sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-04 08:22:08 +03:00
Code Activity

tests/ntlm_auth: Port ntlm_auth tests to python: ntlm_auth plaintext authentication with failed require-membership-of

Browse Source 
Port ntlm_auth bash script tests to python

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Samuel Cabrero
2018-08-31 18:27:50 +02:00
committed by Noel Power
parent dfa149276f
commit 3794c1c527
2 changed files with 13 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
python/samba/tests/ntlm_auth.py
View File

@ -192,3 +192,16 @@ class NTLMAuthHelpersTests(NTLMAuthTestCase):
(out, err) = proc.communicate(input=creds.encode('utf-8'))
self.assertEqual(proc.returncode, 0)
self.assertTrue(out.startswith(b"OK\n"))
# Check membership failure
proc = Popen([self.ntlm_auth_path,
"--require-membership-of", self.bad_group_sid,
"--helper-protocol", "squid-2.5-basic"],
stdout=PIPE, stdin=PIPE, stderr=PIPE)
creds = "%s%s%s %s\n" % (self.domain,
self.winbind_separator,
self.username,
self.password)
(out, err) = proc.communicate(input=creds.encode('utf-8'))
self.assertEqual(proc.returncode, 0)
self.assertTrue(out.startswith(b"ERR\n"))

33
source3/script/tests/test_ntlm_auth_s3.sh
View File

@ -24,37 +24,6 @@ BADSID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1 | sed 's/..$//'`
failed=0
test_plaintext_check_output_fail()
{
tmpfile=$PREFIX/ntlm_commands
cat > $tmpfile <<EOF
$DOMAIN\\$USERNAME $PASSWORD
EOF
cmd='$NTLM_AUTH "$@" --require-membership-of=$BADSID --helper-protocol=squid-2.5-basic < $tmpfile 2>&1'
eval echo "$cmd"
out=`eval $cmd`
ret=$?
rm -f $tmpfile
if [ $ret != 0 ] ; then
echo "$out"
echo "command failed"
false
return
fi
echo "$out" | grep "ERR" >/dev/null 2>&1
if [ $? = 0 ] ; then
# failed to authenticate .. success
true
else
echo "incorrectly gave a successful authentication"
false
fi
}
test_ntlm_server_1_check_output()
{
tmpfile=$PREFIX/ntlm_commands
@ -238,8 +207,6 @@ EOF
}
# This should work even with NTLMv2
testit "ntlm_auth plaintext authentication with failed require-membership-of" test_plaintext_check_output_fail || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with fixed password" test_ntlm_server_1_check_output || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with incorrect fixed password" test_ntlm_server_1_check_output_fail || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with plaintext password against winbind" test_ntlm_server_1_check_winbind_output || failed=`expr $failed + 1`