tests/ntlm_auth: Port ntlm_auth tests to python: ntlm_auth ntlm-server-1 with plainte...

Port ntlm_auth bash script tests to python

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/python/samba/tests/ntlm_auth.py b/python/samba/tests/ntlm_auth.py
index ff8310d08d4dbf4e75684c355daa2af2d3c04beb..357afdb5c591f88463e7103c5630808994cc8c33 100644 (file)
--- a/python/samba/tests/ntlm_auth.py
+++ b/python/samba/tests/ntlm_auth.py
@@ -248,3 +248,28 @@ class NTLMAuthHelpersTests(NTLMAuthTestCase):
         lines = out.split(b"\n")
         self.assertEqual(len(lines), 5)
         self.assertEquals(lines[0], b"Authenticated: No")
+
+    def test_ntlm_server_1_with_plaintext_winbind(self):
+        """ ntlm_auth ntlm-server-1 with plaintext password against winbind """
+
+        ntlm_cmds = [
+            "Password: %s" % self.password,
+            "NT-Domain: %s" % self.domain,
+            "Username: %s" % self.username,
+            "Request-User-Session-Key: Yes",
+            ".\n" ]
+
+        proc = Popen([self.ntlm_auth_path,
+                      "--require-membership-of", self.group_sid,
+                      "--helper-protocol", "ntlm-server-1"],
+                      stdout=PIPE, stdin=PIPE, stderr=PIPE)
+        buf = "\n".join(ntlm_cmds)
+        (out, err) = proc.communicate(input=buf.encode('utf-8'))
+        self.assertEqual(proc.returncode, 0)
+
+        lines = out.split(b"\n")
+
+        self.assertEqual(len(lines), 3)
+        self.assertEquals(lines[0], b"Authenticated: Yes")
+        self.assertEquals(lines[1], b".")
+        self.assertEquals(lines[2], b"")

diff --git a/source3/script/tests/test_ntlm_auth_s3.sh b/source3/script/tests/test_ntlm_auth_s3.sh
index b41368c4e3b8e64cb0d6e346c58dcf1df26f90fd..4048b804be2065449dd9b502e862818789355e7e 100755 (executable)
--- a/source3/script/tests/test_ntlm_auth_s3.sh
+++ b/source3/script/tests/test_ntlm_auth_s3.sh
@@ -24,42 +24,6 @@ BADSID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1 | sed 's/..$//'`
 
 failed=0
 
-test_ntlm_server_1_check_winbind_output()
-{
-       tmpfile=$PREFIX/ntlm_commands
-
-       # This isn't the correct password
-       cat > $tmpfile <<EOF
-Password: $PASSWORD
-NT-Domain: $DOMAIN
-Username: $USERNAME
-Request-User-Session-Key: Yes
-.
-EOF
-       cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$SID < $tmpfile 2>&1'
-       eval echo "$cmd"
-       out=`eval $cmd`
-       ret=$?
-       rm -f $tmpfile
-
-       if [ $ret != 0 ] ; then
-               echo "$out"
-               echo "command failed"
-               false
-               return
-       fi
-
-       echo "$out" | grep "Authenticated: Yes" >/dev/null 2>&1
-
-       if [ $? = 0 ] ; then
-               # authenticated .. success
-               true
-       else
-               echo "Failed to authenticate the user or match with SID $SID"
-               false
-       fi
-}
-
 test_ntlm_server_1_check_winbind_output_wrong_sid()
 {
        tmpfile=$PREFIX/ntlm_commands
@@ -134,7 +98,6 @@ EOF
 }
 
 # This should work even with NTLMv2
-testit "ntlm_auth ntlm-server-1 with plaintext password against winbind" test_ntlm_server_1_check_winbind_output || failed=`expr $failed + 1`
 testit "ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid" test_ntlm_server_1_check_winbind_output_wrong_sid || failed=`expr $failed + 1`
 testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1`