASSWORD=locDCpass ADMIN_KVNO=1 FOR_USER=Administrator USERNAME=Administrator PASSWORD=locDCpass DC_SERVER=win2k19-dc.example.com SERVER=win2k19-dc.example.com DOMAIN=example REALM=example.com PYTHONPATH=bin/python STRICT_CHECKING=1 FAST_SUPPORT=1 CLAIMS_SUPPORT=1 COMPOUND_ID_SUPPORT=1 TKT_SIG_SUPPORT=1 FULL_SIG_SUPPORT=1 GNUTLS_PBKDF2_SUPPORT=1 EXPECT_PAC=1 EXPECT_EXTRA_PAC_BUFFERS=1 CHECK_CNAME=1 CHECK_PADATA=1 KADMIN_IS_TGS=0 FORCED_RC4=1 DEFAULT_ETYPES=36 CA_CERT=./win2k19-ca.pfx CA_PASS=1234 python3 python/samba/tests/krb5/pkinit_tests.py
To set up windows for this I first installed an Certificate Authority with an Enterprise CA.
Then I exported the private key and certificate of the CA:
1. go into the Certification Authority snap-in for the relevant computer,
2. right-clicking the CA
3. clicking ‘All Tasks’ → ‘Back up CA...’
4. and exporting the private key and CA certificate.
(I downloaded the resulting file via smbclient).
After setting up an Enterprise CA, I also needed to edit the domain
controller GPO to enable auto-enrollment, otherwise Windows would
refuse to accept as legitimate any certificates provided by the client.
That can be done by first enabling the policy:
‘Computer Configuration/Policies/Windows Settings/Security Settings/Public Key Policies/Certificate Services Client — Auto-Enrollment’,
and then ticking both ‘Renew expired certificates…’ and ‘Update certificates…’)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-07-03 05:43:10 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.pkinit_tests ' ,
environ = krb5_environ )
2023-09-28 04:10:16 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.conditional_ace_tests ' ,
environ = krb5_environ )
2023-12-08 06:38:21 +03:00
planoldpythontestsuite (
' ad_dc ' ,
' samba.tests.krb5.gkdi_tests ' ,
environ = krb5_environ )
2024-04-05 03:44:08 +03:00
planoldpythontestsuite (
' ad_dc:local ' ,
' samba.tests.krb5.gmsa_tests ' ,
environ = krb5_environ )
2015-06-05 02:53:19 +03:00
for env in [
' vampire_dc ' ,
' promoted_dc ' ] :
planoldpythontestsuite ( env , " samba.tests.kcc " ,
name = " samba.tests.kcc " ,
environ = { ' TEST_SERVER ' : ' $SERVER ' , ' TEST_USERNAME ' : ' $USERNAME ' ,
' TEST_PASSWORD ' : ' $PASSWORD ' ,
' TEST_ENV ' : env
2018-07-30 09:14:43 +03:00
} ,
2019-02-15 07:30:43 +03:00
extra_path = [ os . path . join ( srcdir ( ) , " samba/python " ) , ] )
planpythontestsuite ( env , " samba.tests.samba_tool.visualize_drs " )
2015-09-22 06:39:19 +03:00
2019-02-15 07:30:43 +03:00
planpythontestsuite ( " ad_dc_default:local " , " samba.tests.kcc.kcc_utils " )
2018-03-14 06:53:13 +03:00
2022-03-26 10:42:21 +03:00
for env in [ " simpleserver " , " fileserver " , " nt4_dc " , " ad_dc " ,
2019-04-12 04:31:29 +03:00
" ad_member " , " offlinebackupdc " , " restoredc " , " renamedc " , " labdc " , ' schema_pair_dc ' ] :
2017-07-04 00:31:54 +03:00
planoldpythontestsuite ( env , " netlogonsvc " ,
extra_path = [ os . path . join ( srcdir ( ) , ' python/samba/tests ' ) ] ,
2019-02-15 07:30:43 +03:00
name = " samba.tests.netlogonsvc.python( %s ) " % env )
