summaryrefslogtreecommitdiff
path: root/testprogs/blackbox
AgeCommit message (Collapse)AuthorFilesLines
2010-11-16s4-test_kinit Add tests for lowercase realm combinationsAndrew Bartlett1-0/+4
This tests that the handling of lowercase realms works in our KDC and libraries. Andrew Bartlett
2010-10-28s4 net: rename to samba-tool in order to not clash with s3 netKai Blin5-36/+36
Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Oct 28 07:25:16 UTC 2010 on sn-devel-104
2010-10-15s4-test: fixed a typo in test_kinit.shAndrew Tridgell1-1/+1
too many Ts Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Fri Oct 15 10:14:27 UTC 2010 on sn-devel-104
2010-10-15s4-test: fixed test_kinit.sh time command testAndrew Tridgell1-1/+1
passing -W breaks -k yes
2010-07-31s4:blackblock/ktpass: use test specific user nameStefan Metzmacher1-7/+6
metze
2010-07-17s4 unittests: add blackblox test for ktpassMatthieu Patou1-0/+37
2010-07-16s4:testprogs Operate the blackbox kinit and net tests using the :local configAndrew Bartlett1-1/+0
This :local tells selftest.pl to use the local smb.conf for the test environment, not the generic client smb.conf This then makes the rest work properly - otherwise, it may attempt to connect to the wrong KDC for example. The only problem is that we can't test the 'net join' with this set, so this is removed from the test. The member server test environment checks this anyway. Andrew Bartlett
2010-07-15s4:testprogs Show that we no longer delete the old keytab entriesAndrew Bartlett1-3/+5
By using a CCACHE obtained while the old password was still valid, we can tell if the server still accepts incoming Kerberos connections with the old password. Andrew Bartlett
2010-07-15s4:testprogs Prove kerberos still works after a password changeAndrew Bartlett1-0/+25
Changing the machine account password should not prevent connections with a current, valid CCACHE. This is because when the password is changed, the server-side keytab keeps one old password around. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4: Unit test update_machine_account_password through kinitMatthieu Patou1-0/+39
This patch is for testing the chgdcpass script which is mostly a call to update_machine_account_password. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-10testprogs/blackbox/subunit.sh: initialize failed to 0Stefan Metzmacher1-0/+3
This is a short-term workarround for broken scripts, which use "exit $failed", without initializing failed. We need a discussion on the mailing list how to handle this in a nicer way. This should fix some random failures in the blackbox tests. metze
2010-07-03s4:kinit blackbox test - set/reset also here the "minPwdAge"Matthias Dieter Wallnöfer1-0/+7
2010-07-03s4:blackbox/test_passwords.sh - perform also here the adaptions for ↵Matthias Dieter Wallnöfer1-2/+2
"minPwdAge" != 0
2010-06-29s4:selftest Split out PKINIT tests from test_kinit.sh and test enc typesAndrew Bartlett2-14/+79
This allows us to run the PKINIT tests only against the main DC (for which the certificates were generated), while testing the available encryption types in each functional level. In particular, we need to assert that AES encryption is available in the 2008 functional level. Andrew Bartlett
2010-05-09s4:blackbox/test_kinit.sh - Test the new "net user add <user> [<password>]" ↵Matthias Dieter Wallnöfer1-1/+1
syntax
2010-04-16s4-test: check that a weak password is rejected by kpasswdAndrew Tridgell1-0/+44
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-13testprogs/blackbox/test_kinit: reorder arguments to "net time" to fix make testStefan Metzmacher1-1/+1
metze
2010-03-27s4:testprogs Update test to match current HeimdalAndrew Bartlett1-1/+1
2010-03-27s4:testprogs Fix kinit test for updated HeimdalAndrew Bartlett1-2/+2
2010-03-25s4:selftest Add testing of kpasswd password set on servicePrincipalNameAndrew Bartlett1-0/+31
2010-02-20s4:credentials Add hooks to extract a named Kerberos credentials cacheAndrew Bartlett1-1/+6
This allows the integration of external tools that can't be linked into C or python, but need to authenticate as the local machine account. The machineaccountccache script demonstrates this, and debugging has been improved in cli_credentials_set_secrets() by passing back and error string. Andrew Bartlett
2010-01-04blackbox/test_export_keytab.sh: correctly remove temporary filesStefan Metzmacher1-1/+1
metze
2010-01-04blackbox/test_export_keytab.sh: use VALGRIND for samba4kinitStefan Metzmacher1-2/+2
metze
2009-12-31s4-testpasswords: fixed CONFIG and quotingAndrew Tridgell1-17/+22
Need to pass correct config file to tests
2009-12-31net: Move 'newuser' to 'net newuser'Jelmer Vernooij2-2/+2
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-31net: Fix tests and documentation of setexpiry.Jelmer Vernooij2-2/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-31net: Move 'setpassword' to 'net setpassword'.Jelmer Vernooij1-3/+2
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-31blackbox.passwords: Use convenience variable for net.Jelmer Vernooij1-5/+5
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-31Fix commands in password tests.Jelmer Vernooij1-6/+6
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-09-21Revert "blackbox:test_kinit - Remove the "-H" (hive) parameter"Matthias Dieter Wallnöfer1-1/+1
This reverts commit d4389a230b6aea5a0b2a98e255b14a59c8248b0b. This revert changed the behaviour which I didn't expect. Thanks abartlet to point this out!
