s3-selftst Add encrypted CIFS testing with kerberos
[samba.git] / source3 / selftest / tests.py
1 #!/usr/bin/python
2 # This script generates a list of testsuites that should be run as part of 
3 # the Samba 3 test suite.
4
5 # The output of this script is parsed by selftest.pl, which then decides 
6 # which of the tests to actually run. It will, for example, skip all tests 
7 # listed in selftest/skip or only run a subset during "make quicktest".
8
9 # The idea is that this script outputs all of the tests of Samba 3, not 
10 # just those that are known to pass, and list those that should be skipped 
11 # or are known to fail in selftest/skip or selftest/samba4-knownfail. This makes it 
12 # very easy to see what functionality is still missing in Samba 3 and makes 
13 # it possible to run the testsuite against other servers, such as Samba 4 or 
14 # Windows that have a different set of features.
15
16 # The syntax for a testsuite is "-- TEST --" on a single line, followed 
17 # by the name of the test, the environment it needs and the command to run, all 
18 # three separated by newlines. All other lines in the output are considered 
19 # comments.
20
21 import os, sys
22 sys.path.insert(0, os.path.normpath(os.path.join(os.path.dirname(__file__), "../../selftest")))
23 from selftesthelpers import *
24 import subprocess
25 smb4torture = binpath("smbtorture4")
26 samba3srcdir = srcdir() + "/source3"
27 configuration = "--configfile=$SMB_CONF_PATH"
28 scriptdir=os.path.join(samba3srcdir, "../script/tests")
29
30 # see if we support ADS on the Samba3 side
31 try:
32     config_h = os.environ["CONFIG_H"]
33 except KeyError:
34     config_h = os.path.join(samba3srcdir, "include/autoconf/config.h")
35
36 f = open(config_h, 'r')
37 try:
38     have_ads_support = ("HAVE_LDAP 1" in f.read())
39 finally:
40     f.close()
41
42 f = open(config_h, 'r')
43 try:
44     have_ads_support &= ("HAVE_KRB5 1" in f.read())
45 finally:
46     f.close()
47
48 torture_options = [configuration, "--maximum-runtime=$SELFTEST_MAXTIME", 
49                    "--target=samba3", "--basedir=$SELFTEST_TMPDIR",
50                    '--option="torture:winbindd_netbios_name=$SERVER"',
51                    '--option="torture:winbindd_netbios_domain=$DOMAIN"', 
52                    '--option=torture:sharedelay=100000']
53
54 if not os.getenv("SELFTEST_VERBOSE"):
55     torture_options.append("--option=torture:progress=no")
56 torture_options.append("--format=subunit")
57 if os.getenv("SELFTEST_QUICK"):
58     torture_options.append("--option=torture:quick=yes")
59 smb4torture += " " + " ".join(torture_options)
60
61 sub = subprocess.Popen("%s --version 2> /dev/null" % smb4torture, stdout=subprocess.PIPE, stdin=subprocess.PIPE, shell=True)
62 sub.communicate("")
63 smb4torture_possible = (sub.returncode == 0)
64
65 def plansmbtorturetestsuite(name, env, options, description=''):
66     modname = "samba3.posix_s3.%s %s" % (name, description)
67     cmdline = "%s $LISTOPT %s %s" % (valgrindify(smb4torture), options, name)
68     if smb4torture_possible:
69         plantestsuite_loadlist(modname, env, cmdline)
70
71 plantestsuite("samba3.blackbox.success", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_success.sh")])
72 plantestsuite("samba3.blackbox.failure", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_failure.sh")])
73
74 plantestsuite("samba3.local_s3", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_local_s3.sh")])
75
76 plantestsuite("samba3.blackbox.registry.upgrade", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_registry_upgrade.sh"), binpath('net'), binpath('dbwrap_tool')])
77
78 tests=[ "FDPASS", "LOCK1", "LOCK2", "LOCK3", "LOCK4", "LOCK5", "LOCK6", "LOCK7", "LOCK9",
79         "UNLINK", "BROWSE", "ATTR", "TRANS2", "TORTURE",
80         "OPLOCK1", "OPLOCK2", "OPLOCK4", "STREAMERROR",
