server_helper="gss-spnego",
server_use_winbind=True)
self.assertFalse(ret)
+
+ def test_plaintext_with_membership(self):
+ """ ntlm_auth plaintext authentication with require-membership-of """
+
+ proc = Popen([self.ntlm_auth_path,
+ "--require-membership-of", self.group_sid,
+ "--helper-protocol", "squid-2.5-basic"],
+ stdout=PIPE, stdin=PIPE, stderr=PIPE)
+ creds = "%s%s%s %s\n" % (self.domain, self.winbind_separator,
+ self.username,
+ self.password)
+ (out, err) = proc.communicate(input=creds.encode('utf-8'))
+ self.assertEqual(proc.returncode, 0)
+ self.assertTrue(out.startswith(b"OK\n"))
failed=0
-test_plaintext_check_output_stdout()
-{
- tmpfile=$PREFIX/ntlm_commands
-
- cat > $tmpfile <<EOF
-$DOMAIN/$USERNAME $PASSWORD
-EOF
- cmd='$NTLM_AUTH "$@" --require-membership-of=$SID --helper-protocol=squid-2.5-basic < $tmpfile 2>&1'
- eval echo "$cmd"
- out=`eval $cmd`
- ret=$?
- rm -f $tmpfile
-
- if [ $ret != 0 ] ; then
- echo "$out"
- echo "command failed"
- false
- return
- fi
-
- echo "$out" | grep "OK" >/dev/null 2>&1
-
- if [ $? = 0 ] ; then
- # authenticated .. succeed
- true
- else
- echo failed to get successful authentication
- false
- fi
-}
-
test_plaintext_check_output_fail()
{
tmpfile=$PREFIX/ntlm_commands
}
# This should work even with NTLMv2
-testit "ntlm_auth plaintext authentication with require-membership-of" test_plaintext_check_output_stdout || failed=`expr $failed + 1`
testit "ntlm_auth plaintext authentication with failed require-membership-of" test_plaintext_check_output_fail || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with fixed password" test_ntlm_server_1_check_output || failed=`expr $failed + 1`