2017-07-04 00:31:54 +03:00
2018-07-30 09:17:02 +03:00
for env in [ " ktest " , " ad_member " , " ad_dc_no_ntlm " ] :
2017-07-05 05:32:54 +03:00
planoldpythontestsuite ( env , " ntlmdisabled " ,
2017-07-04 04:31:11 +03:00
extra_path = [ os . path . join ( srcdir ( ) , ' python/samba/tests ' ) ] ,
2019-02-15 07:30:43 +03:00
name = " samba.tests.ntlmdisabled.python( %s ) " % env )
2017-07-04 04:31:11 +03:00
2015-09-22 06:39:19 +03:00
# Demote the vampire DC, it must be the last test each DC, before the dbcheck
2015-09-22 06:40:00 +03:00
for env in [ ' vampire_dc ' , ' promoted_dc ' , ' rodc ' ] :
2018-06-06 06:01:28 +03:00
planoldpythontestsuite ( env , " samba.tests.samba_tool.demote " ,
name = " samba.tests.samba_tool.demote " ,
environ = {
' CONFIGFILE ' : ' $PREFIX/ %s /etc/smb.conf ' % env
} ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
extra_path = [ os . path . join ( srcdir ( ) , " samba/python " ) ]
)
2015-09-22 06:39:19 +03:00
# TODO: Verifying the databases really should be a part of the
# environment teardown.
# check the databases are all OK. PLEASE LEAVE THIS AS THE LAST TEST
2022-03-26 10:42:21 +03:00
for env in [ " ad_dc " , " fl2000dc " , " fl2003dc " , " fl2008r2dc " ,
2018-06-11 02:02:11 +03:00
' vampire_dc ' , ' promoted_dc ' , ' backupfromdc ' , ' restoredc ' ,
2018-07-23 06:20:03 +03:00
' renamedc ' , ' offlinebackupdc ' , ' labdc ' ] :
2018-07-30 09:17:14 +03:00
plantestsuite ( " samba4.blackbox.dbcheck( %s ) " % env , env + " :local " , [ " PYTHON= %s " % python , os . path . join ( bbdir , " dbcheck.sh " ) , ' $PREFIX/provision ' , configuration ] )
2017-11-27 01:09:49 +03:00
2018-10-15 06:01:47 +03:00
#
# Tests to verify bug 13653 https://bugzilla.samba.org/show_bug.cgi?id=13653
# ad_dc has an lmdb backend, ad_dc_ntvfs has a tdb backend.
#
planoldpythontestsuite ( " ad_dc_ntvfs:local " ,
" samba.tests.blackbox.bug13653 " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
2019-02-15 07:30:43 +03:00
environ = { ' TEST_ENV ' : ' ad_dc_ntvfs ' } )
2018-10-15 06:01:47 +03:00
planoldpythontestsuite ( " ad_dc:local " ,
" samba.tests.blackbox.bug13653 " ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
2019-02-15 07:30:43 +03:00
environ = { ' TEST_ENV ' : ' ad_dc ' } )
2018-07-13 00:15:34 +03:00
# cmocka tests not requiring a specific environment
2017-11-27 01:09:49 +03:00
#
2018-07-30 09:17:14 +03:00
plantestsuite ( " samba4.dsdb.samdb.ldb_modules.unique_object_sids " , " none " ,
2017-11-27 01:09:49 +03:00
[ os . path . join ( bindir ( ) , " test_unique_object_sids " ) ] )
2018-10-15 06:01:47 +03:00
plantestsuite ( " samba4.dsdb.samdb.ldb_modules.encrypted_secrets.tdb " , " none " ,
[ os . path . join ( bindir ( ) , " test_encrypted_secrets_tdb " ) ] )
plantestsuite ( " samba4.dsdb.samdb.ldb_modules.encrypted_secrets.mdb " , " none " ,
[ os . path . join ( bindir ( ) , " test_encrypted_secrets_mdb " ) ] )
2018-04-09 21:45:47 +03:00
plantestsuite ( " lib.audit_logging.audit_logging " , " none " ,
2018-07-30 09:15:34 +03:00
[ os . path . join ( bindir ( ) , " audit_logging_test " ) ] )
2018-07-13 00:15:34 +03:00
