2010-06-08 00:01:16 +04:00
# Unix SMB/CIFS implementation.
# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
2010-12-05 18:56:27 +03:00
""" Tests for samba.upgradeprovision that need a DC. """
2010-06-08 00:01:16 +04:00
import os
import re
import shutil
2010-06-20 03:56:52 +04:00
from samba import param
2010-06-08 00:01:16 +04:00
from samba . credentials import Credentials
from samba . auth import system_session
2018-07-30 09:19:05 +03:00
from samba . provision import getpolicypath , find_provision_key_parameters
2010-06-08 00:01:16 +04:00
from samba . upgradehelpers import ( get_paths , get_ldbs ,
2018-07-30 09:16:12 +03:00
identic_rename ,
updateOEMInfo , getOEMInfo , update_gpo ,
delta_update_basesamdb ,
update_dns_account_password ,
search_constructed_attrs_stored ,
increment_calculated_keyversion_number )
2010-06-08 00:01:16 +04:00
from samba . tests import env_loadparm , TestCaseInTempDir
2010-06-20 03:56:52 +04:00
from samba . tests . provision import create_dummy_secretsdb
2010-06-08 00:01:16 +04:00
import ldb
def dummymessage ( a = None , b = None ) :
2010-06-20 03:56:52 +04:00
pass
2010-06-08 00:01:16 +04:00
2018-07-30 09:21:29 +03:00
2015-03-06 01:38:26 +03:00
smb_conf_path = " %s / %s / %s " % ( os . environ [ " SELFTEST_PREFIX " ] , " ad_dc_ntvfs " , " etc/smb.conf " )
2010-06-08 00:01:16 +04:00
2018-07-30 09:20:39 +03:00
2010-06-08 00:01:16 +04:00
class UpgradeProvisionBasicLdbHelpersTestCase ( TestCaseInTempDir ) :
""" Some simple tests for individual functions in the provisioning code.
"""
def test_get_ldbs ( self ) :
2010-06-20 03:56:52 +04:00
paths = get_paths ( param , None , smb_conf_path )
2010-06-08 00:01:16 +04:00
creds = Credentials ( )
2010-06-20 03:56:52 +04:00
lp = env_loadparm ( )
2010-06-08 00:01:16 +04:00
creds . guess ( lp )
get_ldbs ( paths , creds , system_session ( ) , lp )
def test_find_key_param ( self ) :
2010-06-20 03:56:52 +04:00
paths = get_paths ( param , None , smb_conf_path )
2010-06-08 00:01:16 +04:00
creds = Credentials ( )
2010-06-20 03:56:52 +04:00
lp = env_loadparm ( )
2010-06-08 00:01:16 +04:00
creds . guess ( lp )
rootdn = " dc=samba,dc=example,dc=com "
ldbs = get_ldbs ( paths , creds , system_session ( ) , lp )
names = find_provision_key_parameters ( ldbs . sam , ldbs . secrets , ldbs . idmap ,
2018-07-30 09:15:34 +03:00
paths , smb_conf_path , lp )
2020-02-07 01:02:38 +03:00
self . assertEqual ( names . realm , " SAMBA.EXAMPLE.COM " )
self . assertEqual ( str ( names . rootdn ) . lower ( ) , rootdn . lower ( ) )
2010-06-20 14:06:50 +04:00
self . assertNotEquals ( names . policyid_dc , None )
self . assertNotEquals ( names . ntdsguid , " " )
2010-06-08 00:01:16 +04:00
class UpgradeProvisionWithLdbTestCase ( TestCaseInTempDir ) :
2010-06-20 03:56:52 +04:00
2010-06-08 00:01:16 +04:00
def _getEmptyDbName ( self ) :
return os . path . join ( self . tempdir , " sam.ldb " )
def setUp ( self ) :
super ( UpgradeProvisionWithLdbTestCase , self ) . setUp ( )
2010-06-20 03:56:52 +04:00
paths = get_paths ( param , None , smb_conf_path )
2010-06-08 00:01:16 +04:00
self . creds = Credentials ( )
2010-06-20 03:56:52 +04:00
self . lp = env_loadparm ( )
self . creds . guess ( self . lp )
2010-06-08 00:01:16 +04:00
self . paths = paths
2010-06-20 03:56:52 +04:00
self . ldbs = get_ldbs ( paths , self . creds , system_session ( ) , self . lp )
2010-06-20 14:06:50 +04:00
self . names = find_provision_key_parameters ( self . ldbs . sam ,
2018-07-30 09:16:12 +03:00
self . ldbs . secrets , self . ldbs . idmap , paths , smb_conf_path ,
self . lp )
2010-06-08 00:01:16 +04:00
self . referencedb = create_dummy_secretsdb (
os . path . join ( self . tempdir , " ref.ldb " ) )
2010-06-15 12:53:18 +04:00
def test_search_constructed_attrs_stored ( self ) :
hashAtt = search_constructed_attrs_stored ( self . ldbs . sam ,
self . names . rootdn ,
[ " msds-KeyVersionNumber " ] )
2018-05-11 18:37:44 +03:00
self . assertFalse ( " msds-KeyVersionNumber " in hashAtt )
2010-06-20 03:56:52 +04:00
2010-06-15 12:54:05 +04:00
def test_increment_calculated_keyversion_number ( self ) :
