### Test kinit defaults
###########################################################
-testit "kinit with password" $samba_texpect $PREFIX/tmpkinitscript $samba_kinit $USERNAME@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
-
-testit "kinit renew ticket" $samba_kinit -R || failed=$(expr $failed + 1)
-test_smbclient "Test login with kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with password" \
+ $samba_texpect $PREFIX/tmpkinitscript \
+ $samba_kinit $USERNAME@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
+
+testit "kinit renew ticket" \
+ $samba_kinit -R || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
### Test kinit with enterprice principal
###########################################################
-testit "kinit with password (enterprise style)" $samba_texpect $PREFIX/tmpkinitscript $samba_kinit -E $USERNAME@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with password (enterprise style)" \
+ $samba_texpect $PREFIX/tmpkinitscript \
+ $samba_kinit -E $USERNAME@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
# This does not work with MIT Kerberos 1.14 or older
-testit "kinit renew ticket (enterprise style)" $samba_kinit -R || failed=$(expr $failed + 1)
-test_smbclient "Test login with kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit renew ticket (enterprise style)" \
+ $samba_kinit -R || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
### Tests with kinit default again
###########################################################
-testit "kinit with password" $samba_texpect $PREFIX/tmpkinitscript $samba_kinit $USERNAME@$REALM || failed=$(expr $failed + 1)
-testit "check time with kerberos ccache" $VALGRIND $PYTHON $samba_tool time $SERVER $CONFIGURATION --use-krb5-ccache="${KRB5CCNAME}" "$@" || failed=$(expr $failed + 1)
+testit "kinit with password" \
+ $samba_texpect $PREFIX/tmpkinitscript \
+ $samba_kinit $USERNAME@$REALM || \
+ failed=$(expr $failed + 1)
+testit "check time with kerberos ccache" \
+ $VALGRIND $PYTHON $samba_tool time $SERVER \
+ $CONFIGURATION --use-krb5-ccache="${KRB5CCNAME}" "$@" || \
+ failed=$(expr $failed + 1)
USERPASS="testPass@12%"
-testit "add user with kerberos ccache" $VALGRIND $PYTHON $samba_tool user create ${TEST_USER} $USERPASS $CONFIGURATION --use-krb5-ccache="${KRB5CCNAME}" "$@" || failed=$(expr $failed + 1)
+testit "add user with kerberos ccache" \
+ $VALGRIND $PYTHON $samba_tool user create ${TEST_USER} $USERPASS \
+ $CONFIGURATION --use-krb5-ccache="${KRB5CCNAME}" "$@" || \
+ failed=$(expr $failed + 1)
echo "Getting defaultNamingContext"
-BASEDN=$($ldbsearch $options --basedn='' -H ldap://$SERVER --scope=base DUMMY=x defaultNamingContext | grep defaultNamingContext | awk '{print $2}')
+BASEDN=$($ldbsearch $options --basedn='' -H ldap://$SERVER --scope=base \
+ DUMMY=x defaultNamingContext | grep defaultNamingContext | awk '{print $2}')
cat >$PREFIX/tmpldbmodify <<EOF
dn: cn=${TEST_USER},cn=users,$BASEDN
userPrincipalName: nettest@$REALM
EOF
-testit "modify servicePrincipalName and userPrincpalName" $VALGRIND $ldbmodify -H ldap://$SERVER $PREFIX/tmpldbmodify --use-krb5-ccache="${KRB5CCNAME}" "$@" || failed=$(expr $failed + 1)
+testit "modify servicePrincipalName and userPrincpalName" \
+ $VALGRIND $ldbmodify -H ldap://$SERVER $PREFIX/tmpldbmodify \
+ --use-krb5-ccache="${KRB5CCNAME}" "$@" || \
+ failed=$(expr $failed + 1)
-testit "set user password with kerberos ccache" $VALGRIND $PYTHON $samba_tool user setpassword ${TEST_USER} --newpassword=$USERPASS $CONFIGURATION --use-krb5-ccache="${KRB5CCNAME}" "$@" || failed=$(expr $failed + 1)
+testit "set user password with kerberos ccache" \
+ $VALGRIND $PYTHON $samba_tool user setpassword ${TEST_USER} \
+ --newpassword=$USERPASS $CONFIGURATION \
+ --use-krb5-ccache="${KRB5CCNAME}" "$@" || \
+ failed=$(expr $failed + 1)
-testit "enable user with kerberos cache" $VALGRIND $PYTHON $samba_enableaccount ${TEST_USER} -H ldap://$SERVER --use-krb5-ccache="${KRB5CCNAME}" "$@" || failed=$(expr $failed + 1)
+testit "enable user with kerberos cache" \
+ $VALGRIND $PYTHON $samba_enableaccount ${TEST_USER} \
+ -H ldap://$SERVER --use-krb5-ccache="${KRB5CCNAME}" "$@" || \
+ failed=$(expr $failed + 1)
###########################################################
### Test kinit with canonicalization
###########################################################
upperusername=$(echo $USERNAME | tr '[a-z]' '[A-Z]')
-testit "kinit with canonicalize" $samba_texpect $PREFIX/tmpkinitscript $samba_kinit -C $upperusername@$REALM -S kadmin/changepw@$REALM || failed=$(expr $failed + 1)