plantestsuite ( " lib.audit_logging.audit_logging.errors " , " none " ,
2018-07-30 09:15:34 +03:00
[ os . path . join ( bindir ( ) , " audit_logging_error_test " ) ] )
2018-04-04 02:59:41 +03:00
plantestsuite ( " samba4.dsdb.samdb.ldb_modules.audit_util " , " none " ,
2018-07-30 09:15:34 +03:00
[ os . path . join ( bindir ( ) , " test_audit_util " ) ] )
2018-04-04 02:59:41 +03:00
plantestsuite ( " samba4.dsdb.samdb.ldb_modules.audit_log " , " none " ,
2018-07-30 09:15:34 +03:00
[ os . path . join ( bindir ( ) , " test_audit_log " ) ] )
2018-07-13 00:15:34 +03:00
plantestsuite ( " samba4.dsdb.samdb.ldb_modules.audit_log.errors " , " none " ,
2018-07-30 09:15:34 +03:00
[ os . path . join ( bindir ( ) , " test_audit_log_errors " ) ] )
2018-07-13 00:15:34 +03:00
plantestsuite ( " samba4.dsdb.samdb.ldb_modules.group_audit " , " none " ,
2018-07-30 09:15:34 +03:00
[ os . path . join ( bindir ( ) , " test_group_audit " ) ] )
2018-07-13 00:15:34 +03:00
plantestsuite ( " samba4.dsdb.samdb.ldb_modules.group_audit.errors " , " none " ,
2018-07-30 09:15:34 +03:00
[ os . path . join ( bindir ( ) , " test_group_audit_errors " ) ] )
2018-11-06 02:10:07 +03:00
plantestsuite ( " samba4.dcerpc.dnsserver.dnsutils " , " none " ,
[ os . path . join ( bindir ( ) , " test_rpc_dns_server_dnsutils " ) ] )
2019-06-27 05:45:36 +03:00
plantestsuite ( " libcli.drsuapi.repl_decrypt " , " none " ,
[ os . path . join ( bindir ( ) , " test_repl_decrypt " ) ] )
2019-12-02 05:54:08 +03:00
plantestsuite ( " librpc.ndr.ndr_string " , " none " ,
[ os . path . join ( bindir ( ) , " test_ndr_string " ) ] )
2020-01-24 00:41:35 +03:00
plantestsuite ( " librpc.ndr.ndr " , " none " ,
[ os . path . join ( bindir ( ) , " test_ndr " ) ] )
2020-01-29 22:49:07 +03:00
plantestsuite ( " librpc.ndr.ndr_macros " , " none " ,
[ os . path . join ( bindir ( ) , " test_ndr_macros " ) ] )
2020-06-12 05:26:38 +03:00
plantestsuite ( " librpc.ndr.ndr_dns_nbt " , " none " ,
[ os . path . join ( bindir ( ) , " test_ndr_dns_nbt " ) ] )
2023-11-16 00:54:42 +03:00
plantestsuite ( " librpc.ndr.test_ndr_gmsa " , " none " ,
[ os . path . join ( bindir ( ) , " test_ndr_gmsa " ) ] )
2020-04-02 05:25:53 +03:00
plantestsuite ( " libcli.ldap.ldap_message " , " none " ,
[ os . path . join ( bindir ( ) , " test_ldap_message " ) ] )
2018-09-17 23:37:02 +03:00
# process restart and limit tests, these break the environment so need to run
# in their own specific environment
planoldpythontestsuite ( " preforkrestartdc:local " ,
" samba.tests.prefork_restart " ,
extra_path = [
os . path . join ( srcdir ( ) , ' python/samba/tests ' ) ] ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
2019-02-15 07:30:43 +03:00
name = " samba.tests.prefork_restart " )
2018-12-11 01:01:09 +03:00
planoldpythontestsuite ( " preforkrestartdc:local " ,
" samba.tests.blackbox.smbcontrol_process " ,
extra_path = [
os . path . join ( srcdir ( ) , ' python/samba/tests ' ) ] ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
2019-02-15 07:30:43 +03:00
name = " samba.tests.blackbox.smbcontrol_process " )
2019-01-30 00:07:26 +03:00