81         "DIR", "DIR1", "DIR-CREATETIME", "TCON", "TCONDEV", "RW1", "RW2", "RW3", "RW-SIGNING",
82         "OPEN", "XCOPY", "RENAME", "DELETE", "DELETE-LN", "PROPERTIES", "W2K",
83         "TCON2", "IOCTL", "CHKPATH", "FDSESS", "LOCAL-SUBSTITUTE", "CHAIN1", "CHAIN2",
84         "GETADDRINFO", "POSIX", "UID-REGRESSION-TEST", "SHORTNAME-TEST",
85         "LOCAL-BASE64", "LOCAL-GENCACHE", "POSIX-APPEND",
86         "CASE-INSENSITIVE-CREATE", "SMB2-BASIC", "NTTRANS-FSCTL", "SMB2-NEGPROT",
87         "CLEANUP1",
88         "CLEANUP2",
89         "BAD-NBT-SESSION"]
90
91 for t in tests:
92     plantestsuite("samba3.smbtorture_s3.plain(s3dc).%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', binpath('smbtorture3'), "", "-l $LOCAL_PATH"])
93     plantestsuite("samba3.smbtorture_s3.crypt(s3dc).%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', binpath('smbtorture3'), "-e", "-l $LOCAL_PATH"])
94
95 local_tests=[
96         "LOCAL-SUBSTITUTE",
97         "LOCAL-GENCACHE",
98         "LOCAL-TALLOC-DICT",
99         "LOCAL-BASE64",
100         "LOCAL-RBTREE",
101         "LOCAL-MEMCACHE",
102         "LOCAL-STREAM-NAME",
103         "LOCAL-WBCLIENT",
104         "LOCAL-string_to_sid",
105         "LOCAL-binary_to_sid",
106         "LOCAL-DBTRANS",
107         "LOCAL-TEVENT-SELECT",
108         "LOCAL-CONVERT-STRING",
109         "LOCAL-CONV-AUTH-INFO",
110         "LOCAL-sprintf_append"]
111
112 for t in local_tests:
113     plantestsuite("samba3.smbtorture_s3.%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', binpath('smbtorture3'), "-e"])
114
115 tests=["--ping", "--separator",
116        "--own-domain",
117        "--all-domains",
118        "--trusted-domains",
119        "--domain-info=BUILTIN",
120        "--domain-info=$DOMAIN",
121        "--online-status",
122        "--online-status --domain=BUILTIN",
123        "--online-status --domain=$DOMAIN",
124        "--check-secret --domain=$DOMAIN",
125        "--change-secret --domain=$DOMAIN",
126        "--check-secret --domain=$DOMAIN",
127        "--online-status --domain=$DOMAIN",
128        #Didn't pass yet# "--domain-users",
129        "--domain-groups",
130        "--name-to-sid=$USERNAME",
131        "--name-to-sid=$DOMAIN\\\\$USERNAME",
132      #Didn't pass yet# "--user-info=$USERNAME",
133        "--user-groups=$DOMAIN\\\\$USERNAME",
134        "--allocate-uid",
135        "--allocate-gid"]
136
137 for t in tests:
138     plantestsuite("samba3.wbinfo_s3.(s3dc:local).%s" % t, "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_wbinfo_s3.sh"), t])
139     plantestsuite("samba3.wbinfo_s3.(member:local).%s" % t, "member:local", [os.path.join(samba3srcdir, "script/tests/test_wbinfo_s3.sh"), t])
140
141 plantestsuite(
142     "samba3.wbinfo_sids2xids.(member:local)", "member:local",
143     [os.path.join(samba3srcdir, "script/tests/test_wbinfo_sids2xids.sh")])
144
145 plantestsuite("samba3.ntlm_auth.(s3dc:local)", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_ntlm_auth_s3.sh"), valgrindify(python), samba3srcdir, binpath('ntlm_auth3'), configuration])
146
147 for env in ["s3dc", "member"]:
148     plantestsuite("samba3.blackbox.smbclient_auth.plain (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$DC_USERNAME', '$DC_PASSWORD', binpath('smbclient3'), configuration])
149
150 for env in ["secserver"]:
151     plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) domain creds" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN\\\\$DC_USERNAME', '$DC_PASSWORD', binpath('smbclient3'), configuration + " --option=clientntlmv2auth=no"])
152
153 for env in ["member"]:
154     plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) member creds" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$SERVER\\\\$USERNAME', '$PASSWORD', binpath('smbclient3'), configuration])
155
156 for env in ["maptoguest", "secshare", "secserver"]:
