samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00

Author	SHA1	Message	Date
Rob van der Linde	bcc77601f2	netcmd: tests: rename base class to be used by more tests Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	422680f82f	netcmd: add auth silo and policy sub-commands to samba-tool user Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	2f20fa9b90	netcmd: silo member: Make output consistent with user command * Use print with file=self.outf * Show assigned or unassigned silo Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	30992e865c	netcmd: model: User model str method returns username not cn If the cn is needed then user.cn can be used, this makes it nicer if using {user} in format strings. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	d4e84177ca	netcmd: tests: make use of unique_name Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	d3e18dbe43	netcmd: silo member uses consistent output with other commands This also includes always spelling out "authentication silo" or "authentication policy" in full, not just calling it "silo." Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	0eb727a54d	netcmd: silo member add and remove should not set assigned_silo The Windows tools don't do this either Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	9250508601	netcmd: silo member: make use of User.find function Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	921cc1df67	netcmd: model: add a find method to User model to avoid repeating code Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	a75cbd85e0	netcmd: model: add missing assigned_policy field on User model Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	925ec0e6c8	netcmd: user: PEP8 E303 E305: fix too many or too little blank lines Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	db08030c8f	netcmd: user: PEP8 E225: missing whitespace around operator Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	f1c6d4cb73	netcmd: user: PEP8 E221: fix multiple spaces before operator Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	6b0cb65363	netcmd: user: PEP8 E127: fix hanging indent not lining up Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	30cb66aec4	netcmd: user: PEP8 E502: backslash is redundant between brackets Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Rob van der Linde	cae5456a29	netcmd: user: PEP8 E117: code is overindented Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Noel Power	d9c230ff80	python/samba/tests: Add smbcacl tests for save/restore Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-15 04:05:34 +00:00
Douglas Bagnall	426ca4cf4b	pytests: sid_strings: do not fail if epoch ending has zeros To avoid collisions in random OID strings, we started using the epoch date modulus 100 million. The trouble is we did not strip out the leading zeros, so the field might be '00000123' when it should be '123', if the date happened not to correspond to an epoch with a zero in the eighth to last place. This has been the case for most of the last 1041 days, but fortunately the bug was only introduced earlier this year. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15520 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Martin Schwenke <mschwenke@ddn.com>	2023-11-15 04:05:34 +00:00
Ralph Boehme	8ccc809f93	CI/smb3unix: add test_delete_on_close BUG:https://bugzilla.samba.org/show_bug.cgi?id=15517 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2023-11-13 18:35:32 +00:00
Ralph Boehme	f09c5a3dcb	python: move clean_file() to samba/tests/libsmb.py BUG:https://bugzilla.samba.org/show_bug.cgi?id=15517 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2023-11-13 18:35:32 +00:00
Joseph Sutton	fb867873d8	netcmd: Disallow device‐specific attributes and operators for allowed‐to‐authenticate‐from fields Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Nov 9 09:01:25 UTC 2023 on atb-devel-224	2023-11-09 09:01:25 +00:00
Joseph Sutton	c5932c4794	netcmd: Add ‘allow_device_in_sddl’ parameter to SDDLField() Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-09 08:00:30 +00:00
Joseph Sutton	a08a724a28	netcmd:tests: Test authentication policies containing device‐specific attributes and operators Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-09 08:00:30 +00:00
Joseph Sutton	5ebd1b8dae	tests/krb5: Test Kerberos principal names containing non–BMP Unicode characters Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-09 08:00:30 +00:00
Joseph Sutton	0b059dafd9	tests/krb5: Add ‘expected_sname’ parameter to _fast_as_req() Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-09 08:00:30 +00:00
Joseph Sutton	e802cce43e	tests/krb5: Encode KerberosString objects as UTF‐8 Windows treats Kerberos strings as UTF‐8, but by default, pyasn1 encodes strings as ISO-8859-1. (There is a UTF8String type that gets encoded as UTF‐8, but it has a different ASN.1 encoding from GeneralString, and so can’t be used). asn1ate provides no way to override the encoding. Except… It turns out we can force UTF‐8 encoding by cunningly overriding KerberosString.__getattribute__(). Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-09 08:00:30 +00:00
