git.samba.org / samba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
s3-selftst Add encrypted CIFS testing with kerberos
[samba.git] / source3 / selftest / tests.py
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index ff350eba4cad0d59a82531b498425c427aa781ec..86fc8d11b2502b6d0e5da56ff0ecd1c18c247e1e 100755 (executable)
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -22,12 +22,29 @@ import os, sys
 sys.path.insert(0, os.path.normpath(os.path.join(os.path.dirname(__file__), "../../selftest")))
 from selftesthelpers import *
 import subprocess
-
 smb4torture = binpath("smbtorture4")
 samba3srcdir = srcdir() + "/source3"
 configuration = "--configfile=$SMB_CONF_PATH"
 scriptdir=os.path.join(samba3srcdir, "../script/tests")
 
+# see if we support ADS on the Samba3 side
+try:
+    config_h = os.environ["CONFIG_H"]
+except KeyError:
+    config_h = os.path.join(samba3srcdir, "include/autoconf/config.h")
+
+f = open(config_h, 'r')
+try:
+    have_ads_support = ("HAVE_LDAP 1" in f.read())
+finally:
+    f.close()
+
+f = open(config_h, 'r')
+try:
+    have_ads_support &= ("HAVE_KRB5 1" in f.read())
+finally:
+    f.close()
+
 torture_options = [configuration, "--maximum-runtime=$SELFTEST_MAXTIME", 
                    "--target=samba3", "--basedir=$SELFTEST_TMPDIR",
                    '--option="torture:winbindd_netbios_name=$SERVER"',
@@ -41,16 +58,23 @@ if os.getenv("SELFTEST_QUICK"):
     torture_options.append("--option=torture:quick=yes")
 smb4torture += " " + " ".join(torture_options)
 
+sub = subprocess.Popen("%s --version 2> /dev/null" % smb4torture, stdout=subprocess.PIPE, stdin=subprocess.PIPE, shell=True)
+sub.communicate("")
+smb4torture_possible = (sub.returncode == 0)
+
 def plansmbtorturetestsuite(name, env, options, description=''):
     modname = "samba3.posix_s3.%s %s" % (name, description)
     cmdline = "%s $LISTOPT %s %s" % (valgrindify(smb4torture), options, name)
-    plantestsuite_loadlist(modname, env, cmdline)
+    if smb4torture_possible:
+        plantestsuite_loadlist(modname, env, cmdline)
 
 plantestsuite("samba3.blackbox.success", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_success.sh")])
 plantestsuite("samba3.blackbox.failure", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_failure.sh")])
 
 plantestsuite("samba3.local_s3", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_local_s3.sh")])
 
+plantestsuite("samba3.blackbox.registry.upgrade", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_registry_upgrade.sh"), binpath('net'), binpath('dbwrap_tool')])
+
 tests=[ "FDPASS", "LOCK1", "LOCK2", "LOCK3", "LOCK4", "LOCK5", "LOCK6", "LOCK7", "LOCK9",
         "UNLINK", "BROWSE", "ATTR", "TRANS2", "TORTURE",
         "OPLOCK1", "OPLOCK2", "OPLOCK4", "STREAMERROR",
@@ -59,14 +83,35 @@ tests=[ "FDPASS", "LOCK1", "LOCK2", "LOCK3", "LOCK4", "LOCK5", "LOCK6", "LOCK7",
         "TCON2", "IOCTL", "CHKPATH", "FDSESS", "LOCAL-SUBSTITUTE", "CHAIN1", "CHAIN2",
         "GETADDRINFO", "POSIX", "UID-REGRESSION-TEST", "SHORTNAME-TEST",
         "LOCAL-BASE64", "LOCAL-GENCACHE", "POSIX-APPEND",
-        "CASE-INSENSITIVE-CREATE", "SMB2-BASIC",
-        "BAD-NBT-SESSION",
-        "LOCAL-string_to_sid", "LOCAL-CONVERT-STRING" ]
+        "CASE-INSENSITIVE-CREATE", "SMB2-BASIC", "NTTRANS-FSCTL", "SMB2-NEGPROT",
+        "CLEANUP1",
+        "CLEANUP2",
+        "BAD-NBT-SESSION"]
 
 for t in tests:
     plantestsuite("samba3.smbtorture_s3.plain(s3dc).%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', binpath('smbtorture3'), "", "-l $LOCAL_PATH"])
     plantestsuite("samba3.smbtorture_s3.crypt(s3dc).%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', binpath('smbtorture3'), "-e", "-l $LOCAL_PATH"])
 
