From 93bd5ba609f93ce8298f12f2a7b0ad333e0f48bf Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 23 Sep 2024 15:13:59 +0200 Subject: [PATCH] s4:selftest: only run ad_member with AUTH_LEVEL_CONNECT_LSA=1 We only want to test against 'allow dcerpc auth level connect:lsarpc = yes' once in order to have the related code tests. We use the ad_memeber for that special test and use the default on the tested ADDC. This reveals some knownfails, which will be fixed in the next commit... BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider --- .../knownfail.d/test_lsa_multi_auth_connect | 1 + selftest/target/Samba4.pm | 1 - source4/selftest/tests.py | 21 ++++++++++++------- 3 files changed, 14 insertions(+), 9 deletions(-) create mode 100644 selftest/knownfail.d/test_lsa_multi_auth_connect diff --git a/selftest/knownfail.d/test_lsa_multi_auth_connect b/selftest/knownfail.d/test_lsa_multi_auth_connect new file mode 100644 index 00000000000..0cd69dcfb90 --- /dev/null +++ b/selftest/knownfail.d/test_lsa_multi_auth_connect @@ -0,0 +1 @@ +^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_lsa_multi_auth_connect...chgdcpass diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index 4b289fb27ae..e917f65fc36 100755 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -2208,7 +2208,6 @@ sub provision_chgdcpass($$) my $extra_smb_conf = " check password script = $self->{srcdir}/selftest/checkpassword_arg1.sh ${unacceptable_password} - allow dcerpc auth level connect:lsarpc = yes dcesrv:max auth states = 8 drs:broken_samba_4.5_get_anc_emulation = true drs:get_tgt_support = false diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index c4f98019646..69d670fe7b4 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -1368,14 +1368,19 @@ planoldpythontestsuite( planoldpythontestsuite("ad_dc_ntvfs", "samba.tests.dcerpc.dnsserver", extra_args=['-U"$USERNAME%$PASSWORD"']) planoldpythontestsuite("ad_dc", "samba.tests.dcerpc.dnsserver", extra_args=['-U"$USERNAME%$PASSWORD"']) -for env in ["chgdcpass", "ad_member"]: - planoldpythontestsuite(env, "samba.tests.dcerpc.raw_protocol", - environ={"MAX_NUM_AUTH": "8", - "ALLOW_BIND_AUTH_PAD": "1", - "AUTH_LEVEL_CONNECT_LSA": "1", - "LEGACY_BIND_NACK_NO_REASON": "1", - "USERNAME": "$DC_USERNAME", - "PASSWORD": "$DC_PASSWORD"}) +planoldpythontestsuite("chgdcpass", "samba.tests.dcerpc.raw_protocol", + environ={"MAX_NUM_AUTH": "8", + "ALLOW_BIND_AUTH_PAD": "1", + "LEGACY_BIND_NACK_NO_REASON": "1", + "USERNAME": "$DC_USERNAME", + "PASSWORD": "$DC_PASSWORD"}) +planoldpythontestsuite("ad_member", "samba.tests.dcerpc.raw_protocol", + environ={"MAX_NUM_AUTH": "8", + "ALLOW_BIND_AUTH_PAD": "1", + "AUTH_LEVEL_CONNECT_LSA": "1", + "LEGACY_BIND_NACK_NO_REASON": "1", + "USERNAME": "$DC_USERNAME", + "PASSWORD": "$DC_PASSWORD"}) if have_heimdal_support: planoldpythontestsuite("ad_dc_smb1:local", "samba.tests.auth_log", extra_args=['-U"$USERNAME%$PASSWORD"'],