mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
r24890: Integrate more of the RPC-SECRETS tests.
(This used to be commit 84cc1d42ab
)
This commit is contained in:
parent
3d7849847c
commit
78996e64b4
@ -4,10 +4,7 @@ incdir=`dirname $0`
|
||||
. $incdir/test_functions.sh
|
||||
|
||||
transport="ncacn_np"
|
||||
for keyexchange in "yes" "no"; do
|
||||
for ntlm2 in "yes" "no"; do
|
||||
for lm_key in "yes" "no"; do
|
||||
for ntlmoptions in \
|
||||
for ntlmoptions in \
|
||||
"-k no --option=usespnego=yes" \
|
||||
"-k no --option=usespnego=yes --option=ntlmssp_client:128bit=no" \
|
||||
"-k no --option=usespnego=yes --option=ntlmssp_client:56bit=yes" \
|
||||
@ -20,12 +17,9 @@ for keyexchange in "yes" "no"; do
|
||||
"-k no --option=usespnego=no --option=clientntlmv2auth=yes" \
|
||||
"-k no --option=gensec:spnego=no --option=clientntlmv2auth=yes" \
|
||||
"-k no --option=usespnego=no"; do
|
||||
name="RPC-SECRETS on $transport with $bindoptions with NTLM2:$ntlm2 KEYEX:$keyexchange LM_KEY:$lm_key $ntlmoptions"
|
||||
plantest "$name" dc $samba4bindir/smbtorture $TORTURE_OPTIONS $transport:"\$SERVER[$bindoptions]" --option=ntlmssp_client:keyexchange=$keyexchange --option=ntlmssp_client:ntlm2=$ntlm2 --option=ntlmssp_client:lm_key=$lm_key $ntlmoptions -U"\$USERNAME"%"\$PASSWORD" -W \$DOMAIN --option=gensec:target_hostname=\$NETBIOSNAME RPC-SECRETS "$*"
|
||||
done
|
||||
done
|
||||
done
|
||||
done
|
||||
name="RPC-SECRETS on $transport with $bindoptions with $ntlmoptions"
|
||||
plantest "$name" dc $samba4bindir/smbtorture $TORTURE_OPTIONS $transport:"\$SERVER[$bindoptions]" $ntlmoptions -U"\$USERNAME"%"\$PASSWORD" -W \$DOMAIN --option=gensec:target_hostname=\$NETBIOSNAME RPC-SECRETS "$*"
|
||||
done
|
||||
name="RPC-SECRETS on $transport with $bindoptions with Kerberos"
|
||||
plantest "$name" dc $samba4bindir/smbtorture $TORTURE_OPTIONS $transport:"\$SERVER[$bindoptions]" -k yes -U"\$USERNAME"%"\$PASSWORD" -W \$DOMAIN "--option=gensec:target_hostname=\$NETBIOSNAME" RPC-SECRETS "$*"
|
||||
name="RPC-SECRETS on $transport with $bindoptions with Kerberos - use target principal"
|
||||
|
@ -134,6 +134,9 @@ static bool test_CreateSecret_basic(struct dcerpc_pipe *p,
|
||||
|
||||
struct secret_settings {
|
||||
uint32_t bindoptions;
|
||||
bool keyexchange;
|
||||
bool ntlm2;
|
||||
bool lm_key;
|
||||
};
|
||||
|
||||
static bool test_secrets(struct torture_context *torture, const void *_data)
|
||||
@ -143,6 +146,10 @@ static bool test_secrets(struct torture_context *torture, const void *_data)
|
||||
struct dcerpc_binding *binding;
|
||||
const struct secret_settings *settings = _data;
|
||||
|
||||
lp_set_cmdline("ntlmssp client:keyexchange", settings->keyexchange?"True":"False");
|
||||
lp_set_cmdline("ntlmssp_client:ntlm2", settings->ntlm2?"True":"False");
|
||||
lp_set_cmdline("ntlmssp_client:lm_key", settings->lm_key?"True":"False");
|
||||
|
||||
torture_assert_ntstatus_ok(torture, torture_rpc_binding(torture, &binding),
|
||||
"Getting bindoptions");
