summaryrefslogtreecommitdiffstats
path: root/source4/selftest
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
commit4f5791ebd03eaec1c7da0865a383175b05102712 (patch)
tree8ce7b00f7a76baa386372422adebbe64510812d4 /source4/selftest
parentInitial commit. (diff)
downloadsamba-4f5791ebd03eaec1c7da0865a383175b05102712.tar.xz
samba-4f5791ebd03eaec1c7da0865a383175b05102712.zip
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rwxr-xr-xsource4/selftest/test_samba3dump.sh14
-rwxr-xr-xsource4/selftest/test_w2k3.sh48
-rwxr-xr-xsource4/selftest/test_w2k3_file.sh44
-rwxr-xr-xsource4/selftest/test_win.sh42
-rwxr-xr-xsource4/selftest/tests.py1914
-rwxr-xr-xsource4/selftest/tests_win.sh30
-rwxr-xr-xsource4/selftest/tests_win2k3_dc.sh22
-rw-r--r--source4/selftest/win/README72
-rw-r--r--source4/selftest/win/VMHost.pm359
-rw-r--r--source4/selftest/win/common.exp521
-rw-r--r--source4/selftest/win/test_win.conf83
-rw-r--r--source4/selftest/win/vm_get_ip.pl48
-rw-r--r--source4/selftest/win/vm_load_snapshot.pl46
-rwxr-xr-xsource4/selftest/win/wintest_2k3_dc.sh120
-rwxr-xr-xsource4/selftest/win/wintest_base.sh68
-rw-r--r--source4/selftest/win/wintest_client.exp95
-rwxr-xr-xsource4/selftest/win/wintest_client.sh26
-rwxr-xr-xsource4/selftest/win/wintest_functions.sh54
-rwxr-xr-xsource4/selftest/win/wintest_net.sh63
-rwxr-xr-xsource4/selftest/win/wintest_raw.sh69
-rw-r--r--source4/selftest/win/wintest_remove.exp71
-rwxr-xr-xsource4/selftest/win/wintest_rpc.sh67
-rw-r--r--source4/selftest/win/wintest_setup.exp104
23 files changed, 3980 insertions, 0 deletions
diff --git a/source4/selftest/test_samba3dump.sh b/source4/selftest/test_samba3dump.sh
new file mode 100755
index 0000000..f8dc850
--- /dev/null
+++ b/source4/selftest/test_samba3dump.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+# Verify that samba3dump completes.
+
+. testprogs/blackbox/subunit.sh
+
+subunit_start_test samba3dump
+
+SRCDIR=$(dirname $0)/../..
+
+if $PYTHON $SRCDIR/source4/scripting/bin/samba3dump $SRCDIR/testdata/samba3; then
+ subunit_pass_test samba3dump
+else
+ echo | subunit_fail_test samba3dump
+fi
diff --git a/source4/selftest/test_w2k3.sh b/source4/selftest/test_w2k3.sh
new file mode 100755
index 0000000..20d4e5d
--- /dev/null
+++ b/source4/selftest/test_w2k3.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+# tests that should pass against a w2k3 DC, as administrator
+
+# add tests to this list as they start passing, so we test
+# that they stay passing
+ncacn_np_tests="RPC-SCHANNEL RPC-DSSETUP RPC-EPMAPPER RPC-SAMR RPC-WKSSVC RPC-SRVSVC RPC-EVENTLOG RPC-NETLOGON RPC-LSA RPC-SAMLOGON RPC-SAMSYNC RPC-MULTIBIND RPC-WINREG RPC-SPOOLSS RPC-SPOOLSS-WIN"
+ncacn_ip_tcp_tests="RPC-SCHANNEL RPC-EPMAPPER RPC-SAMR RPC-NETLOGON RPC-LSA RPC-SAMLOGON RPC-SAMSYNC RPC-MULTIBIND"
+
+if [ $# -lt 4 ]; then
+ cat <<EOF
+Usage: test_w2k3.sh SERVER USERNAME PASSWORD DOMAIN REALM
+EOF
+ exit 1
+fi
+
+server="$1"
+username="$2"
+password="$3"
+domain="$4"
+realm="$5"
+shift 5
+
+incdir=$(dirname $0)
+. $incdir/test_functions.sh
+
+OPTIONS="-U$username%$password -W $domain --option realm=$realm"
+
+name="RPC-SPOOLSS on ncacn_np"
+testit "$name" rpc bin/smbtorture $TORTURE_OPTIONS ncacn_np:"$server" $OPTIONS RPC-SPOOLSS "$*"
+
+for bindoptions in padcheck connect sign seal ntlm,sign ntlm,seal $VALIDATE bigendian; do
+ for transport in ncacn_ip_tcp ncacn_np; do
+ case $transport in
+ ncacn_np) tests=$ncacn_np_tests ;;
+ ncacn_ip_tcp) tests=$ncacn_ip_tcp_tests ;;
+ esac
+ for t in $tests; do
+ name="$t on $transport with $bindoptions"
+ testit "$name" rpc bin/smbtorture $TORTURE_OPTIONS $transport:"$server[$bindoptions]" $OPTIONS $t "$*"
+ done
+ done
+done
+
+name="RPC-DRSUAPI on ncacn_ip_tcp with seal"
+testit "$name" rpc bin/smbtorture $TORTURE_OPTIONS ncacn_ip_tcp:"$server[seal]" $OPTIONS RPC-DRSUAPI "$*"
+name="RPC-DRSUAPI on ncacn_ip_tcp with seal,bigendian"
+testit "$name" rpc bin/smbtorture $TORTURE_OPTIONS ncacn_ip_tcp:"$server[seal,bigendian]" $OPTIONS RPC-DRSUAPI "$*"
diff --git a/source4/selftest/test_w2k3_file.sh b/source4/selftest/test_w2k3_file.sh
new file mode 100755
index 0000000..b2f8716
--- /dev/null
+++ b/source4/selftest/test_w2k3_file.sh
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+# this runs the file serving tests that are expected to pass with win2003
+
+if [ $# -lt 3 ]; then
+ cat <<EOF
+Usage: test_w2k3_file.sh UNC USERNAME PASSWORD <first> <smbtorture args>
+EOF
+ exit 1
+fi
+
+unc="$1"
+username="$2"
+password="$3"
+start="$4"
+shift 4
+ADDARGS="$*"
+
+incdir=$(dirname $0)
+. $incdir/test_functions.sh
+
+tests="BASE-FDPASS BASE-LOCK "
+tests="$tests BASE-UNLINK BASE-ATTR"
+tests="$tests BASE-DIR1 BASE-DIR2 BASE-VUID"
+tests="$tests BASE-TCON BASE-TCONDEV BASE-RW1"
+tests="$tests BASE-DENY3 BASE-XCOPY BASE-OPEN BASE-DENYDOS"
+tests="$tests BASE-DELETE BASE-PROPERTIES BASE-MANGLE"
+tests="$tests BASE-CHKPATH BASE-SECLEAK BASE-TRANS2"
+tests="$tests BASE-NTDENY1 BASE-NTDENY2 BASE-RENAME BASE-OPENATTR"
+tests="$tests RAW-QFILEINFO RAW-SFILEINFO-BUG RAW-SFILEINFO-BASE"
+tests="$tests RAW-LOCK RAW-MKDIR RAW-SEEK RAW-CONTEXT RAW-MUX RAW-OPEN RAW-WRITE"
+tests="$tests RAW-UNLINK RAW-READ RAW-CLOSE RAW-IOCTL RAW-CHKPATH RAW-RENAME"
+tests="$tests RAW-EAS RAW-STREAMS RAW-OPLOCK RAW-NOTIFY BASE-DELAYWRITE"
+# slowest tests last
+tests="$tests BASE-DENY1 BASE-DENY2"
+
+# these tests are known to fail against windows
+fail="RAW-SEARCH RAW-ACLS RAW-QFSINFO"
+
+echo "Skipping tests expected to fail: $fail"
+
+for t in $tests; do
+ testit "$t" smb $VALGRIND bin/smbtorture $TORTURE_OPTIONS $ADDARGS $unc -U"$username"%"$password" $t
+done
diff --git a/source4/selftest/test_win.sh b/source4/selftest/test_win.sh
new file mode 100755
index 0000000..bf6d2e1
--- /dev/null
+++ b/source4/selftest/test_win.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+# A shell script to connect to a windows host over telnet,
+# setup for a smbtorture test,
+# run the test,
+# and remove the previously configured directory and share.
+# Copyright Brad Henry <brad@samba.org> 2006
+# Released under the GNU GPL version 3 or later.
+
+. selftest/test_functions.sh
+
+export SMBTORTURE_REMOTE_HOST=$(perl -I$WINTEST_DIR $WINTEST_DIR/vm_get_ip.pl VM_CFG_PATH)
+if [ -z $SMBTORTURE_REMOTE_HOST ]; then
+ # Restore snapshot to ensure VM is in a known state, then exit.
+ restore_snapshot "Test failed to get the IP address of the windows host." "$VM_CFG_PATH"
+ exit 1
+fi
+
+name="BASE against Windows 2003"
+testit "$name" smb $WINTEST_DIR/wintest_base.sh $SMBTORTURE_REMOTE_HOST \
+ $SMBTORTURE_USERNAME $SMBTORTURE_PASSWORD $SMBTORTURE_WORKGROUP
+
+name="RAW against Windows 2003"
+testit "$name" smb $WINTEST_DIR/wintest_raw.sh $SMBTORTURE_REMOTE_HOST \
+ $SMBTORTURE_USERNAME $SMBTORTURE_PASSWORD $SMBTORTURE_WORKGROUP
+
+name="RPC against Windows 2003"
+testit "$name" smb $WINTEST_DIR/wintest_rpc.sh $SMBTORTURE_REMOTE_HOST \
+ $SMBTORTURE_USERNAME $SMBTORTURE_PASSWORD $SMBTORTURE_WORKGROUP
+
+name="NET against Windows 2003"
+testit "$name" smb $WINTEST_DIR/wintest_net.sh $SMBTORTURE_REMOTE_HOST \
+ $SMBTORTURE_USERNAME $SMBTORTURE_PASSWORD $SMBTORTURE_WORKGROUP
+
+name="Windows 2003 against samba"
+testit "$name" smb $WINTEST_DIR/wintest_client.sh $SMBTORTURE_REMOTE_HOST
+
+dc_tests="RPC-DRSUAPI ncacn_np ncacn_ip_tcp"
+for name in $dc_tests; do
+ testit "$name against Windows 2003 DC" rpc $WINTEST_DIR/wintest_2k3_dc.sh \
+ "$name"
+done
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
new file mode 100755
index 0000000..7e37c1f
--- /dev/null
+++ b/source4/selftest/tests.py
@@ -0,0 +1,1914 @@
+#!/usr/bin/python
+# This script generates a list of testsuites that should be run as part of
+# the Samba 4 test suite.
