sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-05 12:22:11 +03:00
Code Activity

tests/ntlm_auth: Port ntlm_auth tests to python: ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid

Browse Source 
Port ntlm_auth bash script tests to python

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Samuel Cabrero
2018-08-31 19:27:20 +02:00
committed by Noel Power
parent 8d4258f43d
commit 3ae7095bbe
2 changed files with 17 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
python/samba/tests/ntlm_auth.py
View File

@ -273,3 +273,20 @@ class NTLMAuthHelpersTests(NTLMAuthTestCase):
self.assertEquals(lines[0], b"Authenticated: Yes") self.assertEquals(lines[0], b"Authenticated: Yes")
self.assertEquals(lines[1], b".") self.assertEquals(lines[1], b".")
self.assertEquals(lines[2], b"") self.assertEquals(lines[2], b"")
# Check membership failure
proc = Popen([self.ntlm_auth_path,
"--require-membership-of", self.bad_group_sid,
"--helper-protocol", "ntlm-server-1"],
stdout=PIPE, stdin=PIPE, stderr=PIPE)
buf = "\n".join(ntlm_cmds)
(out, err) = proc.communicate(input=buf.encode('utf-8'))
self.assertEqual(proc.returncode, 0)
lines = out.split(b"\n")
self.assertEqual(len(lines), 3)
self.assertEquals(lines[0], b"Authenticated: No")
self.assertEquals(lines[1], b".")
self.assertEquals(lines[2], b"")

37
source3/script/tests/test_ntlm_auth_s3.sh
View File

@ -24,42 +24,6 @@ BADSID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1 | sed 's/..$//'`
failed=0 failed=0
test_ntlm_server_1_check_winbind_output_wrong_sid()
{
tmpfile=$PREFIX/ntlm_commands
# This isn't the correct password
cat > $tmpfile <<EOF
Password: $PASSWORD
NT-Domain: $DOMAIN
Username: $USERNAME
Request-User-Session-Key: Yes
.
EOF
cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$BADSID < $tmpfile 2>&1'
eval echo "$cmd"
out=`eval $cmd`
ret=$?
rm -f $tmpfile
if [ $ret != 0 ] ; then
echo "$out"
echo "command failed"
false
return
fi
echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
if [ $? = 0 ] ; then
# failed to authenticate .. success
true
else
echo "incorrectly gave a successful authentication"
false
fi
}
test_ntlm_server_1_check_winbind_output_fail() test_ntlm_server_1_check_winbind_output_fail()
{ {
tmpfile=$PREFIX/ntlm_commands tmpfile=$PREFIX/ntlm_commands
@ -98,7 +62,6 @@ EOF
} }
# This should work even with NTLMv2 # This should work even with NTLMv2
testit "ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid" test_ntlm_server_1_check_winbind_output_wrong_sid || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1` testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1`
testok $0 $failed testok $0 $failed