3 # Unix SMB/CIFS implementation.
4 # A test for the ntlm_auth tool
5 # Copyright (C) Kai Blin <kai@samba.org> 2008
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
21 This test program will start ntlm_auth with the given command line switches and
22 see if it will get the expected results.
27 from optparse import OptionParser
29 class ReadChildError(Exception):
32 class WriteChildError(Exception):
36 """readLine(pipe) -> str
37 Read a line from the child's pipe, returns the string read.
38 Throws ReadChildError if the read fails.
40 buf = os.read(pipe, 2047)
41 newline = buf.find('\n')
43 raise ReadChildError()
46 def writeLine(pipe, buf):
47 """writeLine(pipe, buf) -> nul
48 Write a line to the child's pipe.
49 Raises WriteChildError if the write fails.
51 written = os.write(pipe, buf)
52 if written != len(buf):
53 raise WriteChildError()
56 def parseCommandLine():
57 """parseCommandLine() -> (opts, ntlm_auth_path)
58 Parse the command line.
59 Return a tuple consisting of the options and the path to ntlm_auth.
61 usage = "usage: %prog [options] path/to/ntlm_auth"
62 parser = OptionParser(usage)
64 parser.set_defaults(client_username="foo")
65 parser.set_defaults(client_password="secret")
66 parser.set_defaults(client_domain="FOO")
67 parser.set_defaults(client_helper="ntlmssp-client-1")
69 parser.set_defaults(server_username="foo")
70 parser.set_defaults(server_password="secret")
71 parser.set_defaults(server_domain="FOO")
72 parser.set_defaults(server_helper="squid-2.5-ntlmssp")
73 parser.set_defaults(config_file="/etc/samba/smb.conf")
75 parser.add_option("--client-username", dest="client_username",\
76 help="User name for the client. [default: foo]")
77 parser.add_option("--client-password", dest="client_password",\
78 help="Password the client will send. [default: secret]")
79 parser.add_option("--client-domain", dest="client_domain",\
80 help="Domain the client authenticates for. [default: FOO]")
81 parser.add_option("--client-helper", dest="client_helper",\
82 help="Helper mode for the ntlm_auth client. [default: ntlmssp-client-1]")
84 parser.add_option("--server-username", dest="server_username",\
85 help="User name server uses for local auth. [default: foo]")
86 parser.add_option("--server-password", dest="server_password",\
87 help="Password server uses for local auth. [default: secret]")
88 parser.add_option("--server-domain", dest="server_domain",\
89 help="Domain server uses for local auth. [default: FOO]")
90 parser.add_option("--server-helper", dest="server_helper",\
91 help="Helper mode for the ntlm_auth server. [default: squid-2.5-server]")
93 parser.add_option("-s", "--configfile", dest="config_file",\
94 help="Path to smb.conf file. [default:/etc/samba/smb.conf")
96 (opts, args) = parser.parse_args()
98 parser.error("Invalid number of arguments.")
100 if not os.access(args[0], os.X_OK):
101 parser.error("%s is not executable." % args[0])
103 return (opts, args[0])
109 Returns 0 if test succeeded, <>0 otherwise.
111 (opts, ntlm_auth_path) = parseCommandLine()
113 (client_in_r, client_in_w) = os.pipe()
114 (client_out_r, client_out_w) = os.pipe()
116 client_pid = os.fork()
119 # We're in the client child
123 os.dup2(client_out_r, 0)
124 os.close(client_out_r)
125 os.close(client_out_w)
127 os.dup2(client_in_w, 1)
128 os.close(client_in_r)
129 os.close(client_in_w)
132 client_args.append("--helper-protocol=%s" % opts.client_helper)
133 client_args.append("--username=%s" % opts.client_username)
134 client_args.append("--password=%s" % opts.client_password)
135 client_args.append("--domain=%s" % opts.client_domain)
136 client_args.append("--configfile=%s" % opts.config_file)
138 os.execv(ntlm_auth_path, client_args)
140 client_in = client_in_r
141 os.close(client_in_w)
143 client_out = client_out_w
144 os.close(client_out_r)
146 (server_in_r, server_in_w) = os.pipe()
147 (server_out_r, server_out_w) = os.pipe()
149 server_pid = os.fork()
152 # We're in the server child
156 os.dup2(server_out_r, 0)
157 os.close(server_out_r)
158 os.close(server_out_w)
160 os.dup2(server_in_w, 1)
161 os.close(server_in_r)
162 os.close(server_in_w)
165 server_args.append("--helper-protocol=%s" % opts.server_helper)
166 server_args.append("--username=%s" % opts.server_username)
167 server_args.append("--password=%s" % opts.server_password)
168 server_args.append("--domain=%s" % opts.server_domain)
169 server_args.append("--configfile=%s" % opts.config_file)
171 os.execv(ntlm_auth_path, server_args)
173 server_in = server_in_r
174 os.close(server_in_w)
176 server_out = server_out_w
177 os.close(server_out_r)
179 # We're in the parent
180 writeLine(client_out, "YR")
181 buf = readLine(client_in)
183 if buf.count("YR ", 0, 3) != 1:
186 writeLine(server_out, buf)
187 buf = readLine(server_in)
189 if buf.count("TT ", 0, 3) != 1:
192 writeLine(client_out, buf)
193 buf = readLine(client_in)
195 if buf.count("AF ", 0, 3) != 1:
198 # Client sends 'AF <base64 blob>' but server expects 'KK <abse64 blob>'
199 buf = buf.replace("AF", "KK", 1)
201 writeLine(server_out, buf)
202 buf = readLine(server_in)
204 if buf.count("AF ", 0, 3) != 1:
211 os.waitpid(server_pid, 0)
212 os.waitpid(client_pid, 0)
215 if __name__ == "__main__":
git.samba.org / samba.git / blob