diff --git a/python/samba/tests/ntlm_auth.py b/python/samba/tests/ntlm_auth.py index 357afdb5c59..4edd9460119 100644 --- a/python/samba/tests/ntlm_auth.py +++ b/python/samba/tests/ntlm_auth.py @@ -273,3 +273,20 @@ class NTLMAuthHelpersTests(NTLMAuthTestCase): self.assertEquals(lines[0], b"Authenticated: Yes") self.assertEquals(lines[1], b".") self.assertEquals(lines[2], b"") + + # Check membership failure + + proc = Popen([self.ntlm_auth_path, + "--require-membership-of", self.bad_group_sid, + "--helper-protocol", "ntlm-server-1"], + stdout=PIPE, stdin=PIPE, stderr=PIPE) + buf = "\n".join(ntlm_cmds) + (out, err) = proc.communicate(input=buf.encode('utf-8')) + self.assertEqual(proc.returncode, 0) + + lines = out.split(b"\n") + + self.assertEqual(len(lines), 3) + self.assertEquals(lines[0], b"Authenticated: No") + self.assertEquals(lines[1], b".") + self.assertEquals(lines[2], b"") diff --git a/source3/script/tests/test_ntlm_auth_s3.sh b/source3/script/tests/test_ntlm_auth_s3.sh index 4048b804be2..041cb7d9cb8 100755 --- a/source3/script/tests/test_ntlm_auth_s3.sh +++ b/source3/script/tests/test_ntlm_auth_s3.sh @@ -24,42 +24,6 @@ BADSID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1 | sed 's/..$//'` failed=0 -test_ntlm_server_1_check_winbind_output_wrong_sid() -{ - tmpfile=$PREFIX/ntlm_commands - - # This isn't the correct password - cat > $tmpfile </dev/null 2>&1 - - if [ $? = 0 ] ; then - # failed to authenticate .. success - true - else - echo "incorrectly gave a successful authentication" - false - fi -} - test_ntlm_server_1_check_winbind_output_fail() { tmpfile=$PREFIX/ntlm_commands @@ -98,7 +62,6 @@ EOF } # This should work even with NTLMv2 -testit "ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid" test_ntlm_server_1_check_winbind_output_wrong_sid || failed=`expr $failed + 1` testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1` testok $0 $failed