157     plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) local creds" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', binpath('smbclient3'), configuration + " --option=clientntlmv2auth=no --option=clientlanmanauth=yes"])
158
159 env = "maptoguest"
160 plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) bad username" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', 'notmy$USERNAME', '$PASSWORD', binpath('smbclient3'), configuration + " --option=clientntlmv2auth=no --option=clientlanmanauth=yes"])
161
162 # plain
163 for env in ["s3dc"]:
164     plantestsuite("samba3.blackbox.smbclient_s3.plain (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_s3.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', '$USERID', '$LOCAL_PATH', '$PREFIX', binpath('smbclient3'), binpath('wbinfo'), configuration])
165
166 for env in ["member"]:
167     plantestsuite("samba3.blackbox.smbclient_s3.plain (%s) member creds" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_s3.sh"), '$SERVER', '$SERVER_IP', '$SERVER', '$SERVER\\\\$USERNAME', '$PASSWORD', '$USERID', '$LOCAL_PATH', '$PREFIX', binpath('smbclient3'), binpath('wbinfo'), configuration])
168
169 for env in ["s3dc"]:
170     plantestsuite("samba3.blackbox.smbclient_s3.sign (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_s3.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', '$USERID', '$LOCAL_PATH', '$PREFIX', binpath('smbclient3'), binpath('wbinfo'), configuration, "--signing=required"])
171
172 for env in ["member"]:
173     plantestsuite("samba3.blackbox.smbclient_s3.sign (%s) member creds" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_s3.sh"), '$SERVER', '$SERVER_IP', '$SERVER', '$SERVER\\\\$USERNAME', '$PASSWORD', '$USERID', '$LOCAL_PATH', '$PREFIX', binpath('smbclient3'), binpath('wbinfo'), configuration, "--signing=required"])
174
175 # encrypted
176 for env in ["s3dc"]:
177     plantestsuite("samba3.blackbox.smbclient_s3.crypt (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_s3.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN', '$USERNAME', '$PASSWORD', '$USERID', '$LOCAL_PATH', '$PREFIX', binpath('smbclient3'), binpath('wbinfo'), configuration, "-e"])
178
179 #TODO encrypted against member, with member creds, and with DC creds
180 plantestsuite("samba3.blackbox.net.misc", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_net_misc.sh"),
181                                                        scriptdir, "$SMB_CONF_PATH", binpath('net'), configuration])
182 plantestsuite("samba3.blackbox.net.local.registry", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_net_registry.sh"),
183                                                        scriptdir, "$SMB_CONF_PATH", binpath('net'), configuration])
184 plantestsuite("samba3.blackbox.net.rpc.registry", "s3dc", [os.path.join(samba3srcdir, "script/tests/test_net_registry.sh"),
185                                                        scriptdir, "$SMB_CONF_PATH", binpath('net'), configuration, 'rpc'])
186
187 plantestsuite("samba3.blackbox.net.local.registry.roundtrip", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_net_registry_roundtrip.sh"),
188                                                        scriptdir, "$SMB_CONF_PATH", binpath('net'), configuration,])
189 plantestsuite("samba3.blackbox.net.rpc.registry.roundtrip", "s3dc", [os.path.join(samba3srcdir, "script/tests/test_net_registry_roundtrip.sh"),
190                                                        scriptdir, "$SMB_CONF_PATH", binpath('net'), configuration, 'rpc'])
191
192 plantestsuite("samba3.blackbox.net.local.conf", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_net_conf.sh"),
193                                                        scriptdir, "$SMB_CONF_PATH", binpath('net'), configuration,])
194 plantestsuite("samba3.blackbox.net.rpc.conf", "s3dc", [os.path.join(samba3srcdir, "script/tests/test_net_conf.sh"),