+testit "kinit with canonicalize" \
+ $samba_texpect $PREFIX/tmpkinitscript \
+ $samba_kinit -C $upperusername@$REALM -S kadmin/changepw@$REALM || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
send ${USERPASS}\n
EOF
-testit "kinit with user password" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit ${TEST_USER}@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with user password" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit ${TEST_USER}@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
### Change password
NEWUSERPASS="testPaSS@34%"
-testit "change user password with 'samba-tool user password' (rpc)" $VALGRIND $PYTHON $samba_tool user password -W$DOMAIN -U${TEST_USER}%$USERPASS $CONFIGURATION --use-kerberos=off --newpassword=$NEWUSERPASS "$@" || failed=$(expr $failed + 1)
+testit "change user password with 'samba-tool user password' (rpc)" \
+ $VALGRIND $PYTHON $samba_tool user password \
+ -W$DOMAIN -U${TEST_USER}%$USERPASS $CONFIGURATION --use-kerberos=off \
+ --newpassword=$NEWUSERPASS "$@" || \
+ failed=$(expr $failed + 1)
cat >$PREFIX/tmpkinituserpassscript <<EOF
expect Password for
send ${NEWUSERPASS}\n
EOF
-testit "kinit with new user password" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit ${TEST_USER}@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with new user password" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit ${TEST_USER}@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
### Test kinit with user credentials in special formats
###########################################################
-testit "kinit with new (NT-Principal style) using UPN" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit nettest@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache from NT UPN" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with new (NT-Principal style) using UPN" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit nettest@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache from NT UPN" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
-testit "kinit with new (enterprise style) using UPN" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit -E nettest@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache from enterprise UPN" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with new (enterprise style) using UPN" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit -E nettest@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache from enterprise UPN" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
userPrincipalName: nettest@$REALM.org
EOF
-testit "modify userPrincipalName to be a different domain" $VALGRIND $ldbmodify $ADMIN_LDBMODIFY_CONFIG $PREFIX/tmpldbmodify $PREFIX/tmpldbmodify --use-krb5-ccache="${KRB5CCNAME}" "$@" || failed=$(expr $failed + 1)
+testit "modify userPrincipalName to be a different domain" \
+ $VALGRIND $ldbmodify $ADMIN_LDBMODIFY_CONFIG \
+ $PREFIX/tmpldbmodify $PREFIX/tmpldbmodify \
+ --use-krb5-ccache="${KRB5CCNAME}" "$@" || \
+ failed=$(expr $failed + 1)
-testit "kinit with new (enterprise style) using UPN" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit -E nettest@$REALM.org || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache from enterprise UPN" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with new (enterprise style) using UPN" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit -E nettest@$REALM.org || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache from enterprise UPN" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
### Test password change with kpasswd
###########################################################
-testit "kinit with user password" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit ${TEST_USER}@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with user password" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit ${TEST_USER}@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
USERPASS=$NEWUSERPASS
NEWUSERPASS=testPaSS@56%
expect Password changed
EOF
-testit "change user password with kpasswd" $samba_texpect $PREFIX/tmpkpasswdscript $samba_kpasswd ${TEST_USER}@$REALM || failed=$(expr $failed + 1)
+testit "change user password with kpasswd" \
+ $samba_texpect $PREFIX/tmpkpasswdscript \
+ $samba_kpasswd ${TEST_USER}@$REALM || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
send ${USERPASS}\n
EOF