+
+# The output of this script is parsed by selftest.pl, which then decides
+# which of the tests to actually run. It will, for example, skip all tests
+# listed in selftest/skip or only run a subset during "make quicktest".
+
+# The idea is that this script outputs all of the tests of Samba 4, not
+# just those that are known to pass, and list those that should be skipped
+# or are known to fail in selftest/skip or selftest/knownfail. This makes it
+# very easy to see what functionality is still missing in Samba 4 and makes
+# it possible to run the testsuite against other servers, such as Samba 3 or
+# Windows that have a different set of features.
+
+# The syntax for a testsuite is "-- TEST --" on a single line, followed
+# by the name of the test, the environment it needs and the command to run, all
+# three separated by newlines. All other lines in the output are considered
+# comments.
+
+import os
+import sys
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "../../selftest"))
+import selftesthelpers
+from selftesthelpers import bindir, srcdir, binpath, python
+from selftesthelpers import configuration, plantestsuite
+from selftesthelpers import planpythontestsuite, planperltestsuite
+from selftesthelpers import plantestsuite_loadlist
+from selftesthelpers import skiptestsuite, source4dir, valgrindify
+from selftesthelpers import smbtorture4_options, smbtorture4_testsuites
+from selftesthelpers import smbtorture4, ntlm_auth3, samba3srcdir
+
+
+print("OPTIONS %s" % " ".join(smbtorture4_options), file=sys.stderr)
+
+
+def plansmbtorture4testsuite(name, env, options, modname=None, environ={}):
+ return selftesthelpers.plansmbtorture4testsuite(name,
+ env,
+ options,
+ target='samba4',
+ modname=modname,
+ environ=environ)
+
+
+samba4srcdir = source4dir()
+DSDB_PYTEST_DIR = os.path.join(samba4srcdir, "dsdb/tests/python/")
+
+samba4bindir = bindir()
+validate = os.getenv("VALIDATE", "")
+if validate:
+ validate_list = [validate]
+else:
+ validate_list = []
+
+nmblookup4 = binpath('nmblookup4')
+smbclient4 = binpath('smbclient4')
+smbclient3 = binpath('smbclient')
+
+bbdir = os.path.join(srcdir(), "testprogs/blackbox")
+
+# alias to highlight what tests we want to run against a DC with SMBv1 disabled
+smbv1_disabled_testenv = "restoredc"
+
+all_fl_envs = ["fl2000dc", "fl2003dc", "fl2008dc", "fl2008r2dc"]
+
+# Simple tests for LDAP and CLDAP
+for auth_type in ['', '-k no', '-k yes']:
+ for auth_level in ['--option=clientldapsaslwrapping=plain', '--client-protection=sign', '--client-protection=encrypt']:
+ creds = '-U"$USERNAME%$PASSWORD"'
+ options = creds + ' ' + auth_type + ' ' + auth_level
+ plantestsuite("samba4.ldb.ldap with options %r(ad_dc_default)" % options, "ad_dc_default", "%s/test_ldb.sh ldap $SERVER %s" % (bbdir, options))
+
+# see if we support ADS on the Samba3 side
+try:
+ config_h = os.environ["CONFIG_H"]
+except KeyError:
+ config_h = os.path.join(samba4bindir, "default/include/config.h")
+
+# check available features
+config_hash = dict()
+f = open(config_h, 'r')
+try:
+ lines = f.readlines()
+ config_hash = dict((x[0], ' '.join(x[1:]))
+ for x in map(lambda line: line.strip().split(' ')[1:],
+ list(filter(lambda line: (line[0:7] == '#define') and (len(line.split(' ')) > 2), lines))))
+finally:
+ f.close()
+
+have_heimdal_support = ("SAMBA4_USES_HEIMDAL" in config_hash)
+have_gnutls_fips_mode_support = ("HAVE_GNUTLS_FIPS_MODE_SUPPORTED" in config_hash)
+
+for options in ['-U"$USERNAME%$PASSWORD"']:
+ plantestsuite("samba4.ldb.ldaps with options %s(ad_dc_ntvfs)" % options, "ad_dc_ntvfs",
+ "%s/test_ldb.sh ldaps $SERVER_IP %s" % (bbdir, options))
+
+creds_options = [
+ '--simple-bind-dn=$USERNAME@$REALM --password=$PASSWORD',
+]
+peer_options = {
+ 'SERVER_IP': '$SERVER_IP',
+ 'SERVER_NAME': '$SERVER',
+ 'SERVER.REALM': '$SERVER.$REALM',
+}
+tls_verify_options = [
+ '--option="tlsverifypeer=no_check"',
+ '--option="tlsverifypeer=ca_only"',
+ '--option="tlsverifypeer=ca_and_name_if_available"',
+ '--option="tlsverifypeer=ca_and_name"',
+ '--option="tlsverifypeer=as_strict_as_possible"',
+]
+
+# we use :local for fl2008r2dc because of the self-signed certificate
+for env in ["ad_dc_ntvfs", "fl2008r2dc:local"]:
+ for peer_key in peer_options.keys():
+ peer_val = peer_options[peer_key]
+ for creds in creds_options:
+ for tls_verify in tls_verify_options:
+ options = creds + ' ' + tls_verify
+ plantestsuite("samba4.ldb.simple.ldaps with options %s %s(%s)" % (
+ peer_key, options, env), env,
+ "%s/test_ldb_simple.sh ldaps %s %s" % (bbdir, peer_val, options))
+
+# test all "ldap server require strong auth" combinations
+for env in ["ad_dc_ntvfs", "fl2008r2dc", "fl2003dc"]:
+ options = '--simple-bind-dn="$USERNAME@$REALM" --password="$PASSWORD"'
+ plantestsuite("samba4.ldb.simple.ldap with SIMPLE-BIND %s(%s)" % (options, env),
+ env, "%s/test_ldb_simple.sh ldap $SERVER %s" % (bbdir, options))
+ options += ' --option="tlsverifypeer=no_check"'
+ plantestsuite("samba4.ldb.simple.ldaps with SIMPLE-BIND %s(%s)" % (options, env),
+ env, "%s/test_ldb_simple.sh ldaps $SERVER %s" % (bbdir, options))
+
+ auth_options = [
+ '--option=clientldapsaslwrapping=plain',
+ '--client-protection=sign',
+ '--client-protection=encrypt',
+ '--use-kerberos=required --option=clientldapsaslwrapping=plain',
+ '--use-kerberos=required --client-protection=sign',
+ '--use-kerberos=required --client-protection=encrypt',
+ '--use-kerberos=disabled --option=clientldapsaslwrapping=plain',
+ '--use-kerberos=disabled --client-protection=sign --option=ntlmssp_client:ldap_style_send_seal=no',
+ '--use-kerberos=disabled --client-protection=sign',
+ '--use-kerberos=disabled --client-protection=encrypt',
+ ]
+
+ for auth_option in auth_options:
+ options = '-U"$USERNAME%$PASSWORD"' + ' ' + auth_option
+ plantestsuite("samba4.ldb.simple.ldap with SASL-BIND %s(%s)" % (options, env),
+ env, "%s/test_ldb_simple.sh ldap $SERVER %s" % (bbdir, options))
+ options = '-U"$USERNAME%$PASSWORD" --option="tlsverifypeer=no_check"'
+ plantestsuite("samba4.ldb.simple.ldaps with SASL-BIND %s(%s)" % (options, env),
+ env, "%s/test_ldb_simple.sh ldaps $SERVER %s" % (bbdir, options))
+
+for options in ['-U"$USERNAME%$PASSWORD"']:
+ plantestsuite("samba4.ldb.ldapi with options %s(ad_dc_ntvfs:local)" % options, "ad_dc_ntvfs:local",
+ "%s/test_ldb.sh ldapi $PREFIX_ABS/ad_dc_ntvfs/private/ldapi %s" % (bbdir, options))
+
+for t in smbtorture4_testsuites("ldap."):
+ if t == "ldap.nested-search":
+ plansmbtorture4testsuite(t, "ad_dc_default_smb1", '-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_')
+ elif t == "ldap.session-expiry":
+ # This requires kerberos and thus the server name
+ plansmbtorture4testsuite(
+ t, "ad_dc_default", '-U"$USERNAME%$PASSWORD" //$DC_SERVER/_none_')
+ else:
+ plansmbtorture4testsuite(
+ t,
+ "ad_dc_default",
+ '-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_ -D "$USERNAME"@"$REALM"##"$PASSWORD"')
+
+for t in smbtorture4_testsuites("dsdb."):
+ plansmbtorture4testsuite(t, "ad_dc:local", "localhost")
+
+ldbdir = os.path.join(srcdir(), "lib/ldb")
+# Don't run LDB tests when using system ldb, as we won't have ldbtest installed
+if os.path.exists(os.path.join(samba4bindir, "ldbtest")):
+ plantestsuite("ldb.base", "none", "%s/tests/test-tdb-subunit.sh %s" % (ldbdir, samba4bindir))
+else:
+ skiptestsuite("ldb.base", "Using system LDB, ldbtest not available")
+
+plantestsuite_loadlist("samba4.tests.attr_from_server.python(ad_dc_ntvfs)",
+ "ad_dc_ntvfs:local",
+ [python, os.path.join(DSDB_PYTEST_DIR, "attr_from_server.py"),
+ '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '$LOADLIST', '$LISTOPT'])
+
+# Tests for RPC
+
+# add tests to this list as they start passing, so we test
+# that they stay passing
+ncacn_np_tests = ["rpc.schannel", "rpc.join", "rpc.lsa", "rpc.dssetup", "rpc.altercontext", "rpc.netlogon", "rpc.netlogon.admin", "rpc.handles", "rpc.samsync", "rpc.samba3-sessionkey", "rpc.samba3-getusername", "rpc.samba3-lsa", "rpc.samba3-bind", "rpc.samba3-netlogon", "rpc.asyncbind", "rpc.lsalookup", "rpc.lsa-getuser", "rpc.schannel2", "rpc.authcontext"]
+ncalrpc_tests = ["rpc.schannel", "rpc.join", "rpc.lsa", "rpc.dssetup", "rpc.altercontext", "rpc.netlogon", "rpc.netlogon.admin", "rpc.netlogon.zerologon", "rpc.asyncbind", "rpc.lsalookup", "rpc.lsa-getuser", "rpc.schannel2", "rpc.authcontext"]
+drs_rpc_tests = smbtorture4_testsuites("drs.rpc")
+ncacn_ip_tcp_tests = ["rpc.schannel", "rpc.join", "rpc.lsa", "rpc.dssetup", "rpc.drsuapi", "rpc.drsuapi_w2k8", "rpc.netlogon", "rpc.netlogon.admin", "rpc.netlogon.zerologon", "rpc.asyncbind", "rpc.lsalookup", "rpc.lsa-getuser", "rpc.schannel2", "rpc.authcontext", "rpc.samr.passwords.validate"] + drs_rpc_tests
+slow_ncacn_np_tests = ["rpc.samlogon",
+ "rpc.samr",
+ "rpc.samr.users",
+ "rpc.samr.large-dc",
+ "rpc.samr.users.privileges",
+ "rpc.samr.passwords.default",
+ "rpc.samr.passwords.pwdlastset",
+ "rpc.samr.passwords.lockout",
+ "rpc.samr.passwords.badpwdcount"]
+slow_ncacn_ip_tcp_tests = ["rpc.cracknames"]
+
+all_rpc_tests = ncalrpc_tests + ncacn_np_tests + ncacn_ip_tcp_tests + slow_ncacn_np_tests + slow_ncacn_ip_tcp_tests + ["rpc.lsa.secrets", "rpc.pac", "rpc.samba3-sharesec", "rpc.countcalls"]
+
+# Filter RPC tests that should not run against ad_dc_ntvfs
+rpc_s3only = [
+ "rpc.mdssvc",
+]
+rpc_fipsonly = [
+ "rpc.fips.netlogon.crypto",
+]
+rpc_exclude = rpc_s3only + rpc_fipsonly
+rpc_tests = [x for x in smbtorture4_testsuites("rpc.") if x not in rpc_exclude]
+auto_rpc_tests = list(filter(lambda t: t not in all_rpc_tests, rpc_tests))
+
+for bindoptions in ["seal,padcheck"] + validate_list + ["bigendian"]:
+ for transport in ["ncalrpc", "ncacn_np", "ncacn_ip_tcp"]:
+ env = "ad_dc_default"
+ local = ""
+ if transport == "ncalrpc":
+ tests = ncalrpc_tests
+ local = ":local"
+ elif transport == "ncacn_np":
+ tests = ncacn_np_tests
+ elif transport == "ncacn_ip_tcp":
+ tests = ncacn_ip_tcp_tests
+ else:
+ raise AssertionError("invalid transport %r" % transport)
+ for t in tests:
+ if t == "rpc.netlogon":
+ env = "ad_dc_ntvfs"
+ elif t == "rpc.join":
+ env = "ad_dc_default_smb1"
+ plansmbtorture4testsuite(t, env + local, ["%s:$SERVER[%s]" % (transport, bindoptions), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.%s on %s with %s" % (t, transport, bindoptions))
+ plansmbtorture4testsuite('rpc.samba3-sharesec', env + local, ["%s:$SERVER[%s]" % (transport, bindoptions), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=torture:share=tmp'], "samba4.rpc.samba3.sharesec on %s with %s" % (transport, bindoptions))
+
+# Plugin S4 DC tests (confirms named pipe auth forwarding). This can be expanded once kerberos is supported in the plugin DC
+#
+for bindoptions in ["seal,padcheck"] + validate_list + ["bigendian"]:
+ for t in ncacn_np_tests:
+ env = "ad_dc"
+ transport = "ncacn_np"
+ if t in ["rpc.authcontext", "rpc.join"]:
+ env = "ad_dc_smb1"
+ plansmbtorture4testsuite(t, env, ["%s:$SERVER[%s]" % (transport, bindoptions), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.%s with %s" % (t, bindoptions))
+
+for bindoptions in [""] + validate_list + ["bigendian"]:
+ for t in auto_rpc_tests:
+ env = "ad_dc_default"
+ if t in ["rpc.srvsvc", "rpc.mgmt"]:
+ env = "ad_dc_ntvfs"
+ elif t == "rpc.join":
+ env = "ad_dc_default_smb1"
+ plansmbtorture4testsuite(t, env, ["$SERVER[%s]" % bindoptions, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.%s with %s" % (t, bindoptions))
+
+t = "rpc.countcalls"
+plansmbtorture4testsuite(t, "ad_dc_default:local", ["$SERVER[%s]" % bindoptions, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname="samba4.%s" % t)
+
+for transport in ["ncacn_np", "ncacn_ip_tcp"]:
+ env = "ad_dc_slowtests"
+ if transport == "ncacn_np":
+ tests = slow_ncacn_np_tests
+ elif transport == "ncacn_ip_tcp":
+ tests = slow_ncacn_ip_tcp_tests
+ else:
+ raise AssertionError("Invalid transport %r" % transport)
+ for t in tests:
+ bindoptions = ''
+ if t == 'rpc.cracknames':
+ bindoptions = 'seal'
+ plansmbtorture4testsuite(t, env, ["%s:$SERVER[%s]" % (transport, bindoptions), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.%s on %s with %s" % (t, transport, bindoptions))
+
+# Tests for the DFS referral calls implementation
+for t in smbtorture4_testsuites("dfs."):
+ plansmbtorture4testsuite(t, "ad_dc_ntvfs", '//$SERVER/ipc\$ -U$USERNAME%$PASSWORD')
+ plansmbtorture4testsuite(t, "ad_dc_smb1", '//$SERVER/ipc\$ -U$USERNAME%$PASSWORD')
+
+# Tests for the NET API (net.api.become.dc tested below against all the roles)
+net_tests = list(filter(lambda x: "net.api.become.dc" not in x, smbtorture4_testsuites("net.")))
+for t in net_tests:
+ plansmbtorture4testsuite(t, "ad_dc_default", '$SERVER[%s] -U$USERNAME%%$PASSWORD -W$DOMAIN' % validate)
+
+# Tests for session keys and encryption of RPC pipes
+# FIXME: Integrate these into a single smbtorture test
+
+transport = "ncacn_np"
+for env in ["ad_dc_default", "nt4_dc"]:
+ for ntlmoptions in [
+ "-k no --option=clientusespnego=yes",
+ "-k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no",
+ "-k no --option=clientusespnego=yes --option=ntlmssp_client:56bit=yes",
+ "-k no --option=clientusespnego=yes --option=ntlmssp_client:56bit=no",
+ "-k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=yes",
+ "-k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=no",
+ "-k no --option=clientusespnego=yes --option=clientntlmv2auth=yes",
+ "-k no --option=clientusespnego=yes --option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no",
+ "-k no --option=clientusespnego=yes --option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=yes",
+ "-k no --option=clientusespnego=no --option=clientntlmv2auth=yes",
+ "-k no --option=gensec:spnego=no --option=clientntlmv2auth=yes",
+ "-k no --option=clientusespnego=no"]:
+ name = "rpc.lsa.secrets on %s with with %s" % (transport, ntlmoptions)
+ plansmbtorture4testsuite('rpc.lsa.secrets', env, ["%s:$SERVER[]" % (transport), ntlmoptions, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=gensec:target_hostname=$NETBIOSNAME'], "samba4.%s" % name)
+ plantestsuite("samba.blackbox.pdbtest(%s)" % env, "%s:local" % env, [os.path.join(bbdir, "test_pdbtest.sh"), '$SERVER', "$PREFIX", "pdbtest", smbclient3, '$SMB_CONF_PATH', configuration])
+
+gpo = smbtorture4_testsuites("gpo.")
+for t in gpo:
+ plansmbtorture4testsuite(t, 'ad_dc:local', ['//$SERVER/sysvol', '-U$USERNAME%$PASSWORD'])
+
+transports = ["ncacn_np", "ncacn_ip_tcp"]
+
+# Kerberos varies between functional levels, so it is important to check this on all of them
+for env in all_fl_envs:
+ transport = "ncacn_np"
+ plansmbtorture4testsuite('rpc.pac', env, ["%s:$SERVER[]" % (transport, ), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.pac on %s" % (transport,))
+ plansmbtorture4testsuite('rpc.lsa.secrets', env, ["%s:$SERVER[]" % (transport, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=gensec:target_hostname=$NETBIOSNAME', 'rpc.lsa.secrets'], "samba4.rpc.lsa.secrets on %s with Kerberos" % (transport,))
+ plansmbtorture4testsuite('rpc.lsa.secrets', env, ["%s:$SERVER[]" % (transport, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', "--option=clientusespnegoprincipal=yes", '--option=gensec:target_hostname=$NETBIOSNAME'], "samba4.rpc.lsa.secrets on %s with Kerberos - use target principal" % (transport,))
+ plansmbtorture4testsuite('rpc.lsa.secrets', env, ["%s:$SERVER[target_principal=dcom/$NETBIOSNAME]" % (transport, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal dcom" % (transport,))
+ plansmbtorture4testsuite('rpc.lsa.secrets', env, ["%s:$SERVER[target_principal=$NETBIOSNAME\$]" % (transport, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal dollar" % (transport,))
+ plansmbtorture4testsuite('rpc.lsa.secrets', env, ["%s:$SERVER[target_principal=$NETBIOSNAME]" % (transport, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal" % (transport,))
+ plansmbtorture4testsuite('rpc.lsa.secrets.none*', env, ["%s:$SERVER" % transport, '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', "--option=gensec:fake_gssapi_krb5=yes", '--option=gensec:gssapi_krb5=no', '--option=gensec:target_hostname=$NETBIOSNAME'], "samba4.rpc.lsa.secrets on %s with Kerberos - use Samba3 style login" % transport)
+ plansmbtorture4testsuite('rpc.lsa.secrets.none*', env, ["%s:$SERVER" % transport, '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', "--option=gensec:fake_gssapi_krb5=yes", '--option=gensec:gssapi_krb5=no', '--option=gensec:target_hostname=$NETBIOSNAME', '--option=gensec_krb5:send_authenticator_checksum=false'], "samba4.rpc.lsa.secrets on %s with Kerberos - use raw-krb5-no-authenticator-checksum style login" % transport)
+ plansmbtorture4testsuite('rpc.lsa.secrets.none*', env, ["%s:$SERVER" % transport, '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', "--option=clientusespnegoprincipal=yes", '--option=gensec:fake_gssapi_krb5=yes', '--option=gensec:gssapi_krb5=no', '--option=gensec:target_hostname=$NETBIOSNAME'], "samba4.rpc.lsa.secrets on %s with Kerberos - use Samba3 style login, use target principal" % transport)
+
+ # Winreg tests test bulk Kerberos encryption of DCE/RPC
+ # We test rpc.winreg here too, because the winreg interface if
+ # handled by the source3/rpc_server code.
+ for bindoptions in ["connect", "packet", "krb5", "krb5,packet", "krb5,sign", "krb5,seal", "spnego", "spnego,packet", "spnego,sign", "spnego,seal"]:
+ plansmbtorture4testsuite('rpc.winreg', env, ["%s:$SERVER[%s]" % (transport, bindoptions), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.winreg on %s with %s" % (transport, bindoptions))
+
+ for transport in transports:
+ plansmbtorture4testsuite('rpc.echo', env, ["%s:$SERVER[]" % (transport,), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.echo on %s" % (transport, ))
+
+ # Echo tests test bulk Kerberos encryption of DCE/RPC
+ for bindoptions in ["connect", "krb5", "krb5,sign", "krb5,seal", "spnego", "spnego,sign", "spnego,seal"] + validate_list + ["padcheck", "bigendian", "bigendian,seal"]:
+ echooptions = "--option=socket:testnonblock=True --option=torture:quick=yes -k yes"
+ plansmbtorture4testsuite('rpc.echo', env, ["%s:$SERVER[%s]" % (transport, bindoptions), echooptions, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.echo on %s with %s and %s" % (transport, bindoptions, echooptions))
+
+for env in ["fl2000dc", "fl2008r2dc"]:
+ plansmbtorture4testsuite("net.api.become.dc", env, '$SERVER[%s] -U$USERNAME%%$PASSWORD -W$DOMAIN' % validate)
+
+for bindoptions in ["sign", "seal"]:
+ plansmbtorture4testsuite('rpc.backupkey', "ad_dc_default", ["ncacn_np:$SERVER[%s]" % (bindoptions), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.backupkey with %s" % (bindoptions))
+
+for transport in transports:
+ for bindoptions in ["sign", "seal"]:
+ for ntlmoptions in [
+ "--option=ntlmssp_client:ntlm2=yes --option=torture:quick=yes",
+ "--option=ntlmssp_client:ntlm2=no --option=torture:quick=yes",
+ "--option=ntlmssp_client:ntlm2=yes --option=ntlmssp_client:128bit=no --option=torture:quick=yes",
+ "--option=ntlmssp_client:ntlm2=no --option=ntlmssp_client:128bit=no --option=torture:quick=yes",
+ "--option=ntlmssp_client:ntlm2=yes --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes",
+ "--option=ntlmssp_client:ntlm2=no --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes",
+ "--option=clientntlmv2auth=yes --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes",
+ "--option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:keyexchange=yes --option=torture:quick=yes",
+ "--option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes"]:
+ if transport == "ncalrpc":
+ env = "ad_dc_default:local"
+ else:
+ env = "ad_dc_default"
+ plansmbtorture4testsuite('rpc.echo', env, ["%s:$SERVER[%s]" % (transport, bindoptions), ntlmoptions, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.echo on %s with %s and %s" % (transport, bindoptions, ntlmoptions))
+
+plansmbtorture4testsuite('rpc.echo', "ad_dc_default", ['ncacn_np:$SERVER[smb2]', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.echo on ncacn_np over smb2")
+for env in ["ad_dc", "nt4_dc"]:
+ plansmbtorture4testsuite('rpc.echo', env, ['60a15ec5-4de8-11d7-a637-005056a20182@ncacn_np:$SERVER[]', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=torture:quick=yes'], "samba4.rpc.echo on ncacn_np with object")
+ plansmbtorture4testsuite('rpc.echo', env, ['60a15ec5-4de8-11d7-a637-005056a20182@ncacn_ip_tcp:$SERVER[]', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=torture:quick=yes'], "samba4.rpc.echo on ncacn_ip_tcp with object")
+
+plansmbtorture4testsuite('ntp.signd', "ad_dc_default:local", ['ncacn_np:$SERVER', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.ntp.signd")
+
+nbt_tests = smbtorture4_testsuites("nbt.")
+for t in nbt_tests:
+ plansmbtorture4testsuite(t, "ad_dc_ntvfs", "//$SERVER/_none_ -U\"$USERNAME%$PASSWORD\"")
+
+# Tests against the NTVFS POSIX backend
+ntvfsargs = ["--option=torture:sharedelay=100000", "--option=torture:oplocktimeout=3", "--option=torture:writetimeupdatedelay=500000"]
+
+# Filter smb2 tests that should not run against ad_dc_ntvfs
+smb2_s3only = [
+ "smb2.change_notify_disabled",
+ "smb2.dosmode",
+ "smb2.credits",
+ "smb2.kernel-oplocks",
+ "smb2.durable-v2-delay",
+ "smb2.aio_delay",
+ "smb2.fileid",
+ "smb2.timestamps",
+ "smb2.async_dosmode",
+ "smb2.twrp",
+ "smb2.ea",
+ "smb2.create_no_streams",
+]
+smb2 = [x for x in smbtorture4_testsuites("smb2.") if x not in smb2_s3only]
+
+# The QFILEINFO-IPC test needs to be on ipc$
+raw = list(filter(lambda x: "raw.qfileinfo.ipc" not in x, smbtorture4_testsuites("raw.")))
+base = smbtorture4_testsuites("base.")
+
+netapi = smbtorture4_testsuites("netapi.")
+
+for t in base + raw + smb2 + netapi:
+ plansmbtorture4testsuite(t, "ad_dc_ntvfs", ['//$SERVER/tmp', '-U$USERNAME%$PASSWORD'] + ntvfsargs)
+
+libsmbclient = smbtorture4_testsuites("libsmbclient.")
