s3-selftest: Add tests for ntlm_auth gss-spnego client and server

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Mar  2 07:05:44 CET 2012 on sn-devel-104

3 files changed, 46 insertions, 0 deletions

diff --git a/source3/script/tests/test_ntlm_auth_krb5.sh b/source3/script/tests/test_ntlm_auth_krb5.sh
new file mode 100755
index 0000000000..5989d01046
--- /dev/null
+++ b/source3/script/tests/test_ntlm_auth_krb5.sh
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+if [ $# -lt 2 ]; then
+cat <<EOF
+Usage: test_ntlm_auth_s3.sh PYTHON SRC3DIR NTLM_AUTH CCACHE SERVER
+EOF
+exit 1;
+fi
+
+PYTHON=$1
+SRC3DIR=$2
+NTLM_AUTH=$3
+CCACHE=$4
+SERVER=$5
+shift 5
+ADDARGS="$*"
+
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+failed=0
+
+KRB5CCNAME=$CCACHE
+export KRB5CCNAME
+
+# --server-use-winbindd is set so we know it isn't cheating and using the hard-coded passwords
+
+testit "ntlm_auth with krb5 gss-spnego-client and gss-spnego server" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --target-hostname=$SERVER --target-service=host --client-helper=gss-spnego-client --server-helper=gss-spnego --server-use-winbindd || failed=`expr $failed + 1`
+
+
+testok $0 $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index eab1356c00..778c1adf30 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -140,6 +140,11 @@ for env in ["s3dc", "member", "s3member"]:
 
     plantestsuite("samba3.ntlm_auth.(%s:local)" % env, "%s:local" % env, [os.path.join(samba3srcdir, "script/tests/test_ntlm_auth_s3.sh"), valgrindify(python), samba3srcdir, binpath('ntlm_auth3'),  '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', configuration])
 
+plantestsuite("samba3.ntlm_auth.krb5(ktest:local) old ccache", "ktest:local", [os.path.join(samba3srcdir, "script/tests/test_ntlm_auth_krb5.sh"), valgrindify(python), samba3srcdir, binpath('ntlm_auth3'), '$PREFIX/ktest/krb5_ccache-2', '$SERVER', configuration])
+
+plantestsuite("samba3.ntlm_auth.krb5(ktest:local)", "ktest:local", [os.path.join(samba3srcdir, "script/tests/test_ntlm_auth_krb5.sh"), valgrindify(python), samba3srcdir, binpath('ntlm_auth3'), '$PREFIX/ktest/krb5_ccache-3', '$SERVER', configuration])
+
+
 for env in ["secserver"]:
     plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) domain creds" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN\\\\$DC_USERNAME', '$DC_PASSWORD', binpath('smbclient3'), configuration + " --option=clientntlmv2auth=no"])
 
diff --git a/source3/torture/test_ntlm_auth.py b/source3/torture/test_ntlm_auth.py
index 1ee5b83bd7..cb181be243 100755
--- a/source3/torture/test_ntlm_auth.py
+++ b/source3/torture/test_ntlm_auth.py
@@ -81,6 +81,12 @@ def parseCommandLine():
 	parser.add_option("--client-helper", dest="client_helper",\
 				help="Helper mode for the ntlm_auth client. [default: ntlmssp-client-1]")
 
+	parser.add_option("--target-hostname", dest="target_hostname",\
+				help="Target hostname for kerberos")
+	parser.add_option("--target-service", dest="target_service",\
+				help="Target service for kerberos")
+
+
 	parser.add_option("--server-username", dest="server_username",\
 				help="User name server uses for local auth. [default: foo]")
 	parser.add_option("--server-password", dest="server_password",\
@@ -137,6 +143,10 @@ def main():
 		client_args.append("--password=%s" % opts.client_password)
 		client_args.append("--domain=%s" % opts.client_domain)
 		client_args.append("--configfile=%s" % opts.config_file)
+		if opts.target_service:
+			client_args.append("--target-service=%s" % opts.target_service)
+		if opts.target_hostname:
+			client_args.append("--target-hostname=%s" % opts.target_hostname)
 
 		os.execv(ntlm_auth_path, client_args)