1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

s3:tests: Add smbclient kerberos tests for ad_dc and ad_dc_fips

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 21 07:19:00 UTC 2021 on sn-devel-184
This commit is contained in:
Andreas Schneider 2021-07-20 14:58:09 +02:00 committed by Andreas Schneider
parent 42e3fda5be
commit 84b9f58616
2 changed files with 95 additions and 0 deletions

View File

@ -0,0 +1,84 @@
#!/bin/sh
if [ $# -lt 6 ]; then
cat <<EOF
Usage: test_smbclient_kerberos.sh USERNAME REALM PASSWORD SERVER SMBCLIENT TARGET
EOF
exit 1
fi
USERNAME="$1"
REALM=$2
PASSWORD="$3"
SERVER="$4"
smbclient="$5"
TARGET="$6"
shift 6
incdir=$(dirname $0)/../../../testprogs/blackbox
. ${incdir}/subunit.sh
. ${incdir}/common_test_fns.inc
failed=0
samba_kinit=kinit
if test -x ${BINDIR}/samba4kinit; then
samba_kinit=${BINDIR}/samba4kinit
fi
samba_kdestroy=kdestroy
if test -x ${BINDIR}/samba4kdestroy; then
samba_kinit=${BINDIR}/samba4kdestroy
fi
KRB5CCNAME_PATH="${PREFIX}/ccache_smbclient_kerberos"
KRB5CCNAME="FILE:${KRB5CCNAME_PATH}"
export KRB5CCNAME
# For ad_dc_fips this should succeed as Kerberos is set to required by default
test_smbclient "smbclient.smb3.kerberos[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
-U${USERNAME}%${PASSWORD} -mSMB3 || \
failed=$(expr $failed + 1)
test_smbclient "smbclient.smb3.kerberos.required[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=required -U${USERNAME}%${PASSWORD} -mSMB3 || \
failed=$(expr $failed + 1)
test_smbclient "smbclient.smb3.kerberos.desired[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=desired -U${USERNAME}%${PASSWORD} -mSMB3 || \
failed=$(expr $failed + 1)
if [ "$TARGET" = "ad_dc_fips" ] || [ "$TARGET" = "ad_member_fips" ]; then
test_smbclient_expect_failure "smbclient.smb3.kerberos.off[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=off -U${USERNAME}%${PASSWORD} -mSMB3 || \
failed=$(expr $failed + 1)
else
test_smbclient "smbclient.smb3.kerberos.off[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=off -U${USERNAME}%${PASSWORD} -mSMB3 || \
failed=$(expr $failed + 1)
fi
kerberos_kinit $samba_kinit ${USERNAME}@${REALM} ${PASSWORD}
test_smbclient "smbclient.smb3.kerberos.ccache[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-krb5-ccache=${KRB5CCNAME} -mSMB3 || \
failed=$(expr $failed + 1)
"ls; quit" //${SERVER}/tmp \
--use-kerberos=desired -U${USERNAME}%${PASSWORD} -mSMB3 || \
failed=$(expr $failed + 1)
test_smbclient "smbclient.smb3.kerberos.desired[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=desired -U${USERNAME}%${PASSWORD} -mSMB3 || \
failed=$(expr $failed + 1)
$samba_kdestroy
rm -rf $KRB5CCNAME_PATH

View File

@ -1157,6 +1157,17 @@ for env in ['fileserver', 'simpleserver']:
"$USERNAME", "$PASSWORD", "$SERVER",
smbclient3, env])
for env in ['ad_dc', 'ad_dc_fips', 'ad_member_fips']:
plantestsuite("samba3.blackbox.smbclient.kerberos", env,
[os.path.join(samba3srcdir,
"script/tests/test_smbclient_kerberos.sh"),
"alice",
"$REALM",
"Secret007",
"$SERVER",
smbclient3,
env])
plantestsuite("samba3.blackbox.rpcclient_netsessenum", "ad_member",
[os.path.join(samba3srcdir,
"script/tests/test_rpcclient_netsessenum.sh"),