lines = out.split(b"\n")
self.assertEqual(len(lines), 5)
self.assertEquals(lines[0], b"Authenticated: No")
+
+ def test_ntlm_server_1_with_plaintext_winbind(self):
+ """ ntlm_auth ntlm-server-1 with plaintext password against winbind """
+
+ ntlm_cmds = [
+ "Password: %s" % self.password,
+ "NT-Domain: %s" % self.domain,
+ "Username: %s" % self.username,
+ "Request-User-Session-Key: Yes",
+ ".\n" ]
+
+ proc = Popen([self.ntlm_auth_path,
+ "--require-membership-of", self.group_sid,
+ "--helper-protocol", "ntlm-server-1"],
+ stdout=PIPE, stdin=PIPE, stderr=PIPE)
+ buf = "\n".join(ntlm_cmds)
+ (out, err) = proc.communicate(input=buf.encode('utf-8'))
+ self.assertEqual(proc.returncode, 0)
+
+ lines = out.split(b"\n")
+
+ self.assertEqual(len(lines), 3)
+ self.assertEquals(lines[0], b"Authenticated: Yes")
+ self.assertEquals(lines[1], b".")
+ self.assertEquals(lines[2], b"")
failed=0
-test_ntlm_server_1_check_winbind_output()
-{
- tmpfile=$PREFIX/ntlm_commands
-
- # This isn't the correct password
- cat > $tmpfile <<EOF
-Password: $PASSWORD
-NT-Domain: $DOMAIN
-Username: $USERNAME
-Request-User-Session-Key: Yes
-.
-EOF
- cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$SID < $tmpfile 2>&1'
- eval echo "$cmd"
- out=`eval $cmd`
- ret=$?
- rm -f $tmpfile
-
- if [ $ret != 0 ] ; then
- echo "$out"
- echo "command failed"
- false
- return
- fi
-
- echo "$out" | grep "Authenticated: Yes" >/dev/null 2>&1
-
- if [ $? = 0 ] ; then
- # authenticated .. success
- true
- else
- echo "Failed to authenticate the user or match with SID $SID"
- false
- fi
-}
-
test_ntlm_server_1_check_winbind_output_wrong_sid()
{
tmpfile=$PREFIX/ntlm_commands
}
# This should work even with NTLMv2
-testit "ntlm_auth ntlm-server-1 with plaintext password against winbind" test_ntlm_server_1_check_winbind_output || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid" test_ntlm_server_1_check_winbind_output_wrong_sid || failed=`expr $failed + 1`
testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1`