-testit "kinit with user password" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit ${TEST_USER}@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with user password" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit ${TEST_USER}@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
$samba_kdestroy
USERPASS=$NEWUSERPASS
NEWUSERPASS=testPaSS@911%
-testit "modify pwdLastSet" $VALGRIND $ldbmodify $ADMIN_LDBMODIFY_CONFIG $PREFIX/tmpldbmodify $PREFIX/tmpldbmodify --use-krb5-ccache="${KRB5CCNAME}" "$@" || failed=$(expr $failed + 1)
+testit "modify pwdLastSet" \
+ $VALGRIND $ldbmodify $ADMIN_LDBMODIFY_CONFIG \
+ $PREFIX/tmpldbmodify $PREFIX/tmpldbmodify \
+ --use-krb5-ccache="${KRB5CCNAME}" "$@" || \
+ failed=$(expr $failed + 1)
cat >$PREFIX/tmpkinituserpassscript <<EOF
expect Password for
send ${NEWUSERPASS}\n
EOF
-testit "kinit (MIT) with user password for expired password" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit ${TEST_USER}@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit (MIT) with user password for expired password" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit ${TEST_USER}@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
USERPASS=$NEWUSERPASS
cat >$PREFIX/tmpkinituserpassscript <<EOF
send ${USERPASS}\n
EOF
-testit "kinit with user password" $samba_texpect $PREFIX/tmpkinituserpassscript $samba_kinit ${TEST_USER}@$REALM || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with user password" \
+ $samba_texpect $PREFIX/tmpkinituserpassscript \
+ $samba_kinit ${TEST_USER}@$REALM || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
###########################################################
### Test login with lowercase realm
rm -rf $KRB5CCNAME_PATH
lowerrealm=$(echo $REALM | tr '[A-Z]' '[a-z]')
-test_smbclient "Test login with user kerberos lowercase realm" 'ls' --use-kerberos=required -U${TEST_USER}@$lowerrealm%$NEWUSERPASS || failed=$(expr $failed + 1)
-test_smbclient "Test login with user kerberos lowercase realm 2" 'ls' --use-kerberos=required -U${TEST_USER}@$REALM%$NEWUSERPASS --realm=$lowerrealm || failed=$(expr $failed + 1)
-
-testit "del user with kerberos ccache" $VALGRIND $PYTHON $samba_tool user delete ${TEST_USER} $CONFIGURATION --use-krb5-ccache="${KRB5CCNAME}" "$@" || failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos lowercase realm" \
+ 'ls' --use-kerberos=required \
+ -U${TEST_USER}@$lowerrealm%$NEWUSERPASS || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test login with user kerberos lowercase realm 2" \
+ 'ls' --use-kerberos=required -U${TEST_USER}@$REALM%$NEWUSERPASS \
+ --realm=$lowerrealm || \
+ failed=$(expr $failed + 1)
+
+testit "del user with kerberos ccache" \
+ $VALGRIND $PYTHON $samba_tool user delete ${TEST_USER} \
+ $CONFIGURATION --use-krb5-ccache="${KRB5CCNAME}" "$@" || \
+ failed=$(expr $failed + 1)
###########################################################
### Test login with machine account
###########################################################
rm -f $KRB5CCNAME_PATH
-testit "kinit with machineaccountccache script" $PYTHON $machineaccountccache $CONFIGURATION $KRB5CCNAME || failed=$(expr $failed + 1)
-test_smbclient "Test machine account login with kerberos ccache" 'ls' --use-krb5-ccache=$KRB5CCNAME || failed=$(expr $failed + 1)
-
-testit "reset password policies" $VALGRIND $PYTHON $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=$(expr $failed + 1)
+testit "kinit with machineaccountccache script" \
+ $PYTHON $machineaccountccache $CONFIGURATION $KRB5CCNAME || \
+ failed=$(expr $failed + 1)
+test_smbclient "Test machine account login with kerberos ccache" \
+ 'ls' --use-krb5-ccache=$KRB5CCNAME || \
+ failed=$(expr $failed + 1)
+
+testit "reset password policies" \
+ $VALGRIND $PYTHON $samba_tool domain passwordsettings set \
+ $ADMIN_LDBMODIFY_CONFIG \
+ --complexity=default \
+ --history-length=default \
+ --min-pwd-length=default \
+ --min-pwd-age=default \
+ --max-pwd-age=default || \
+ failed=$(expr $failed + 1)
###########################################################
### Test basic s4u2self request
MACHINE_ACCOUNT="$(hostname -s | tr [a-z] [A-Z])\$@$REALM"
$samba_kvno -U$MACHINE_ACCOUNT $MACHINE_ACCOUNT
# But we expect the KDC to be up and running still
-testit "kinit with machineaccountccache after s4u2self" $machineaccountccache $CONFIGURATION $KRB5CCNAME || failed=$(expr $failed + 1)
+testit "kinit with machineaccountccache after s4u2self" \
+ $machineaccountccache $CONFIGURATION $KRB5CCNAME || \
+ failed=$(expr $failed + 1)
### Cleanup
git.samba.org / samba.git / commitdiff