2017-04-27 12:02:29 +12:00
# Unix SMB/CIFS implementation.
#
# Copyright (C) Catalyst.Net Ltd. 2017
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
"""
Detect null pointer exception in / source3 / smbd / sessetup . c
"""
import samba . tests
import os
from samba . net import Net , LIBNET_JOIN_AUTOMATIC
from samba . credentials import DONT_USE_KERBEROS
from samba import NTSTATUSError , ntstatus
import ctypes
2018-07-30 18:20:39 +12:00
2017-05-23 13:03:03 +12:00
class NetJoinNoSpnegoTests ( samba . tests . TestCaseInTempDir ) :
2017-04-27 12:02:29 +12:00
def setUp ( self ) :
super ( NetJoinNoSpnegoTests , self ) . setUp ( )
self . domain = os . environ [ " DOMAIN " ]
self . server = os . environ [ " SERVER " ]
2017-05-23 13:03:03 +12:00
self . lp = self . get_loadparm ( )
self . lp . set ( " private dir " , self . tempdir )
self . lp . set ( " lock dir " , self . tempdir )
self . lp . set ( " state directory " , self . tempdir )
2017-04-27 12:02:29 +12:00
def tearDown ( self ) :
super ( NetJoinNoSpnegoTests , self ) . tearDown ( )
def test_net_join_no_spnego ( self ) :
2018-07-23 00:17:35 +02:00
self . lp . set ( " client ipc max protocol " , " NT1 " )
2017-05-23 13:03:03 +12:00
self . lp . set ( " client use spnego " , " no " )
2017-04-27 12:02:29 +12:00
netbios_name = " NetJoinNoSpnego "
machinepass = " abcdefghij "
creds = self . insta_creds ( template = self . get_credentials ( ) ,
kerberos_state = DONT_USE_KERBEROS )
2017-05-23 13:03:03 +12:00
net = Net ( creds , self . lp , server = self . server )
2017-04-27 12:02:29 +12:00
try :
( join_password , sid , domain_name ) = net . join_member (
self . domain , netbios_name , LIBNET_JOIN_AUTOMATIC ,
machinepass = machinepass )
except NTSTATUSError as e :
2018-05-28 16:22:25 +01:00
code = ctypes . c_uint32 ( e . args [ 0 ] ) . value
2017-04-27 12:02:29 +12:00
if code == ntstatus . NT_STATUS_CONNECTION_DISCONNECTED :
self . fail ( " Connection failure " )
2017-05-23 13:03:03 +12:00
elif code == ntstatus . NT_STATUS_ACCESS_DENIED :
return
else :
raise
self . fail ( " Shoud have rejected NTLMv2 without SPNEGO " )
def test_net_join_no_spnego_ntlmv1 ( self ) :
2018-07-23 00:17:35 +02:00
self . lp . set ( " client ipc max protocol " , " NT1 " )
2017-05-23 13:03:03 +12:00
self . lp . set ( " client use spnego " , " no " )
self . lp . set ( " client ntlmv2 auth " , " no " )
netbios_name = " NetJoinNoSpnego "
machinepass = " abcdefghij "
creds = self . insta_creds ( template = self . get_credentials ( ) ,
kerberos_state = DONT_USE_KERBEROS )
net = Net ( creds , self . lp , server = self . server )
# NOTE WELL: We must not run more than one successful
# net.join_member per file (process), as the shared
# secrets.ldb handle will be kept between runs.
try :
( join_password , sid , domain_name ) = net . join_member (
self . domain , netbios_name , LIBNET_JOIN_AUTOMATIC ,
machinepass = machinepass )
except NTSTATUSError as e :
2018-05-28 16:22:25 +01:00
code = ctypes . c_uint32 ( e . args [ 0 ] ) . value
2017-05-23 13:03:03 +12:00
if code == ntstatus . NT_STATUS_CONNECTION_DISCONNECTED :
self . fail ( " Connection failure " )
raise
os . unlink ( os . path . join ( self . tempdir , " secrets.ldb " ) )
2017-04-27 12:02:29 +12:00
pass
