1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

selftest: Modify expected output of 'samba-tool user getpassword' to be more consistant

This is consistant with ;format= support for time attributes and
other users of this parameter style elsewhere in LDAP.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
Andrew Bartlett 2023-12-11 21:40:44 +13:00 committed by Douglas Bagnall
parent 562bde91b4
commit 175a13ca13
3 changed files with 66 additions and 48 deletions

View File

@ -134,13 +134,13 @@ class UserCmdCryptShaTestCaseGPG(UserCmdCryptShaTestCase):
"virtualCryptSHA256;rounds=10123,virtualCryptSHA512;rounds=10456",
True)
self.assertIn("virtualCryptSHA256:", out)
self.assertIn("virtualCryptSHA512:", out)
self.assertIn("virtualCryptSHA256;rounds=10123:", out)
self.assertIn("virtualCryptSHA512;rounds=10456:", out)
sha256 = self._get_attribute(out, "virtualCryptSHA256")
sha256 = self._get_attribute(out, "virtualCryptSHA256;rounds=10123")
self.assertTrue(sha256.startswith("{CRYPT}$5$rounds=10123$"))
sha512 = self._get_attribute(out, "virtualCryptSHA512")
sha512 = self._get_attribute(out, "virtualCryptSHA512;rounds=10456")
self.assertTrue(sha512.startswith("{CRYPT}$6$rounds=10456$"))
# gpg decryption enabled.
@ -154,14 +154,14 @@ class UserCmdCryptShaTestCaseGPG(UserCmdCryptShaTestCase):
"virtualCryptSHA256;rounds=invalid,virtualCryptSHA512;rounds=3125",
True)
self.assertIn("virtualCryptSHA256:", out)
self.assertIn("virtualCryptSHA512:", out)
self.assertIn("virtualCryptSHA256;rounds=invalid:", out)
self.assertIn("virtualCryptSHA512;rounds=3125:", out)
sha256 = self._get_attribute(out, "virtualCryptSHA256")
sha256 = self._get_attribute(out, "virtualCryptSHA256;rounds=invalid")
self.assertTrue(sha256.startswith("{CRYPT}$5$"))
self.assertNotIn("rounds", sha256)
sha512 = self._get_attribute(out, "virtualCryptSHA512")
sha512 = self._get_attribute(out, "virtualCryptSHA512;rounds=3125")
self.assertTrue(sha512.startswith("{CRYPT}$6$rounds=3125$"))
# gpg decryption enabled.
@ -175,14 +175,14 @@ class UserCmdCryptShaTestCaseGPG(UserCmdCryptShaTestCase):
"virtualCryptSHA512;rounds=5129",
True)
self.assertIn("virtualCryptSHA256:", out)
self.assertIn("virtualCryptSHA512:", out)
self.assertIn("rounds=", out)
self.assertIn("virtualCryptSHA256;rounds=2561:", out)
self.assertIn("virtualCryptSHA512;rounds=5129:", out)
self.assertIn("$rounds=", out)
# Should be calculating the hashes
# so they should change between calls.
sha256 = self._get_attribute(out, "virtualCryptSHA256")
sha512 = self._get_attribute(out, "virtualCryptSHA512")
sha256 = self._get_attribute(out, "virtualCryptSHA256;rounds=2561")
sha512 = self._get_attribute(out, "virtualCryptSHA512;rounds=5129")
out = self._get_password("virtualCryptSHA256;rounds=2561," +
"virtualCryptSHA512;rounds=5129",
@ -208,20 +208,20 @@ class UserCmdCryptShaTestCaseGPG(UserCmdCryptShaTestCase):
"virtualCryptSHA512;rounds=5129",
True)
self.assertIn("virtualCryptSHA256:", out)
self.assertIn("virtualCryptSHA512:", out)
self.assertIn("rounds=", out)
self.assertIn("virtualCryptSHA256;rounds=2561:", out)
self.assertIn("virtualCryptSHA512;rounds=5129:", out)
self.assertIn("$rounds=", out)
# Should be using the pre computed hash in supplementalCredentials
# so it should not change between calls.
sha256 = self._get_attribute(out, "virtualCryptSHA256")
sha512 = self._get_attribute(out, "virtualCryptSHA512")
sha256 = self._get_attribute(out, "virtualCryptSHA256;rounds=2561")
sha512 = self._get_attribute(out, "virtualCryptSHA512;rounds=5129")
out = self._get_password("virtualCryptSHA256;rounds=2561," +
"virtualCryptSHA512;rounds=5129",
True)
self.assertEqual(sha256, self._get_attribute(out, "virtualCryptSHA256"))
self.assertEqual(sha512, self._get_attribute(out, "virtualCryptSHA512"))
self.assertEqual(sha256, self._get_attribute(out, "virtualCryptSHA256;rounds=2561"))
self.assertEqual(sha512, self._get_attribute(out, "virtualCryptSHA512;rounds=5129"))
# The returned hashes should specify the correct number of rounds
self.assertTrue(sha256.startswith("{CRYPT}$5$rounds=2561"))
@ -242,20 +242,20 @@ class UserCmdCryptShaTestCaseGPG(UserCmdCryptShaTestCase):
"virtualCryptSHA512;rounds=5000",
True)
self.assertIn("virtualCryptSHA256:", out)
self.assertIn("virtualCryptSHA512:", out)
self.assertIn("rounds=", out)
self.assertIn("virtualCryptSHA256;rounds=4000:", out)
self.assertIn("virtualCryptSHA512;rounds=5000:", out)
self.assertIn("$rounds=", out)
# Should be calculating the hashes
# so they should change between calls.
sha256 = self._get_attribute(out, "virtualCryptSHA256")
sha512 = self._get_attribute(out, "virtualCryptSHA512")
sha256 = self._get_attribute(out, "virtualCryptSHA256;rounds=4000")
sha512 = self._get_attribute(out, "virtualCryptSHA512;rounds=5000")
out = self._get_password("virtualCryptSHA256;rounds=4000," +
"virtualCryptSHA512;rounds=5000",
True)
self.assertNotEqual(sha256, self._get_attribute(out, "virtualCryptSHA256"))
self.assertNotEqual(sha512, self._get_attribute(out, "virtualCryptSHA512"))
self.assertNotEqual(sha256, self._get_attribute(out, "virtualCryptSHA256;rounds=4000"))
self.assertNotEqual(sha512, self._get_attribute(out, "virtualCryptSHA512;rounds=5000"))
# The calculated hashes should specify the correct number of rounds
self.assertTrue(sha256.startswith("{CRYPT}$5$rounds=4000"))

