diff options
author | Andrew Bartlett <abartlet@samba.org> | 2008-03-28 21:57:15 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2008-03-28 21:57:15 +1100 |
commit | 142fbfb3c1f9f8cda7f0edaa801f8345f23d805f (patch) | |
tree | 8471bcd9a25ee25f7323fe4af7b8fb70ac31b211 /testprogs | |
parent | 8f8c56bfbcbfe8f80afb09eb1d481a108b252bee (diff) | |
download | samba-142fbfb3c1f9f8cda7f0edaa801f8345f23d805f.tar.gz samba-142fbfb3c1f9f8cda7f0edaa801f8345f23d805f.tar.bz2 samba-142fbfb3c1f9f8cda7f0edaa801f8345f23d805f.zip |
Fix and test python scripts and kerberos
This fixes up the python credentials interface in a number of areas,
with the aim of supporting '-k yes' as a command line option. (This
enables the use of kerberos).
As such, I've had to change the get_credentials call to take a
loadparm context, so that the credentials can be initialised
correctly.
The test_kinit script has been modified to prove that this continues
to work, as well as to provide greater code coverage of the kerberos
paths.
Andrew Bartlett
(This used to be commit 727ef40c2b56910028ef3c1092b8eab1bfa6ce63)
Diffstat (limited to 'testprogs')
-rwxr-xr-x | testprogs/blackbox/test_kinit.sh | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/testprogs/blackbox/test_kinit.sh b/testprogs/blackbox/test_kinit.sh index d4eff07c8d..dbcdcf1112 100755 --- a/testprogs/blackbox/test_kinit.sh +++ b/testprogs/blackbox/test_kinit.sh @@ -23,6 +23,7 @@ samba4bindir=`dirname $0`/../../source/bin smbclient=$samba4bindir/smbclient samba4kinit=$samba4bindir/samba4kinit net=$samba4bindir/net +enableaccount="$samba4bindir/smbpython `dirname $0`/../../source/setup/enableaccount" testit() { name="$1" @@ -60,8 +61,10 @@ KRB5CCNAME="$PREFIX/tmpccache" export KRB5CCNAME echo $PASSWORD > ./tmppassfile +#testit "kinit with keytab" $samba4kinit --keytab=$PREFIX/dc/private/secrets.keytab $SERVER\$@$REALM || failed=`expr $failed + 1` testit "kinit with password" $samba4kinit --password-file=./tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1` -testit "kinit with pkinit" $samba4kinit --request-pac --pk-user=FILE:$PREFIX/dc/private/tls/admincert.pem,$PREFIX/dc/private/tls/adminkey.pem $USERNAME@$REALM || failed=`expr $failed + 1` +testit "kinit with pkinit" $samba4kinit --request-pac --renewable --pk-user=FILE:$PREFIX/dc/private/tls/admincert.pem,$PREFIX/dc/private/tls/adminkey.pem $USERNAME@$REALM || failed=`expr $failed + 1` +testit "kinit renew ticket" $samba4kinit --request-pac -R test_smbclient "Test login with kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` @@ -70,18 +73,23 @@ testit "check time with kerberos ccache" $VALGRIND $net time $SERVER $CONFIGURAT testit "add user with kerberos ccache" $VALGRIND $net user add nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` USERPASS=testPass@12% +echo $USERPASS > ./tmpuserpassfile testit "set user password with kerberos ccache" $VALGRIND $net password set $DOMAIN\\nettestuser $USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` -#KRB5CCNAME=`pwd`/tmpuserccache -#export KRB5CCNAME -# -#testit "kinit with user password" bin/samba4kinit --password-file=./tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` -# -#KRB5CCNAME=`pwd`/tmpccache -#export KRB5CCNAME +testit "enable user with kerberos cache" $VALGRIND $enableaccount nettestuser -H ldap://$SERVER -k yes $@ || failed=`expr $failed + 1` -testit "del user with kerberos ccache" $VALGRIND $net user delete nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` +KRB5CCNAME="$PREFIX/tmpuserccache" +export KRB5CCNAME + +testit "kinit with user password" $samba4bindir/samba4kinit --password-file=./tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` + +test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` + +KRB5CCNAME="$PREFIX/tmpccache" +export KRB5CCNAME + +testit "del user with kerberos ccache" $VALGRIND $net user delete nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` -rm -f tmpccfile tmppassfile tmpuserccache +rm -f tmpccfile tmppassfile tmpuserpassfile tmpuserccache exit $failed |