5 Usage: test_ntlm_auth_s3.sh PYTHON SRC3DIR NTLM_AUTH
19 incdir=`dirname $0`/../../../testprogs/blackbox
22 SID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1`
23 BADSID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1 | sed 's/..$//'`
27 test_plaintext_check_output_stdout()
29 tmpfile=$PREFIX/ntlm_commands
32 $DOMAIN/$USERNAME $PASSWORD
34 cmd='$NTLM_AUTH "$@" --require-membership-of=$SID --helper-protocol=squid-2.5-basic < $tmpfile 2>&1'
40 if [ $ret != 0 ] ; then
47 echo "$out" | grep "OK" >/dev/null 2>&1
50 # authenticated .. succeed
53 echo failed to get successful authentication
58 test_plaintext_check_output_fail()
60 tmpfile=$PREFIX/ntlm_commands
63 $DOMAIN\\$USERNAME $PASSWORD
65 cmd='$NTLM_AUTH "$@" --require-membership-of=$BADSID --helper-protocol=squid-2.5-basic < $tmpfile 2>&1'
71 if [ $ret != 0 ] ; then
78 echo "$out" | grep "ERR" >/dev/null 2>&1
81 # failed to authenticate .. success
84 echo "incorrectly gave a successful authentication"
89 test_ntlm_server_1_check_output()
91 tmpfile=$PREFIX/ntlm_commands
94 LANMAN-Challenge: 0123456789abcdef
95 NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
98 Request-User-Session-Key: Yes
101 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --password=SecREt01< $tmpfile 2>&1'
107 if [ $ret != 0 ] ; then
109 echo "command failed"
114 echo "$out" | grep "User-Session-Key: 3F373EA8E4AF954F14FAA506F8EEBDC4" >/dev/null 2>&1
117 # authenticated .. succeed
120 echo failed to get successful authentication
125 test_ntlm_server_1_check_output_fail()
127 tmpfile=$PREFIX/ntlm_commands
129 # Break the password with a leading A on the challenge
131 LANMAN-Challenge: A123456789abcdef
132 NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
135 Request-User-Session-Key: Yes
138 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --password=SecREt01 < $tmpfile 2>&1'
144 if [ $ret != 0 ] ; then
146 echo "command failed"
151 echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
154 # failed to authenticate .. success
157 echo "incorrectly gave a successful authentication"
162 test_ntlm_server_1_check_winbind_output()
164 tmpfile=$PREFIX/ntlm_commands
166 # This isn't the correct password
171 Request-User-Session-Key: Yes
174 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$SID < $tmpfile 2>&1'
180 if [ $ret != 0 ] ; then
182 echo "command failed"
187 echo "$out" | grep "Authenticated: Yes" >/dev/null 2>&1
190 # authenticated .. success
193 echo "Failed to authenticate the user or match with SID $SID"
198 test_ntlm_server_1_check_winbind_output_wrong_sid()
200 tmpfile=$PREFIX/ntlm_commands
202 # This isn't the correct password
207 Request-User-Session-Key: Yes
210 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$BADSID < $tmpfile 2>&1'
216 if [ $ret != 0 ] ; then
218 echo "command failed"
223 echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
226 # failed to authenticate .. success
229 echo "incorrectly gave a successful authentication"
234 test_ntlm_server_1_check_winbind_output_fail()
236 tmpfile=$PREFIX/ntlm_commands
238 # This isn't the correct password
240 LANMAN-Challenge: 0123456789abcdef
241 NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
244 Request-User-Session-Key: Yes
247 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 < $tmpfile 2>&1'
253 if [ $ret != 0 ] ; then
255 echo "command failed"
260 echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
263 # failed to authenticate .. success
266 echo "incorrectly gave a successful authentication"
271 # This should work even with NTLMv2
272 testit "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS --require-membership-of=$SID || failed=`expr $failed + 1`
274 testit_expect_failure "ntlm_auth against winbindd with failed require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd $ADDARGS --require-membership-of=$BADSID && failed=`expr $failed + 1`
275 testit_expect_failure "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with failed require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS --require-membership-of=$BADSID && failed=`expr $failed + 1`
277 testit "ntlm_auth plaintext authentication with require-membership-of" test_plaintext_check_output_stdout || failed=`expr $failed + 1`
278 testit "ntlm_auth plaintext authentication with failed require-membership-of" test_plaintext_check_output_fail || failed=`expr $failed + 1`
280 testit "ntlm_auth ntlm-server-1 with fixed password" test_ntlm_server_1_check_output || failed=`expr $failed + 1`
281 testit "ntlm_auth ntlm-server-1 with incorrect fixed password" test_ntlm_server_1_check_output_fail || failed=`expr $failed + 1`
282 testit "ntlm_auth ntlm-server-1 with plaintext password against winbind" test_ntlm_server_1_check_winbind_output || failed=`expr $failed + 1`
283 testit "ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid" test_ntlm_server_1_check_winbind_output_wrong_sid || failed=`expr $failed + 1`
284 testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1`