View File

@ -106,18 +106,20 @@ class UserCmdCryptShaTestCaseUserPassword(UserCmdCryptShaTestCase):
out = self._get_password("virtualCryptSHA256;rounds=2561," +
"virtualCryptSHA512;rounds=5129")
self.assertTrue("virtualCryptSHA256:" in out)
self.assertTrue("virtualCryptSHA512:" in out)
self.assertTrue("rounds=" not in out)
self.assertTrue("virtualCryptSHA256;rounds=2561:" in out)
self.assertTrue("virtualCryptSHA512;rounds=5129:" in out)
self.assertTrue("$rounds=" not in out)
# Should be using the pre computed hash in supplementalCredentials
# so it should not change between calls.
sha256 = self._get_attribute(out, "virtualCryptSHA256")
sha512 = self._get_attribute(out, "virtualCryptSHA512")
sha256 = self._get_attribute(out, "virtualCryptSHA256;rounds=2561")
sha512 = self._get_attribute(out, "virtualCryptSHA512;rounds=5129")
out = self._get_password("virtualCryptSHA256,virtualCryptSHA512")
self.assertEqual(sha256, self._get_attribute(out, "virtualCryptSHA256"))
self.assertEqual(sha512, self._get_attribute(out, "virtualCryptSHA512"))
self.assertEqual(sha256, self._get_attribute(out,
"virtualCryptSHA256"))
self.assertEqual(sha512, self._get_attribute(out,
"virtualCryptSHA512"))
# gpg decryption not enabled.
# both virtual attributes specified, rounds specified
@ -132,19 +134,19 @@ class UserCmdCryptShaTestCaseUserPassword(UserCmdCryptShaTestCase):
out = self._get_password("virtualCryptSHA256;rounds=2561," +
"virtualCryptSHA512;rounds=5129")
self.assertTrue("virtualCryptSHA256:" in out)
self.assertTrue("virtualCryptSHA512:" in out)
self.assertTrue("rounds=" in out)
self.assertTrue("virtualCryptSHA256;rounds=2561:" in out)
self.assertTrue("virtualCryptSHA512;rounds=5129:" in out)
self.assertTrue("$rounds=" in out)
# Should be using the pre computed hash in supplementalCredentials
# so it should not change between calls.
sha256 = self._get_attribute(out, "virtualCryptSHA256")
sha512 = self._get_attribute(out, "virtualCryptSHA512")
sha256 = self._get_attribute(out, "virtualCryptSHA256;rounds=2561")
sha512 = self._get_attribute(out, "virtualCryptSHA512;rounds=5129")
out = self._get_password("virtualCryptSHA256;rounds=2561," +
"virtualCryptSHA512;rounds=5129")
self.assertEqual(sha256, self._get_attribute(out, "virtualCryptSHA256"))
self.assertEqual(sha512, self._get_attribute(out, "virtualCryptSHA512"))
self.assertEqual(sha256, self._get_attribute(out, "virtualCryptSHA256;rounds=2561"))
self.assertEqual(sha512, self._get_attribute(out, "virtualCryptSHA512;rounds=5129"))
# Number of rounds should match that specified
self.assertTrue(sha256.startswith("{CRYPT}$5$rounds=2561"))
@ -164,19 +166,19 @@ class UserCmdCryptShaTestCaseUserPassword(UserCmdCryptShaTestCase):
out = self._get_password("virtualCryptSHA256;rounds=4000," +
"virtualCryptSHA512;rounds=5000")
self.assertTrue("virtualCryptSHA256:" in out)
self.assertTrue("virtualCryptSHA512:" in out)
self.assertTrue("rounds=" not in out)
self.assertTrue("virtualCryptSHA256;rounds=4000:" in out)
self.assertTrue("virtualCryptSHA512;rounds=5000:" in out)
self.assertTrue("$rounds=" not in out)
# Should be using the pre computed hash in supplementalCredentials
# so it should not change between calls.
sha256 = self._get_attribute(out, "virtualCryptSHA256")
sha512 = self._get_attribute(out, "virtualCryptSHA512")
sha256 = self._get_attribute(out, "virtualCryptSHA256;rounds=4000")
sha512 = self._get_attribute(out, "virtualCryptSHA512;rounds=5000")
out = self._get_password("virtualCryptSHA256;rounds=4000," +
"virtualCryptSHA512;rounds=5000")
self.assertEqual(sha256, self._get_attribute(out, "virtualCryptSHA256"))
self.assertEqual(sha512, self._get_attribute(out, "virtualCryptSHA512"))
self.assertEqual(sha256, self._get_attribute(out, "virtualCryptSHA256;rounds=4000"))
self.assertEqual(sha512, self._get_attribute(out, "virtualCryptSHA512;rounds=5000"))
# As the number of rounds did not match, should have returned the
# first hash of the corresponding scheme

View File

@ -0,0 +1,16 @@
^samba.tests.samba_tool.user_virtualCryptSHA_userPassword.samba.tests.samba_tool.user_virtualCryptSHA_userPassword.UserCmdCryptShaTestCaseUserPassword.test_no_gpg_both_hashes_rounds_stored_hashes
^samba.tests.samba_tool.user_virtualCryptSHA_userPassword.samba.tests.samba_tool.user_virtualCryptSHA_userPassword.UserCmdCryptShaTestCaseUserPassword.test_no_gpg_both_hashes_rounds_stored_hashes_with_rounds
^samba.tests.samba_tool.user_virtualCryptSHA_userPassword.samba.tests.samba_tool.user_virtualCryptSHA_userPassword.UserCmdCryptShaTestCaseUserPassword.test_no_gpg_both_hashes_rounds_stored_hashes_with_rounds_no_match
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_both_rounds
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_rounds_stored_hashes
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_rounds_stored_hashes_with_rounds
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_rounds_stored_hashes_with_rounds_no_match
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_sha256_rounds_invalid
^samba.tests.samba_tool.user_virtualCryptSHA_userPassword.samba.tests.samba_tool.user_virtualCryptSHA_userPassword.UserCmdCryptShaTestCaseUserPassword.test_no_gpg_both_hashes_rounds_stored_hashes
^samba.tests.samba_tool.user_virtualCryptSHA_userPassword.samba.tests.samba_tool.user_virtualCryptSHA_userPassword.UserCmdCryptShaTestCaseUserPassword.test_no_gpg_both_hashes_rounds_stored_hashes_with_rounds
^samba.tests.samba_tool.user_virtualCryptSHA_userPassword.samba.tests.samba_tool.user_virtualCryptSHA_userPassword.UserCmdCryptShaTestCaseUserPassword.test_no_gpg_both_hashes_rounds_stored_hashes_with_rounds_no_match
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_both_rounds
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_rounds_stored_hashes
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_rounds_stored_hashes_with_rounds
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_rounds_stored_hashes_with_rounds_no_match
^samba.tests.samba_tool.user_virtualCryptSHA_gpg.samba.tests.samba_tool.user_virtualCryptSHA_gpg.UserCmdCryptShaTestCaseGPG.test_gpg_both_hashes_sha256_rounds_invalid