1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
samba-mirror/source3/script/tests/test_ntlm_auth_krb5.sh
Andrew Bartlett 82c0ecbb2c gse_krb5: Avoid a segfault when we can not read the dedicated keytab file
This improved code simply cleans up the memory as soon as possible,
rather than using memcmp().  Otherwise, we segfault if
krb5_kt_start_seq_get fails, as it can set the fd element in the
handle to -1.

Change-Id: Ib4821ef944a7e12cd8a891ae07dbfc0567c65495
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 27 07:38:02 CET 2014 on sn-devel-104
2014-11-27 07:38:02 +01:00

33 lines
991 B
Bash
Executable File

#!/bin/sh
if [ $# -lt 2 ]; then
cat <<EOF
Usage: test_ntlm_auth_s3.sh PYTHON SRC3DIR NTLM_AUTH CCACHE SERVER
EOF
exit 1;
fi
PYTHON=$1
SRC3DIR=$2
NTLM_AUTH=$3
CCACHE=$4
SERVER=$5
shift 5
ADDARGS="$*"
incdir=`dirname $0`/../../../testprogs/blackbox
. $incdir/subunit.sh
failed=0
KRB5CCNAME=$CCACHE
export KRB5CCNAME
# --server-use-winbindd is set so we know it isn't cheating and using the hard-coded passwords
testit "ntlm_auth with krb5 gss-spnego-client and gss-spnego server" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --target-hostname=$SERVER --target-service=host --client-helper=gss-spnego-client --server-helper=gss-spnego --server-use-winbindd || failed=`expr $failed + 1`
echo YR| testit "ntlm_auth with krb5 and an invalid keytab" $NTLM_AUTH --helper-protocol=gss-spnego --option=security=ads --option=kerberosmethod='dedicatedkeytab' --option=dedicatedkeytabfile=FILE:`pwd`/$CCACHE.keytab-does-not-exist || failed=`expr $failed + 1`
testok $0 $failed