summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsource3/script/tests/test_ntlm_auth_s3.sh3
-rwxr-xr-xsource3/torture/test_ntlm_auth.py95
2 files changed, 79 insertions, 19 deletions
diff --git a/source3/script/tests/test_ntlm_auth_s3.sh b/source3/script/tests/test_ntlm_auth_s3.sh
index 1655d7518b..ca7a952b74 100755
--- a/source3/script/tests/test_ntlm_auth_s3.sh
+++ b/source3/script/tests/test_ntlm_auth_s3.sh
@@ -25,6 +25,9 @@ testit "ntlm_auth" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARG
# This should work even with NTLMv2
testit "ntlm_auth with specified domain" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --client-domain=fOo --server-domain=fOo || failed=`expr $failed + 1`
testit "ntlm_auth against winbindd" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd $ADDARGS || failed=`expr $failed + 1`
+testit "ntlm_auth with NTLMSSP client and gss-spnego server" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --client-domain=fOo --server-domain=fOo --client-helper=ntlmssp-client-1 --server-helper=gss-spnego || failed=`expr $failed + 1`
+testit "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --client-domain=fOo --server-domain=fOo --client-helper=gss-spnego-client --server-helper=gss-spnego || failed=`expr $failed + 1`
+testit "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS || failed=`expr $failed + 1`
testok $0 $failed
diff --git a/source3/torture/test_ntlm_auth.py b/source3/torture/test_ntlm_auth.py
index be725485a0..386bfb7f0c 100755
--- a/source3/torture/test_ntlm_auth.py
+++ b/source3/torture/test_ntlm_auth.py
@@ -181,33 +181,90 @@ def main():
server_out = server_out_w
os.close(server_out_r)
- # We're in the parent
- writeLine(client_out, "YR")
- buf = readLine(client_in)
+ if opts.client_helper == "ntlmssp-client-1" and opts.server_helper == "squid-2.5-ntlmssp":
- if buf.count("YR ", 0, 3) != 1:
- sys.exit(1)
+ # We're in the parent
+ writeLine(client_out, "YR")
+ buf = readLine(client_in)
+
+ if buf.count("YR ", 0, 3) != 1:
+ sys.exit(1)
+
+ writeLine(server_out, buf)
+ buf = readLine(server_in)
- writeLine(server_out, buf)
- buf = readLine(server_in)
+ if buf.count("TT ", 0, 3) != 1:
+ sys.exit(2)
- if buf.count("TT ", 0, 3) != 1:
- sys.exit(2)
+ writeLine(client_out, buf)
+ buf = readLine(client_in)
+
+ if buf.count("AF ", 0, 3) != 1:
+ sys.exit(3)
- writeLine(client_out, buf)
- buf = readLine(client_in)
+ # Client sends 'AF <base64 blob>' but server expects 'KK <abse64 blob>'
+ buf = buf.replace("AF", "KK", 1)
+
+ writeLine(server_out, buf)
+ buf = readLine(server_in)
+
+ if buf.count("AF ", 0, 3) != 1:
+ sys.exit(4)
+
+
+ if opts.client_helper == "ntlmssp-client-1" and opts.server_helper == "gss-spnego":
+ # We're in the parent
+ writeLine(client_out, "YR")
+ buf = readLine(client_in)
+
+ if buf.count("YR ", 0, 3) != 1:
+ sys.exit(1)
+
+ writeLine(server_out, buf)
+ buf = readLine(server_in)
+
+ if buf.count("TT ", 0, 3) != 1:
+ sys.exit(2)
+
+ writeLine(client_out, buf)
+ buf = readLine(client_in)
+
+ if buf.count("AF ", 0, 3) != 1:
+ sys.exit(3)
+
+ # Client sends 'AF <base64 blob>' but server expects 'KK <abse64 blob>'
+ buf = buf.replace("AF", "KK", 1)
+
+ writeLine(server_out, buf)
+ buf = readLine(server_in)
+
+ if buf.count("AF * ", 0, 5) != 1:
+ sys.exit(4)
+
+
+ if opts.client_helper == "gss-spnego-client" and opts.server_helper == "gss-spnego":
+ # We're in the parent
+ writeLine(server_out, "YR")
+ buf = readLine(server_in)
+
+ while True:
+ if buf.count("AF ", 0, 3) != 1 and buf.count("TT ", 0, 3) != 1:
+ sys.exit(1)
- if buf.count("AF ", 0, 3) != 1:
- sys.exit(3)
+ writeLine(client_out, buf)
+ buf = readLine(client_in)
+
+ if buf.count("AF", 0, 2) == 1:
+ break
- # Client sends 'AF <base64 blob>' but server expects 'KK <abse64 blob>'
- buf = buf.replace("AF", "KK", 1)
+ if buf.count("AF ", 0, 5) != 1 and buf.count("KK ", 0, 3) != 1 and buf.count("TT ", 0, 3) != 1:
+ sys.exit(2)
- writeLine(server_out, buf)
- buf = readLine(server_in)
+ writeLine(server_out, buf)
+ buf = readLine(server_in)
- if buf.count("AF ", 0, 3) != 1:
- sys.exit(4)
+ if buf.count("AF * ", 0, 5) == 1:
+ break
if opts.client_helper == "ntlmssp-client-1":
writeLine(client_out, "GK")