tests/ntlm_auth: Port ntlm_auth tests to python: ntlm_auth ntlm-server-1 with incorrect fixed password against winbind

Port ntlm_auth bash script tests to python and remove bash test script

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

python/samba/tests/ntlm_auth.py

@@ -290,3 +290,27 @@ class NTLMAuthHelpersTests(NTLMAuthTestCase):
         self.assertEquals(lines[0], b"Authenticated: No")
         self.assertEquals(lines[1], b".")
         self.assertEquals(lines[2], b"")
+
+    def test_ntlm_server_1_with_incorrect_password_winbind(self):
+        """ ntlm_auth ntlm-server-1 with incorrect fixed password against
+        winbind """
+
+        ntlm_cmds = [
+            "LANMAN-Challenge: 0123456789abcdef",
+            "NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6",
+            "NT-Domain: %s" % self.domain,
+            "Username: %s" % self.username,
+            "Request-User-Session-Key: Yes",
+            ".\n" ]
+
+        proc = Popen([self.ntlm_auth_path,
+                      "--helper-protocol", "ntlm-server-1"],
+                      stdout=PIPE, stdin=PIPE, stderr=PIPE)
+        buf = "\n".join(ntlm_cmds)
+        (out, err) = proc.communicate(input=buf.encode('utf-8'))
+        self.assertEqual(proc.returncode, 0)
+
+        lines = out.split(b"\n")
+
+        self.assertEqual(len(lines), 5)
+        self.assertEquals(lines[0], b"Authenticated: No")

source3/script/tests/test_ntlm_auth_s3.sh

@@ -1,67 +0,0 @@
-#!/bin/sh
-
-if [ $# -lt 2 ]; then
-cat <<EOF
-Usage: test_ntlm_auth_s3.sh PYTHON SRC3DIR NTLM_AUTH
-EOF
-exit 1;
-fi
-
-PYTHON=$1
-SRC3DIR=$2
-NTLM_AUTH=$3
-DOMAIN=$4
-USERNAME=$5
-PASSWORD=$6
-shift 6
-ADDARGS="$*"
-
-incdir=`dirname $0`/../../../testprogs/blackbox
-. $incdir/subunit.sh
-
-SID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1`
-BADSID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1 | sed 's/..$//'`
-
-failed=0
-
-test_ntlm_server_1_check_winbind_output_fail()
-{
-	tmpfile=$PREFIX/ntlm_commands
-
-	# This isn't the correct password
-	cat > $tmpfile <<EOF
-LANMAN-Challenge: 0123456789abcdef
-NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
-NT-Domain: $DOMAIN
-Username: $USERNAME
-Request-User-Session-Key: Yes
-.
-EOF
-	cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 < $tmpfile 2>&1'
-	eval echo "$cmd"
-	out=`eval $cmd`
-	ret=$?
-	rm -f $tmpfile
-
-	if [ $ret != 0 ] ; then
-		echo "$out"
-		echo "command failed"
-		false
-		return
-	fi
-
-	echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
-
-	if [ $? = 0 ] ; then
-		# failed to authenticate .. success
-		true
-	else
-		echo "incorrectly gave a successful authentication"
-		false
-	fi
-}
-
-# This should work even with NTLMv2
-testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1`
-
-testok $0 $failed

source4/selftest/tests.py

@@ -590,8 +590,6 @@ for env in ["nt4_dc", "nt4_member", "ad_dc", "ad_member", "s4member", "chgdcpass
         "samba.ntlm_auth.diagnostics(%s:local)" % env, "%s:local" % env,
         [os.path.join(samba3srcdir, "script/tests/test_ntlm_auth_diagnostics.sh"), ntlm_auth3, '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', configuration])
 
-    plantestsuite("samba.ntlm_auth.(%s:local)" % env, "%s:local" % env, [os.path.join(samba3srcdir, "script/tests/test_ntlm_auth_s3.sh"), valgrindify(python), samba3srcdir, ntlm_auth3, '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', configuration])
-
     planpythontestsuite(env + ":local", "samba.tests.ntlm_auth", py3_compatible=True)
 
 for env in ["s4member_dflt_domain", "s4member"]: