mirror of
https://github.com/samba-team/samba.git
synced 2025-01-12 09:18:10 +03:00
fb5e1f4a65
This checks that Samba3 joins Samba4 correctly, and allows NTLM and Kerberos logons from a live Samba4 DC. This needs the common krb5.conf generation logic, and because we now override KRB5_CONFIG we must update ktest to have a valid krb5.conf. Based on an original patch by metze Andrew Bartlett
119 lines
2.4 KiB
Perl
119 lines
2.4 KiB
Perl
#!/usr/bin/perl
|
|
# Bootstrap Samba and run a number of tests against it.
|
|
# Copyright (C) 2005-2007 Jelmer Vernooij <jelmer@samba.org>
|
|
# Published under the GNU GPL, v3 or later.
|
|
|
|
package Samba;
|
|
|
|
use strict;
|
|
use target::Samba3;
|
|
use target::Samba4;
|
|
|
|
sub new($$$$$) {
|
|
my ($classname, $bindir, $binary_mapping,$ldap, $srcdir, $exeext, $server_maxtime) = @_;
|
|
|
|
my $self = {
|
|
samba3 => new Samba3($bindir,$binary_mapping, $srcdir, $exeext, $server_maxtime),
|
|
samba4 => new Samba4($bindir,$binary_mapping, $ldap, $srcdir, $exeext, $server_maxtime),
|
|
};
|
|
bless $self;
|
|
return $self;
|
|
}
|
|
|
|
sub setup_env($$$)
|
|
{
|
|
my ($self, $envname, $path) = @_;
|
|
|
|
$ENV{ENVNAME} = $envname;
|
|
|
|
my $env = $self->{samba4}->setup_env($envname, $path);
|
|
if (defined($env)) {
|
|
if (not defined($env->{target})) {
|
|
$env->{target} = $self->{samba4};
|
|
}
|
|
} else {
|
|
$env = $self->{samba3}->setup_env($envname, $path);
|
|
if (defined($env)) {
|
|
if (not defined($env->{target})) {
|
|
$env->{target} = $self->{samba3};
|
|
}
|
|
}
|
|
}
|
|
if (not defined $env) {
|
|
warn("Samba can't provide environment '$envname'");
|
|
return undef;
|
|
}
|
|
return $env;
|
|
}
|
|
|
|
sub bindir_path($$) {
|
|
my ($object, $path) = @_;
|
|
|
|
if (defined($object->{binary_mapping}->{$path})) {
|
|
$path = $object->{binary_mapping}->{$path};
|
|
}
|
|
|
|
my $valpath = "$object->{bindir}/$path$object->{exeext}";
|
|
|
|
return $valpath if (-f $valpath);
|
|
return $path;
|
|
}
|
|
|
|
sub mk_krb5_conf($)
|
|
{
|
|
my ($ctx) = @_;
|
|
|
|
unless (open(KRB5CONF, ">$ctx->{krb5_conf}")) {
|
|
die("can't open $ctx->{krb5_conf}$?");
|
|
return undef;
|
|
}
|
|
print KRB5CONF "
|
|
#Generated krb5.conf for $ctx->{realm}
|
|
|
|
[libdefaults]
|
|
default_realm = $ctx->{realm}
|
|
dns_lookup_realm = false
|
|
dns_lookup_kdc = false
|
|
ticket_lifetime = 24h
|
|
forwardable = yes
|
|
allow_weak_crypto = yes
|
|
|
|
[realms]
|
|
$ctx->{realm} = {
|
|
kdc = $ctx->{kdc_ipv4}:88
|
|
admin_server = $ctx->{kdc_ipv4}:88
|
|
default_domain = $ctx->{dnsname}
|
|
}
|
|
$ctx->{dnsname} = {
|
|
kdc = $ctx->{kdc_ipv4}:88
|
|
admin_server = $ctx->{kdc_ipv4}:88
|
|
default_domain = $ctx->{dnsname}
|
|
}
|
|
$ctx->{domain} = {
|
|
kdc = $ctx->{kdc_ipv4}:88
|
|
admin_server = $ctx->{kdc_ipv4}:88
|
|
default_domain = $ctx->{dnsname}
|
|
}
|
|
|
|
[domain_realm]
|
|
.$ctx->{dnsname} = $ctx->{realm}
|
|
";
|
|
|
|
if (defined($ctx->{tlsdir})) {
|
|
print KRB5CONF "
|
|
|
|
[appdefaults]
|
|
pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem
|
|
|
|
[kdc]
|
|
enable-pkinit = true
|
|
pkinit_identity = FILE:$ctx->{tlsdir}/kdc.pem,$ctx->{tlsdir}/key.pem
|
|
pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem
|
|
|
|
";
|
|
}
|
|
close(KRB5CONF);
|
|
}
|
|
|
|
1;
|