mirror of
https://github.com/samba-team/samba.git
synced 2024-12-31 17:18:04 +03:00
s4:selftest: also test samba4.ldb.simple.ldap with starttls and SASL-BIND
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
0122c0a698
commit
9827055be3
@ -6,6 +6,7 @@
|
||||
# fl2003dc has ldap server require strong auth = yes
|
||||
# and correct channel bindings are required for TLS
|
||||
^samba4.ldb.simple.ldaps.*SASL-BIND.*ldap_testing:tls_channel_bindings=no.*fl2003dc
|
||||
^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:tls_channel_bindings=no.*fl2003dc
|
||||
# ad_dc_ntvfs and fl2008r2dc have
|
||||
# ldap server require strong auth = allow_sasl_without_tls_channel_bindings
|
||||
# it means correct channel bindings are required, if the client indicated
|
||||
@ -14,8 +15,14 @@
|
||||
# The following are in expectedfail_heimdal for now, as MIT
|
||||
# behaves differently:
|
||||
#^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
|
||||
#^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
|
||||
#^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
|
||||
#^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
|
||||
^samba4.ldb.simple.ldaps.with.SASL-BIND.*ldap_testing:channel_bound=yes.*ldap_testing:forced_channel_binding=wRoNg
|
||||
^samba4.ldb.simple.ldaps.with.SASL-BIND.*ldap_testing:channel_bound=no.*ldap_testing:forced_channel_binding=wRoNg
|
||||
^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:channel_bound=yes.*ldap_testing:forced_channel_binding=wRoNg
|
||||
^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:channel_bound=no.*ldap_testing:forced_channel_binding=wRoNg
|
||||
^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
|
||||
^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
|
||||
^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
|
||||
^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
|
||||
|
@ -9,4 +9,6 @@
|
||||
# https://github.com/heimdal/heimdal/pull/1234
|
||||
# https://github.com/krb5/krb5/pull/1329
|
||||
^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
|
||||
^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
|
||||
^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
|
||||
^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
|
||||
|
@ -200,6 +200,9 @@ for env in ["ad_dc_ntvfs", "fl2008r2dc", "fl2003dc"]:
|
||||
options = '-U"$USERNAME%$PASSWORD" --option="tlsverifypeer=no_check" ' + auth_option
|
||||
plantestsuite("samba4.ldb.simple.ldaps with SASL-BIND %s(%s)" % (options, env),
|
||||
env, "%s/test_ldb_simple.sh ldaps $SERVER %s" % (bbdir, options))
|
||||
options += ' --option="clientldapsaslwrapping=starttls"'
|
||||
plantestsuite("samba4.ldb.simple.ldap starttls with SASL-BIND %s(%s)" % (options, env),
|
||||
env, "%s/test_ldb_simple.sh ldap $SERVER %s" % (bbdir, options))
|
||||
|
||||
|
||||
envraw = "fl2008r2dc"
|
||||
|
Loading…
Reference in New Issue
Block a user