2009-09-20blackbox:test_kinit - Remove the "-H" (hive) parameterMatthias Dieter Wallnöfer1-1/+1
The "enableaccount" script works only on local LDB anymore - therefore remove this parameter.
2009-09-20blackbox/test_ldb.sh: test searching using OIDs instead of names for ↵Stefan Metzmacher1-0/+16
attributes and classes metze
2009-09-10s4:pwsettings: Added blackbox tests.Andrew Kroeger1-0/+28
The added tests include basic validation that the script runs and accepts all custom arguments. The tests also verify changes to the password complexity, minimum password length, and minimum password length settings.
2009-09-10testprogs:subunit.sh: Add function for expected failures.Andrew Kroeger1-0/+15
The testit_expect_failure() function is like the testit() function, with reversed error detection logic. This reversal only affects the pass/fail logic and logging - the original return code from the command is still returned to the calling script.
2009-07-28s4:kerberos Add support for user principal names in certificatesAndrew Bartlett1-1/+3
This extends the PKINIT code in Heimdal to ask the HDB layer if the User Principal Name name in the certificate is an alias (perhaps just by case change) of the name given in the AS-REQ. (This was a TODO in the Heimdal KDC) The testsuite is extended to test this behaviour, and the other PKINIT certficate (using the standard method to specify a principal name in a certificate) is updated to use a Administrator (not administrator). (This fixes the kinit test). Andrew Bartlett
2009-07-27s4:kerberos Add test to show that we actually export the keytabAndrew Bartlett1-0/+67
While it is hard to prove it is correct, at least the new 'nettestuser' principal and the Administrator principal are correct. We had to fix the case of 'Administrator' in the selftest code to match the DB, as the keytab lookup is case sensitive. Andrew Bartlett
2009-06-30s4:heimdal Allow KRB5_NT_ENTERPRISE names in all DB lookupsAndrew Bartlett1-0/+2
The previous code only allowed an KRB5_NT_ENTERPRISE name (an e-mail list user principal name) in an AS-REQ. Evidence from the wild (Win2k8 reportadely) indicates that this is instead valid for all types of requests. While this is now handled in heimdal/kdc/misc.c, a flag is now defined in Heimdal's hdb so that we can take over this handling in future (once we start using a system Heimdal, and if we find out there is more to be done here). Andrew Bartlett
2009-06-18s4: Add tests and 'must change password' flags in setpassword and newuserAndrew Bartlett1-0/+121
In particular, ensure that we can acutally change the password under these circumstances. Andrew Bartlett
2009-06-18s4:testprogs Don't specify a username/password when checking the ccacheAndrew Bartlett1-1/+1
The purpose of this test is to ensure that the Kerberos credentials cache is valid. If the username and password is specified, this overrides the very thing we are trying to test. Andrew Bartlett
2009-03-04s4:blackbox/test_ldb: make use of the $VALGRIND envvarStefan Metzmacher1-1/+1
metze
2009-02-03s4:selftest: avoid hardcoded pathes in blackbox testsStefan Metzmacher2-31/+36
metze
2009-01-08s4:blackbox: don't remove newlines in the subunit failure outputStefan Metzmacher1-1/+1
metze
2008-12-17s4:testprogs: improve extended dn testing of the ldb blackbox testsAndrew Bartlett1-6/+8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-10-20Actually test the kpasswd serverAndrew Bartlett1-3/+41
This uses kpasswd operated as a blackbox, assisted by the newly imported rkpty tool. Andrew Bartlett
2008-10-06s4:blackbox/test_ldb: test search by <GUID=...> and <SID=...>Stefan Metzmacher1-0/+25
metze
2008-10-03fixed the ldb blackbox test to work with non-bourne shells (as neededAndrew Tridgell1-7/+7
by ubuntu) fixed spelling of 'wellknown'
2008-10-02s4:blackblox/test_ldb: test searches via wellknownObjectsStefan Metzmacher1-0/+62
metze
2008-09-16Move torture/ blackbox tests closer to code they're testing.Jelmer Vernooij3-90/+0
2008-09-16Move ndrdump tests closer to the code they test.Jelmer Vernooij3-20/+0
2008-09-14blackbox: fix source => source4Stefan Metzmacher6-7/+7
metze