planoldpythontestsuite ( " proclimitdc " ,
2018-09-18 02:21:40 +03:00
" samba.tests.process_limits " ,
extra_path = [
os . path . join ( srcdir ( ) , ' python/samba/tests ' ) ] ,
extra_args = [ ' -U " $USERNAME % $PASSWORD " ' ] ,
2019-02-15 07:30:43 +03:00
name = " samba.tests.process_limits " )
2019-03-17 04:47:40 +03:00
planoldpythontestsuite ( " none " , " samba.tests.usage " )
2019-07-28 16:25:54 +03:00
planpythontestsuite ( " fileserver " , " samba.tests.dcerpc.mdssvc " )
lib/compression: add simple python bindings
There are four functions, allowing compression and decompression in
the two formats we support so far. The functions will accept bytes or
unicode strings which are treated as utf-8.
The LZ77+Huffman decompression algorithm requires an exact target
length to decompress, so this is mandatory.
The plain decompression algorithm does not need an exact length, but
you can provide one to help it know how much space to allocate. As
currently written, you can provide a short length and it will often
succeed in decompressing to a different shorter string.
These bindings are intended to make ad-hoc investigation easier, not
for production use. This is reflected in the guesses about output size
that plain_decompress() makes if you don't supply one -- either they
are stupidly wasteful or ridiculously insufficient, depending on
whether or not you were trying to decompress a 20MB string.
>>> a = '12345678'
>>> import compression
>>> b = compression.huffman_compress(a)
>>> b
b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 #....
>>> len(b)
262
>>> c = compression.huffman_decompress(b, len(a))
>>> c
b'12345678' # note, c is bytes, a is str
>>> a
'12345678'
>>> d = compression.plain_compress(a)
>>> d
b'\xff\xff\xff\x0012345678'
>>> compression.plain_decompress(d) # no size specified, guesses
b'12345678'
>>> compression.plain_decompress(d,5)
b'12345'
>>> compression.plain_decompress(d,0) # 0 for auto
b'12345678'
>>> compression.plain_decompress(d,1)
b'1'
>>> compression.plain_decompress(a,444)
Traceback (most recent call last):
compression.CompressionError: unable to decompress data into a buffer of 444 bytes.
>>> compression.plain_decompress(b,444)
b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 #...
That last one decompresses the Huffman compressed file with the plain
compressor; pretty much any string is valid for plain decompression.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-11-25 06:43:52 +03:00
planoldpythontestsuite ( " none " , " samba.tests.compression " )
2023-08-09 05:15:27 +03:00
planpythontestsuite ( " none " , " samba.tests.security_descriptors " )
2024-01-10 17:11:24 +03:00
if have_cluster_support :
cluster_environ = {
" SERVER_HOSTNAME " : " $NETBIOSNAME " ,
2024-07-15 18:07:59 +03:00
" INTERFACE_GROUP_NAME " : " $NETBIOSNAME.$REALM " ,
2024-01-10 17:11:24 +03:00
" CLUSTER_SHARE " : " registry_share " ,
" USERNAME " : " $DC_USERNAME " ,
" PASSWORD " : " $DC_PASSWORD " ,
}
planpythontestsuite ( " clusteredmember:local " ,
" samba.tests.blackbox.rpcd_witness_samba_only " ,
environ = cluster_environ )