dn = " CN=Administrator,CN=Users, %s " % self . names . rootdn
# We conctruct a simple hash for the user administrator
hash = { }
# And we want the version to be 140
hash [ dn . lower ( ) ] = 140
increment_calculated_keyversion_number ( self . ldbs . sam ,
self . names . rootdn ,
hash )
self . assertEqual ( self . ldbs . sam . get_attribute_replmetadata_version ( dn ,
2018-07-30 09:16:12 +03:00
" unicodePwd " ) ,
2018-09-03 16:05:48 +03:00
140 )
2010-06-15 12:54:05 +04:00
# This function should not decrement the version
hash [ dn . lower ( ) ] = 130
increment_calculated_keyversion_number ( self . ldbs . sam ,
self . names . rootdn ,
hash )
self . assertEqual ( self . ldbs . sam . get_attribute_replmetadata_version ( dn ,
2018-07-30 09:16:12 +03:00
" unicodePwd " ) ,
2018-09-03 16:05:48 +03:00
140 )
2010-06-15 12:54:05 +04:00
2010-06-08 00:01:16 +04:00
def test_identic_rename ( self ) :
rootdn = " DC=samba,DC=example,DC=com "
guestDN = ldb . Dn ( self . ldbs . sam , " CN=Guest,CN=Users, %s " % rootdn )
identic_rename ( self . ldbs . sam , guestDN )
res = self . ldbs . sam . search ( expression = " (name=Guest) " , base = rootdn ,
2018-07-30 09:16:12 +03:00
scope = ldb . SCOPE_SUBTREE , attrs = [ " dn " ] )
2020-02-07 01:02:38 +03:00
self . assertEqual ( len ( res ) , 1 )
self . assertEqual ( str ( res [ 0 ] [ " dn " ] ) , " CN=Guest,CN=Users, %s " % rootdn )
2010-06-08 00:01:16 +04:00
def test_delta_update_basesamdb ( self ) :
dummysampath = self . _getEmptyDbName ( )
delta_update_basesamdb ( self . paths . samdb , dummysampath ,
2018-07-30 09:15:34 +03:00
self . creds , system_session ( ) , self . lp ,
dummymessage )
2010-06-08 00:01:16 +04:00
def test_update_gpo_simple ( self ) :
2010-06-20 14:06:50 +04:00
dir = getpolicypath ( self . paths . sysvol , self . names . dnsdomain ,
2018-07-30 09:16:12 +03:00
self . names . policyid )
2010-06-08 00:01:16 +04:00
shutil . rmtree ( dir )
self . assertFalse ( os . path . isdir ( dir ) )
update_gpo ( self . paths , self . ldbs . sam , self . names , self . lp , dummymessage )
self . assertTrue ( os . path . isdir ( dir ) )
def test_update_gpo_acl ( self ) :
path = os . path . join ( self . tempdir , " testupdategpo " )
save = self . paths . sysvol
self . paths . sysvol = path
os . mkdir ( path )
os . mkdir ( os . path . join ( path , self . names . dnsdomain ) )
2010-06-20 14:06:50 +04:00
os . mkdir ( os . path . join ( os . path . join ( path , self . names . dnsdomain ) ,
2018-07-30 09:16:12 +03:00
" Policies " ) )
2010-06-08 00:01:16 +04:00
update_gpo ( self . paths , self . ldbs . sam , self . names , self . lp , dummymessage )
shutil . rmtree ( path )
self . paths . sysvol = save
def test_getOEMInfo ( self ) :
realm = self . lp . get ( " realm " )
basedn = " DC= %s " % realm . replace ( " . " , " , DC= " )
oem = getOEMInfo ( self . ldbs . sam , basedn )
2010-06-20 14:06:50 +04:00
self . assertNotEquals ( oem , " " )
2010-06-08 00:01:16 +04:00
2010-10-26 16:38:42 +04:00
def test_update_dns_account ( self ) :
2012-02-19 02:59:48 +04:00
update_dns_account_password ( self . ldbs . sam , self . ldbs . secrets ,
2018-07-30 09:16:12 +03:00
self . names )
2010-10-26 16:38:42 +04:00
2010-06-08 00:01:16 +04:00
def test_updateOEMInfo ( self ) :
realm = self . lp . get ( " realm " )
basedn = " DC= %s " % realm . replace ( " . " , " , DC= " )
oem = getOEMInfo ( self . ldbs . sam , basedn )
updateOEMInfo ( self . ldbs . sam , basedn )
oem2 = getOEMInfo ( self . ldbs . sam , basedn )
2010-06-20 14:06:50 +04:00
self . assertNotEquals ( str ( oem ) , str ( oem2 ) )
2010-06-08 00:01:16 +04:00
self . assertTrue ( re . match ( " .*upgrade to.* " , str ( oem2 ) ) )
def tearDown ( self ) :
2015-03-12 16:25:38 +03:00
for name in [ " ref.ldb " , " secrets.ldb " , " secrets.tdb " , " secrets.tdb.bak " , " secrets.ntdb " , " sam.ldb " ] :
2010-06-08 00:01:16 +04:00
path = os . path . join ( self . tempdir , name )
if os . path . exists ( path ) :
os . unlink ( path )
super ( UpgradeProvisionWithLdbTestCase , self ) . tearDown ( )