|
||||
|
||||
@ -165,27 +172,54 @@ static bool test_secrets(struct torture_context *torture, const void *_data)
|
||||
return true;
|
||||
}
|
||||
|
||||
/* TEST session key correctness by pushing and pulling secrets */
|
||||
|
||||
struct torture_suite *torture_rpc_lsa_secrets(TALLOC_CTX *mem_ctx)
|
||||
static struct torture_tcase *add_test(struct torture_suite *suite, uint32_t bindoptions,
|
||||
bool keyexchange, bool ntlm2, bool lm_key)
|
||||
{
|
||||
struct torture_suite *suite = torture_suite_create(mem_ctx, "SECRETS");
|
||||
char *name = NULL;
|
||||
struct secret_settings *settings;
|
||||
|
||||
settings = talloc_zero(suite, struct secret_settings);
|
||||
settings->bindoptions = DCERPC_PUSH_BIGENDIAN;
|
||||
settings->bindoptions = bindoptions;
|
||||
|
||||
torture_suite_add_simple_tcase(suite, "bigendian", test_secrets, settings);
|
||||
if (bindoptions == DCERPC_PUSH_BIGENDIAN)
|
||||
name = talloc_strdup(suite, "bigendian");
|
||||
else if (bindoptions == DCERPC_SEAL)
|
||||
name = talloc_strdup(suite, "seal");
|
||||
else if (bindoptions == 0)
|
||||
name = talloc_strdup(suite, "none");
|
||||
else
|
||||
name = talloc_strdup(suite, "unknown");
|
||||
|
||||
settings = talloc_zero(suite, struct secret_settings);
|
||||
settings->bindoptions = DCERPC_SEAL;
|
||||
name = talloc_asprintf_append(name, " keyexchange:%s", keyexchange?"yes":"no");
|
||||
settings->keyexchange = keyexchange;
|
||||
|
||||
torture_suite_add_simple_tcase(suite, "seal", test_secrets, settings);
|
||||
name = talloc_asprintf_append(name, " ntlm2:%s", ntlm2?"yes":"no");
|
||||
settings->ntlm2 = ntlm2;
|
||||
|
||||
settings = talloc_zero(suite, struct secret_settings);
|
||||
settings->bindoptions = 0;
|
||||
name = talloc_asprintf_append(name, " lm_key:%s", lm_key?"yes":"no");
|
||||
settings->lm_key = lm_key;
|
||||
|
||||
torture_suite_add_simple_tcase(suite, "none", test_secrets, settings);
|
||||
return torture_suite_add_simple_tcase(suite, name, test_secrets, settings);
|
||||
}
|
||||
|
||||
static const bool bool_vals[] = { true, false };
|
||||
|
||||
/* TEST session key correctness by pushing and pulling secrets */
|
||||
struct torture_suite *torture_rpc_lsa_secrets(TALLOC_CTX *mem_ctx)
|
||||
{
|
||||
struct torture_suite *suite = torture_suite_create(mem_ctx, "SECRETS");
|
||||
int keyexchange, ntlm2, lm_key;
|
||||
|
||||
for (keyexchange = 0; keyexchange < ARRAY_SIZE(bool_vals); keyexchange++) {
|
||||
for (ntlm2 = 0; ntlm2 < ARRAY_SIZE(bool_vals); ntlm2++) {
|
||||
for (lm_key = 0; lm_key < ARRAY_SIZE(bool_vals); lm_key++) {
|
||||
add_test(suite, DCERPC_PUSH_BIGENDIAN, bool_vals[keyexchange], bool_vals[ntlm2],
|
||||
bool_vals[lm_key]);
|
||||
add_test(suite, DCERPC_SEAL, bool_vals[keyexchange], bool_vals[ntlm2], bool_vals[lm_key]);
|
||||
add_test(suite, 0, bool_vals[keyexchange], bool_vals[ntlm2], bool_vals[lm_key]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return suite;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user