summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-06-24 18:16:48 +1000
committerAndrew Bartlett <abartlet@samba.org>2012-06-24 23:46:10 +1000
commit0eab44c2978553bda303c43875d626fddf32363d (patch)
treef37a541b7a329e3d5d5c4559d92839d90cceb718
parentf199c5dbc09912a185feda5aa87dc82e2800ad6a (diff)
downloadsamba-0eab44c2978553bda303c43875d626fddf32363d.tar.gz
samba-0eab44c2978553bda303c43875d626fddf32363d.tar.bz2
samba-0eab44c2978553bda303c43875d626fddf32363d.zip
selftest: Test unix.whoami with kerberos on plugin_s4_dc
This also tests the comparison with LDAP on anonymous connections and marks this as knownfail, while we investigate the correct behaviour here. Andrew Bartlett
-rw-r--r--selftest/knownfail1
-rwxr-xr-xsource3/selftest/tests.py7
-rw-r--r--source4/torture/unix/whoami.c20
3 files changed, 10 insertions, 18 deletions
diff --git a/selftest/knownfail b/selftest/knownfail
index 4206aa7acb..d7078d6e04 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -39,6 +39,7 @@
^samba3.raw.samba3checkfsp.samba3checkfsp\(s3dc\) # This test fails against an smbd environment with NT ACLs enabled
^samba3.raw.samba3closeerr.samba3closeerr\(s3dc\) # This test fails against an smbd environment with NT ACLs enabled
^samba3.raw.acls.generic\(s3dc\) # This fails against smbd
+^samba3.unix.whoami anonymous connection.whoami\(plugin_s4_dc\) # We need to resolve if we should be including SID_NT_WORLD and SID_NT_NETWORK in this token
# these show that we still have some differences between our system
# with our internal iconv because it passes except when we bypass our
# internal iconv modules
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 11056b9c8a..4aedbf852a 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -303,8 +303,11 @@ for t in tests:
plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=doscharset=ISO-8859-1')
plansmbtorturetestsuite(t, "plugin_s4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=doscharset=ISO-8859-1')
elif t == "unix.whoami":
- plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD')
- plansmbtorturetestsuite(t, "plugin_s4_dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD --option=torture:addc=true')
+ plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
+ plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U%', description='anonymous connection')
+ plansmbtorturetestsuite(t, "plugin_s4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=torture:addc=true')
+ plansmbtorturetestsuite(t, "plugin_s4_dc", '//$SERVER/tmp -k yes -U$USERNAME%$PASSWORD --option=torture:addc=true', description='kerberos connection')
+ plansmbtorturetestsuite(t, "plugin_s4_dc", '//$SERVER_IP/tmpguest -U% --option=torture:addc=true', description='anonymous connection')
elif t == "raw.samba3posixtimedlock":
plansmbtorturetestsuite(t, "s3dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD --option=torture:localdir=$SELFTEST_PREFIX/s3dc/share')
plansmbtorturetestsuite(t, "plugin_s4_dc", '//$SERVER_IP/tmpguest -U$USERNAME%$PASSWORD --option=torture:localdir=$SELFTEST_PREFIX/plugin_s4_dc/share')
diff --git a/source4/torture/unix/whoami.c b/source4/torture/unix/whoami.c
index 302282752a..8f608a8f67 100644
--- a/source4/torture/unix/whoami.c
+++ b/source4/torture/unix/whoami.c
@@ -297,7 +297,6 @@ static bool test_against_ldap(struct torture_context *torture, struct ldb_contex
bool torture_unix_whoami(struct torture_context *torture)
{
struct smbcli_state *cli;
- struct cli_credentials *anon_credentials;
struct smb_whoami whoami;
bool ret;
struct ldb_context *ldb;
@@ -335,26 +334,15 @@ bool torture_unix_whoami(struct torture_context *torture)
smbcli_tdis(cli);
- torture_comment(torture, "calling SMB_QFS_POSIX_WHOAMI on an anonymous connection\n");
- anon_credentials = cli_credentials_init_anon(torture);
-
- cli = connect_to_server(torture, anon_credentials);
- torture_assert(torture, cli, "calling SMB_QFS_POSIX_WHOAMI on an anonymous connection");
-
- torture_assert_goto(torture, smb_raw_query_posix_whoami(torture, torture,
- cli, &whoami, 0xFFFF), ret, fail,
- "calling SMB_QFS_POSIX_WHOAMI on an anonymous connection");
-
- smbcli_tdis(cli);
-
/* Check that our anonymous login mapped us to guest on the server, but
* only if the server supports this.
*/
if (whoami.mapping_mask & SMB_WHOAMI_GUEST) {
+ bool guest = whoami.mapping_flags & SMB_WHOAMI_GUEST;
printf("checking whether we were logged in as guest... %s\n",
- whoami.mapping_flags & SMB_WHOAMI_GUEST ? "YES" : "NO");
- torture_assert(torture, whoami.mapping_flags & SMB_WHOAMI_GUEST,
- "anonymous login did not map to guest");
+ guest ? "YES" : "NO");
+ torture_assert(torture, cli_credentials_is_anonymous(cmdline_credentials) == guest,
+ "login did not credentials map to guest");
} else {
printf("server does not support SMB_WHOAMI_GUEST flag\n");
}