+local_tests=[
+       "LOCAL-SUBSTITUTE",
+       "LOCAL-GENCACHE",
+       "LOCAL-TALLOC-DICT",
+       "LOCAL-BASE64",
+       "LOCAL-RBTREE",
+       "LOCAL-MEMCACHE",
+       "LOCAL-STREAM-NAME",
+       "LOCAL-WBCLIENT",
+       "LOCAL-string_to_sid",
+       "LOCAL-binary_to_sid",
+       "LOCAL-DBTRANS",
+       "LOCAL-TEVENT-SELECT",
+       "LOCAL-CONVERT-STRING",
+       "LOCAL-CONV-AUTH-INFO",
+       "LOCAL-sprintf_append"]
+
+for t in local_tests:
+    plantestsuite("samba3.smbtorture_s3.%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', binpath('smbtorture3'), "-e"])
+
 tests=["--ping", "--separator",
        "--own-domain",
        "--all-domains",
@@ -191,6 +236,7 @@ rpc = ["rpc.authcontext", "rpc.samba3.bind", "rpc.samba3.srvsvc", "rpc.samba3.sh
        "rpc.lsa.privileges", "rpc.lsa.secrets",
        "rpc.samr", "rpc.samr.users", "rpc.samr.users.privileges", "rpc.samr.passwords",
        "rpc.samr.passwords.pwdlastset", "rpc.samr.large-dc", "rpc.samr.machine.auth",
+       "rpc.samr.priv",
        "rpc.netlogon.admin",
        "rpc.schannel", "rpc.schannel2", "rpc.bench-schannel1", "rpc.join", "rpc.bind"]
 
@@ -208,38 +254,37 @@ libsmbclient = ["libsmbclient"]
 
 tests= base + raw + smb2 + rpc + unix + local + winbind + rap + nbt + libsmbclient
 
-sub = subprocess.Popen("%s --version 2> /dev/null" % smb4torture, stdout=subprocess.PIPE, stdin=subprocess.PIPE, shell=True)
-sub.communicate("")
-
-if sub.returncode == 0:
-    for t in tests:
-        if t == "base.delaywrite":
-            plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --maximum-runtime=900')
-        elif t == "rap.sam":
-            plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=doscharset=ISO-8859-1')
-        elif t == "unix.whoami":
-            plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD')
-        elif t == "raw.samba3posixtimedlock":
-            plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD --option=torture:localdir=$SELFTEST_PREFIX/s3dc/share')
-        elif t == "raw.chkpath":
-            plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpcase -U$USERNAME%$PASSWORD')
-        else:
-            plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
-
-
-    test = 'rpc.lsa.lookupsids'
-    auth_options = ["", "ntlm", "spnego" ]
-    signseal_options = ["", ",connect", ",sign", ",seal"]
-    smb_options = ["", ",smb2"]
-    endianness_options = ["", ",bigendian"]
-    for z in smb_options:
-        for s in signseal_options:
-            for e in endianness_options:
-                for a in auth_options:
-                    binding_string = "ncacn_np:$SERVER[%s%s%s%s]" % (a, s, z, e)
-                    options = binding_string + " -U$USERNAME%$PASSWORD"
-                    plansmbtorturetestsuite(test, "s3dc", options, 'over ncacn_np with [%s%s%s%s] ' % (a, s, z, e))
+for t in tests:
+    if t == "base.delaywrite":
+        plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --maximum-runtime=900')
+    elif t == "rap.sam":
+        plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=doscharset=ISO-8859-1')
+    elif t == "unix.whoami":
+        plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD')
+    elif t == "raw.samba3posixtimedlock":
+        plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD --option=torture:localdir=$SELFTEST_PREFIX/s3dc/share')
+    elif t == "raw.chkpath":
+        plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpcase -U$USERNAME%$PASSWORD')
+    else:
+        plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
+
+
+test = 'rpc.lsa.lookupsids'
+auth_options = ["", "ntlm", "spnego", "spnego,ntlm" ]
+signseal_options = ["", ",connect", ",sign", ",seal"]
+smb_options = ["", ",smb2"]
+endianness_options = ["", ",bigendian"]
+for z in smb_options:
+    for s in signseal_options:
+        for e in endianness_options:
+            for a in auth_options:
+                binding_string = "ncacn_np:$SERVER[%s%s%s%s]" % (a, s, z, e)
+                options = binding_string + " -U$USERNAME%$PASSWORD"
+                plansmbtorturetestsuite(test, "s3dc", options, 'over ncacn_np with [%s%s%s%s] ' % (a, s, z, e))
+                plantestsuite("samba3.blackbox.rpcclient over ncacn_np with [%s%s%s%s] " % (a, s, z, e), "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_rpcclient.sh"),
+                                                                 "none", options, configuration])
 
+        if have_ads_support:
             # We should try more combinations in future, but this is all
             # the pre-calculated credentials cache supports at the moment
             e = ""
@@ -251,18 +296,37 @@ if sub.returncode == 0:
             options = binding_string + " -k yes --krb5-ccache=$PREFIX/ktest/krb5_ccache-3"
             plansmbtorturetestsuite(test, "ktest", options, 'over kerberos ncacn_np with [%s%s%s%s] ' % (a, s, z, e))
 
+            auth_options2 = ["krb5", "spnego,krb5"]
+            for a in auth_options2:
+                binding_string = "ncacn_np:$SERVER[%s%s%s%s]" % (a, s, z, e)
 
+                plantestsuite("samba3.blackbox.rpcclient over kerberos with ncacn_np with [%s%s%s%s] " % (a, s, z, e), "ktest:local", [os.path.join(samba3srcdir, "script/tests/test_rpcclient.sh"),
+                                                                                                                                  "$PREFIX/ktest/krb5_ccache-3", binding_string, "-k", configuration])
 
-    for e in endianness_options:
-        for a in auth_options:
-            for s in signseal_options:
-                binding_string = "ncacn_ip_tcp:$SERVER_IP[%s%s%s]" % (a, s, e)
-                options = binding_string + " -U$USERNAME%$PASSWORD"
-                plansmbtorturetestsuite(test, "s3dc", options, 'over ncacn_ip_tcp with [%s%s%s] ' % (a, s, e))
 
-    test = 'rpc.epmapper'
-    env = 's3dc:local'
-    binding_string = 'ncalrpc:'
-    options = binding_string + " -U$USERNAME%$PASSWORD"
+if have_ads_support:
+    options_list = ["", "-E"]
+    for options in options_list:
+        plantestsuite("samba3.blackbox.smbclient_krb5 old ccache %s" % options, "ktest:local", 
+                      [os.path.join(samba3srcdir, "script/tests/test_smbclient_krb5.sh"),
+                       "$PREFIX/ktest/krb5_ccache-2", 
+                       binpath('smbclient3'), "$SERVER", options, configuration])
+
+        plantestsuite("samba3.blackbox.smbclient_krb5 %s" % options, "ktest:local", 
+                      [os.path.join(samba3srcdir, "script/tests/test_smbclient_krb5.sh"),
+                       "$PREFIX/ktest/krb5_ccache-3", 
+                       binpath('smbclient3'), "$SERVER", options, configuration])
+
+for e in endianness_options:
+    for a in auth_options:
+        for s in signseal_options:
+            binding_string = "ncacn_ip_tcp:$SERVER_IP[%s%s%s]" % (a, s, e)
+            options = binding_string + " -U$USERNAME%$PASSWORD"
+            plansmbtorturetestsuite(test, "s3dc", options, 'over ncacn_ip_tcp with [%s%s%s] ' % (a, s, e))
+
+test = 'rpc.epmapper'
+env = 's3dc:local'
+binding_string = 'ncalrpc:'
+options = binding_string + " -U$USERNAME%$PASSWORD"
 
-    plansmbtorturetestsuite(test, env, options, 'over ncalrpc')
+plansmbtorturetestsuite(test, env, options, 'over ncalrpc')
Samba Shared Repository