195                                                        scriptdir, "$SMB_CONF_PATH", binpath('net'), configuration, 'rpc'])
196
197
198 plantestsuite("samba3.blackbox.testparm", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_testparm_s3.sh"),
199                                                        "$LOCAL_PATH"])
200
201 plantestsuite(
202     "samba3.pthreadpool", "s3dc",
203     [os.path.join(samba3srcdir, "script/tests/test_pthreadpool.sh")])
204
205 #smbtorture4 tests
206
207 base = ["base.attr", "base.charset", "base.chkpath", "base.defer_open", "base.delaywrite", "base.delete",
208         "base.deny1", "base.deny2", "base.deny3", "base.denydos", "base.dir1", "base.dir2",
209         "base.disconnect", "base.fdpass", "base.lock",
210         "base.mangle", "base.negnowait", "base.ntdeny1",
211         "base.ntdeny2", "base.open", "base.openattr", "base.properties", "base.rename", "base.rw1",
212         "base.secleak", "base.tcon", "base.tcondev", "base.trans2", "base.unlink", "base.vuid",
213         "base.xcopy", "base.samba3error"]
214
215 raw = ["raw.acls", "raw.chkpath", "raw.close", "raw.composite", "raw.context", "raw.eas",
216        "raw.ioctl", "raw.lock", "raw.mkdir", "raw.mux", "raw.notify", "raw.open", "raw.oplock"
217        "raw.qfileinfo", "raw.qfsinfo", "raw.read", "raw.rename", "raw.search", "raw.seek",
218        "raw.sfileinfo.base", "raw.sfileinfo.bug", "raw.streams", "raw.unlink", "raw.write",
219        "raw.samba3hide", "raw.samba3badpath", "raw.sfileinfo.rename",
220        "raw.samba3caseinsensitive", "raw.samba3posixtimedlock",
221        "raw.samba3rootdirfid", "raw.sfileinfo.end-of-file",
222        "raw.bench-oplock", "raw.bench-lock", "raw.bench-open", "raw.bench-tcon",
223        "raw.samba3checkfsp", "raw.samba3closeerr", "raw.samba3oplocklogoff"]
224
225 smb2 = ["smb2.lock", "smb2.read", "smb2.compound", "smb2.connect", "smb2.scan", "smb2.scanfind",
226         "smb2.bench-oplock"]
227
228 rpc = ["rpc.authcontext", "rpc.samba3.bind", "rpc.samba3.srvsvc", "rpc.samba3.sharesec",
229        "rpc.samba3.spoolss", "rpc.samba3.wkssvc", "rpc.samba3.winreg",
230        "rpc.samba3.getaliasmembership-0",
231        "rpc.samba3.netlogon", "rpc.samba3.sessionkey", "rpc.samba3.getusername",
232        "rpc.svcctl", "rpc.ntsvcs", "rpc.winreg", "rpc.eventlog",
233        "rpc.spoolss.printserver", "rpc.spoolss.win", "rpc.spoolss.notify", "rpc.spoolss.printer",
234        "rpc.spoolss.driver",
235        "rpc.lsa", "rpc.lsa-getuser", "rpc.lsa.lookupsids", "rpc.lsa.lookupnames",
236        "rpc.lsa.privileges", "rpc.lsa.secrets",
237        "rpc.samr", "rpc.samr.users", "rpc.samr.users.privileges", "rpc.samr.passwords",
238        "rpc.samr.passwords.pwdlastset", "rpc.samr.large-dc", "rpc.samr.machine.auth",
239        "rpc.samr.priv",
240        "rpc.netlogon.admin",
241        "rpc.schannel", "rpc.schannel2", "rpc.bench-schannel1", "rpc.join", "rpc.bind"]
242
243 local = ["local.nss-wrapper", "local.ndr"]
244
245 winbind = ["winbind.struct", "winbind.wbclient"]
246
247 rap = ["rap.basic", "rap.rpc", "rap.printing", "rap.sam"]
248
249 unix = ["unix.info2", "unix.whoami"]
250
251 nbt = ["nbt.dgram" ]
252
253 libsmbclient = ["libsmbclient"]
254
255 tests= base + raw + smb2 + rpc + unix + local + winbind + rap + nbt + libsmbclient
256
257 for t in tests:
258     if t == "base.delaywrite":
259         plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --maximum-runtime=900')
260     elif t == "rap.sam":
261         plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=doscharset=ISO-8859-1')
262     elif t == "unix.whoami":
263         plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD')
264     elif t == "raw.samba3posixtimedlock":
265         plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD --option=torture:localdir=$SELFTEST_PREFIX/s3dc/share')
