failed=0
-test_plaintext_check_output_stdout()
-{
- tmpfile=$PREFIX/ntlm_commands
-
- cat > $tmpfile <<EOF
-$DOMAIN/$USERNAME $PASSWORD
-EOF
- cmd='$NTLM_AUTH "$@" --require-membership-of=$SID --helper-protocol=squid-2.5-basic < $tmpfile 2>&1'
- eval echo "$cmd"
- out=`eval $cmd`
- ret=$?
- rm -f $tmpfile
-
- if [ $ret != 0 ] ; then
- echo "$out"
- echo "command failed"
- false
- return
- fi
-
- echo "$out" | grep "OK" >/dev/null 2>&1
-
- if [ $? = 0 ] ; then
- # authenticated .. succeed
- true
- else
- echo failed to get successful authentication
- false
- fi
-}
-
-test_plaintext_check_output_fail()
-{
- tmpfile=$PREFIX/ntlm_commands
-
- cat > $tmpfile <<EOF
-$DOMAIN\\$USERNAME $PASSWORD
-EOF
- cmd='$NTLM_AUTH "$@" --require-membership-of=$BADSID --helper-protocol=squid-2.5-basic < $tmpfile 2>&1'
- eval echo "$cmd"
- out=`eval $cmd`
- ret=$?
- rm -f $tmpfile
-
- if [ $ret != 0 ] ; then
- echo "$out"
- echo "command failed"
- false
- return
- fi
-
- echo "$out" | grep "ERR" >/dev/null 2>&1
-
- if [ $? = 0 ] ; then
- # failed to authenticate .. success
- true
- else
- echo "incorrectly gave a successful authentication"
- false
- fi
-}
-
-test_ntlm_server_1_check_output()
-{
- tmpfile=$PREFIX/ntlm_commands
-
- cat > $tmpfile <<EOF
-LANMAN-Challenge: 0123456789abcdef
-NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
-NT-Domain: TEST
-Username: testuser
-Request-User-Session-Key: Yes
-.
-EOF
- cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --password=SecREt01< $tmpfile 2>&1'
- eval echo "$cmd"
- out=`eval $cmd`
- ret=$?
- rm -f $tmpfile
-
- if [ $ret != 0 ] ; then
- echo "$out"
- echo "command failed"
- false
- return
- fi
-
- echo "$out" | grep "User-Session-Key: 3F373EA8E4AF954F14FAA506F8EEBDC4" >/dev/null 2>&1
-
- if [ $? = 0 ] ; then
- # authenticated .. succeed
- true
- else
- echo failed to get successful authentication
- false
- fi
-}
-
-test_ntlm_server_1_check_output_fail()
-{
- tmpfile=$PREFIX/ntlm_commands
-
- # Break the password with a leading A on the challenge
- cat > $tmpfile <<EOF
-LANMAN-Challenge: A123456789abcdef
-NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
-NT-Domain: TEST
-Username: testuser
-Request-User-Session-Key: Yes
-.
-EOF
- cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --password=SecREt01 < $tmpfile 2>&1'
- eval echo "$cmd"
- out=`eval $cmd`
- ret=$?
- rm -f $tmpfile
-
- if [ $ret != 0 ] ; then
- echo "$out"
- echo "command failed"
- false
- return
- fi
-
- echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
-
- if [ $? = 0 ] ; then
- # failed to authenticate .. success
- true
- else
- echo "incorrectly gave a successful authentication"
- false
- fi
-}
-
test_ntlm_server_1_check_winbind_output()
{
tmpfile=$PREFIX/ntlm_commands
}
# This should work even with NTLMv2
-testit "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS --require-membership-of=$SID || failed=`expr $failed + 1`
-
-testit_expect_failure "ntlm_auth against winbindd with failed require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd $ADDARGS --require-membership-of=$BADSID && failed=`expr $failed + 1`
-testit_expect_failure "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with failed require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS --require-membership-of=$BADSID && failed=`expr $failed + 1`
-
-testit "ntlm_auth plaintext authentication with require-membership-of" test_plaintext_check_output_stdout || failed=`expr $failed + 1`
-testit "ntlm_auth plaintext authentication with failed require-membership-of" test_plaintext_check_output_fail || failed=`expr $failed + 1`
-
-testit "ntlm_auth ntlm-server-1 with fixed password" test_ntlm_server_1_check_output || failed=`expr $failed + 1`
-testit "ntlm_auth ntlm-server-1 with incorrect fixed password" test_ntlm_server_1_check_output_fail || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with plaintext password against winbind" test_ntlm_server_1_check_winbind_output || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid" test_ntlm_server_1_check_winbind_output_wrong_sid || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1`
git.samba.org / samba.git / blobdiff