sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Code

testprogs/blackbox: add better testnames in test_weak_disable_ntlmssp_ldap.sh

Browse Source 
This makes it easier to adjust the expected output when it changes in
the next commits.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Stefan Metzmacher 2024-03-13 16:53:44 +01:00
parent cff7656e66
commit 1474f9c5de
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
testprogs/blackbox/test_weak_disable_ntlmssp_ldap.sh
View File

@ -22,19 +22,22 @@ samba_net="$BINDIR/net"
unset GNUTLS_FORCE_FIPS_MODE
# Checks that testparm reports: Weak crypto is allowed
testit_grep "testparm" "Weak crypto is allowed" $samba_testparm --suppress-prompt $SMB_CONF_PATH 2>&1 || failed=$(expr $failed + 1)
testit_grep "testparm.with-weak" "Weak crypto is allowed" $samba_testparm --suppress-prompt $SMB_CONF_PATH 2>&1 || failed=$(expr $failed + 1)
# We should be allowed to use NTLM for connecting
testit "net_ads_search.ntlm" $samba_net ads search --use-kerberos=off '(objectCategory=group)' sAMAccountName -U${USERNAME}%${PASSWORD} || failed=$(expr $failed + 1)
testit "net_ads_search.ntlm.with-weak" $samba_net ads search --use-kerberos=off '(objectCategory=group)' sAMAccountName -U${USERNAME}%${PASSWORD} || failed=$(expr $failed + 1)
GNUTLS_FORCE_FIPS_MODE=1
export GNUTLS_FORCE_FIPS_MODE
# Checks that testparm reports: Weak crypto is disallowed
testit_grep "testparm" "Weak crypto is disallowed" $samba_testparm --suppress-prompt $SMB_CONF_PATH 2>&1 || failed=$(expr $failed + 1)
testit_grep "testparm.without-weak" "Weak crypto is disallowed" $samba_testparm --suppress-prompt $SMB_CONF_PATH 2>&1 || failed=$(expr $failed + 1)
# We should not be allowed to use NTLM for connecting
testit_expect_failure_grep "net_ads_search.ntlm" "We can't fallback to NTLMSSP, weak crypto is disallowed." $samba_net ads search --use-kerberos=off -d10 '(objectCategory=group)' sAMAccountName -U${USERNAME}%${PASSWORD} || failed=$(expr $failed + 1)
testit_expect_failure_grep \
"net_ads_search.ntlm.without-weak" \
"We can't fallback to NTLMSSP, weak crypto is disallowed." \
$samba_net ads search -d10 --use-kerberos=off '(objectCategory=group)' sAMAccountName -U${USERNAME}%${PASSWORD} || failed=$(expr $failed + 1)
unset GNUTLS_FORCE_FIPS_MODE