Joseph Sutton	ff83d4b08f	tests/krb5: Move ‘rfc4120_pyasn1’ to ‘rfc4120_pyasn1_generated’ ‘rfc4120_pyasn1_generated’ is not to be used directly. Its contents are now reexported from ‘rfc4120_pyasn1’, which becomes a simple wrapper. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-09 08:00:30 +00:00
Joseph Sutton	beaec758c9	tests/krb5: Add tests for AllowedToAuthenticateTo with SamLogon Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-07 21:54:32 +00:00
Joseph Sutton	c277a4d363	tests/krb5: Add test for an authentication policy that allows a specific account This is a counterpart to ‘test_conditional_ace_allowed_from_user_deny’. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-07 21:54:32 +00:00
Joseph Sutton	64806f37ab	tests/krb5: Correct authentication policy SDDL There is no claim called ‘abc’, so the condition ‘(abc)’ is always going to fail. Replace this with a condition using ‘Member_of’. Furthermore, an ACL containing only Deny ACEs will only ever deny. Add a trailing Allow ACE so that the ACL might allow other principals. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-07 21:54:32 +00:00
Joseph Sutton	6b2de47488	tests/krb5: Remove unused parameter ‘expected_device_groups’ It was never passed in by any callers. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-07 21:54:32 +00:00
Joseph Sutton	f8fb8f028c	tests/krb5: Remove unused parameter ‘expected_device_groups’ It was never passed in by any callers. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-07 21:54:32 +00:00
Ralph Boehme	273d48504e	CI: smb3unix.py: check more attributes of test files (and dirs) in test_posix_perm_files() Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Nov 5 19:35:51 UTC 2023 on atb-devel-224	2023-11-05 19:35:51 +00:00
Joseph Sutton	3ef68efca2	tests/krb5: Fix comments Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Nov 2 20:13:50 UTC 2023 on atb-devel-224	2023-11-02 20:13:50 +00:00
Joseph Sutton	62373eeef0	tests/krb5: Test RODC‐issued TGTs that already contain device info/claims Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	86fb7d17ff	tests/krb5: Don’t reuse SID S-1-2-3-4 We’re already using it in ‘client_sids’ to work around a bug in Windows. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	224408f959	tests/krb5: Test target authentication policies when the TGT already contains device info/claims Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	622ac53f22	tests/krb5: Add tests for PACs containing extraneous buffers Test that the KDC removes these buffers from RODC‐issued PACs. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	69d588a870	tests/krb5: Pass a list of PAC modification functions This is simpler than chaining functions together. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	6e999eab1c	tests/krb5: Test performing a FAST‐armored TGS‐REQ when the TGT already contains device info/claims Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	014c939bdd	tests/krb5: Add support to test framework for existing device info or claims buffers Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	e468a7d627	tests/krb5: Always expect client claims Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	7048f380eb	tests/krb5: Ensure that device SIDs and claims are present only if we expect them to be Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	51a4443b04	tests/krb5: No longer pass two‐component form of TGS principal Samba now handles one‐component TGS principals more correctly. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	6033b1c00d	tests/krb5: Remove unused import Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Volker Lendecke	687b1b9931	tests: Convert the regression test for bug15505 to python The shell version is flapping, but I can't really figure out why. Maybe this version is not flapping, and it also shows the failure if you revert `952d6c2cf4`. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Volker Lendecke	9dd5e12cfa	tests: Make clean_file() handle directories Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Volker Lendecke	b5392b552e	tests: Allow to specify share names in smb2symlink tests Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 19:14:37 +00:00
Joseph Sutton	5f865bd14d	tests/krb5: Test conditional ACE expressions with empty composite literals Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2023-11-02 03:08:37 +00:00
Douglas Bagnall	e7f38c3a19	pytest:samba-tool domain test policy: test SDDL diagnostics The existing 'bad SDDL' test has SDDL so bad that the diagnostics are not exercised. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Nov 1 21:12:33 UTC 2023 on atb-devel-224	2023-11-01 21:12:33 +00:00

1 2 3 4 5 ...

4447 Commits