266     elif t == "raw.chkpath":
267         plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpcase -U$USERNAME%$PASSWORD')
268     else:
269         plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
270
271
272 test = 'rpc.lsa.lookupsids'
273 auth_options = ["", "ntlm", "spnego", "spnego,ntlm" ]
274 signseal_options = ["", ",connect", ",sign", ",seal"]
275 smb_options = ["", ",smb2"]
276 endianness_options = ["", ",bigendian"]
277 for z in smb_options:
278     for s in signseal_options:
279         for e in endianness_options:
280             for a in auth_options:
281                 binding_string = "ncacn_np:$SERVER[%s%s%s%s]" % (a, s, z, e)
282                 options = binding_string + " -U$USERNAME%$PASSWORD"
283                 plansmbtorturetestsuite(test, "s3dc", options, 'over ncacn_np with [%s%s%s%s] ' % (a, s, z, e))
284                 plantestsuite("samba3.blackbox.rpcclient over ncacn_np with [%s%s%s%s] " % (a, s, z, e), "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_rpcclient.sh"),
285                                                                  "none", options, configuration])
286
287         if have_ads_support:
288             # We should try more combinations in future, but this is all
289             # the pre-calculated credentials cache supports at the moment
290             e = ""
291             a = ""
292             binding_string = "ncacn_np:$SERVER[%s%s%s%s]" % (a, s, z, e)
293             options = binding_string + " -k yes --krb5-ccache=$PREFIX/ktest/krb5_ccache-2"
294             plansmbtorturetestsuite(test, "ktest", options, 'over kerberos with old ccache ncacn_np with [%s%s%s%s] ' % (a, s, z, e))
295
296             options = binding_string + " -k yes --krb5-ccache=$PREFIX/ktest/krb5_ccache-3"
297             plansmbtorturetestsuite(test, "ktest", options, 'over kerberos ncacn_np with [%s%s%s%s] ' % (a, s, z, e))
298
299             auth_options2 = ["krb5", "spnego,krb5"]
300             for a in auth_options2:
301                 binding_string = "ncacn_np:$SERVER[%s%s%s%s]" % (a, s, z, e)
302
303                 plantestsuite("samba3.blackbox.rpcclient over kerberos with ncacn_np with [%s%s%s%s] " % (a, s, z, e), "ktest:local", [os.path.join(samba3srcdir, "script/tests/test_rpcclient.sh"),
304                                                                                                                                   "$PREFIX/ktest/krb5_ccache-3", binding_string, "-k", configuration])
305
306
307 if have_ads_support:
308     options_list = ["", "-E"]
309     for options in options_list:
310         plantestsuite("samba3.blackbox.smbclient_krb5 old ccache %s" % options, "ktest:local", 
311                       [os.path.join(samba3srcdir, "script/tests/test_smbclient_krb5.sh"),
312                        "$PREFIX/ktest/krb5_ccache-2", 
313                        binpath('smbclient3'), "$SERVER", options, configuration])
314
315         plantestsuite("samba3.blackbox.smbclient_krb5 %s" % options, "ktest:local", 
316                       [os.path.join(samba3srcdir, "script/tests/test_smbclient_krb5.sh"),
317                        "$PREFIX/ktest/krb5_ccache-3", 
318                        binpath('smbclient3'), "$SERVER", options, configuration])
319
320 for e in endianness_options:
321     for a in auth_options:
322         for s in signseal_options:
323             binding_string = "ncacn_ip_tcp:$SERVER_IP[%s%s%s]" % (a, s, e)
324             options = binding_string + " -U$USERNAME%$PASSWORD"
325             plansmbtorturetestsuite(test, "s3dc", options, 'over ncacn_ip_tcp with [%s%s%s] ' % (a, s, e))
326
327 test = 'rpc.epmapper'
328 env = 's3dc:local'
329 binding_string = 'ncalrpc:'
330 options = binding_string + " -U$USERNAME%$PASSWORD"
331
332 plansmbtorturetestsuite(test, env, options, 'over ncalrpc')