+protocols = [ 'NT1', 'SMB3' ]
+for t in libsmbclient:
+ url = "smb://$USERNAME:$PASSWORD@$SERVER/tmp"
+ if t == "libsmbclient.list_shares":
+ url = "smb://$USERNAME:$PASSWORD@$SERVER"
+ if t == "libsmbclient.utimes":
+ url += "/utimes.txt"
+
+ libsmbclient_testargs = [
+ '//$SERVER/tmp',
+ '-U$USERNAME%$PASSWORD',
+ "--option=torture:smburl=" + url,
+ "--option=torture:replace_smbconf="
+ "%s/testdata/samba3/smb_new.conf" % srcdir()
+ ]
+
+ for proto in protocols:
+ plansmbtorture4testsuite(
+ t,
+ "nt4_dc" if proto == "SMB3" else "nt4_dc_smb1_done",
+ libsmbclient_testargs +
+ [ "--option=torture:clientprotocol=%s" % proto],
+ "samba4.%s.%s" % (t, proto))
+
+url = "smb://baduser:invalidpw@$SERVER/tmpguest"
+t = "libsmbclient.noanon_list"
+libsmbclient_testargs = [
+ '//$SERVER/tmpguest',
+ '-U$USERNAME%$PASSWORD',
+ "--option=torture:smburl=" + url,
+ "--option=torture:replace_smbconf="
+ "%s/testdata/samba3/smb_new.conf" % srcdir()
+ ]
+for proto in protocols:
+ plansmbtorture4testsuite(t,
+ "maptoguest",
+ libsmbclient_testargs +
+ [ "--option=torture:clientprotocol=%s" % proto],
+ "samba4.%s.baduser.%s" % (t, proto))
+
+plansmbtorture4testsuite("raw.qfileinfo.ipc", "ad_dc_ntvfs", '//$SERVER/ipc\$ -U$USERNAME%$PASSWORD')
+
+for t in smbtorture4_testsuites("rap."):
+ plansmbtorture4testsuite(t, "ad_dc_ntvfs", '//$SERVER/IPC\$ -U$USERNAME%$PASSWORD')
+
+# Tests against the NTVFS CIFS backend
+for t in base + raw:
+ plansmbtorture4testsuite(t, "ad_dc_ntvfs", ['//$NETBIOSNAME/cifs', '-U$USERNAME%$PASSWORD', '--kerberos=yes'] + ntvfsargs, modname="samba4.ntvfs.cifs.krb5.%s" % t)
+
+# Test NTVFS CIFS backend with S4U2Self and S4U2Proxy
+t = "base.unlink"
+plansmbtorture4testsuite(t, "ad_dc_ntvfs", ['//$NETBIOSNAME/cifs', '-U$USERNAME%$PASSWORD', '--kerberos=no'] + ntvfsargs, "samba4.ntvfs.cifs.ntlm.%s" % t)
+plansmbtorture4testsuite(t, "rpc_proxy", ['//$NETBIOSNAME/cifs_to_dc', '-U$DC_USERNAME%$DC_PASSWORD', '--kerberos=yes'] + ntvfsargs, "samba4.ntvfs.cifs.krb5.%s" % t)
+plansmbtorture4testsuite(t, "rpc_proxy", ['//$NETBIOSNAME/cifs_to_dc', '-U$DC_USERNAME%$DC_PASSWORD', '--kerberos=no'] + ntvfsargs, "samba4.ntvfs.cifs.ntlm.%s" % t)
+
+plansmbtorture4testsuite('echo.udp', 'ad_dc_ntvfs:local', '//$SERVER/whatever')
+
+# Local tests
+for t in smbtorture4_testsuites("local."):
+ # The local.resolve test needs a name to look up using real system (not emulated) name routines
+ plansmbtorture4testsuite(t, "none", "ncalrpc:localhost")
+
+# Confirm these tests with the system iconv too
+for t in ["local.convert_string_handle", "local.convert_string", "local.ndr"]:
+ options = "ncalrpc: --option='iconv:use_builtin_handlers=false'"
+ plansmbtorture4testsuite(t, "none", options,
+ modname="samba4.%s.system.iconv" % t)
+
+tdbtorture4 = binpath("tdbtorture")
+if os.path.exists(tdbtorture4):
+ plantestsuite("tdb.stress", "none", valgrindify(tdbtorture4))
+else:
+ skiptestsuite("tdb.stress", "Using system TDB, tdbtorture not available")
+
+plansmbtorture4testsuite("drs.unit", "none", "ncalrpc:")
+
+# Pidl tests
+for f in sorted(os.listdir(os.path.join(samba4srcdir, "../pidl/tests"))):
+ if f.endswith(".pl"):
+ planperltestsuite("pidl.%s" % f[:-3], os.path.normpath(os.path.join(samba4srcdir, "../pidl/tests", f)))
+
+# DNS tests
+plantestsuite_loadlist("samba.tests.dns", "fl2003dc:local", [python, os.path.join(srcdir(), "python/samba/tests/dns.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+plantestsuite_loadlist("samba.tests.dns", "rodc:local", [python, os.path.join(srcdir(), "python/samba/tests/dns.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+plantestsuite_loadlist("samba.tests.dns", "vampire_dc:local", [python, os.path.join(srcdir(), "python/samba/tests/dns.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba.tests.dns_aging", "fl2003dc:local",
+ [python,
+ f"{srcdir()}/python/samba/tests/dns_aging.py",
+ '$SERVER',
+ '$SERVER_IP',
+ '--machine-pass',
+ '-U"$USERNAME%$PASSWORD"',
+ '--workgroup=$DOMAIN',
+ '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba.tests.dns_forwarder", "fl2003dc:local", [python, os.path.join(srcdir(), "python/samba/tests/dns_forwarder.py"), '$SERVER', '$SERVER_IP', '$DNS_FORWARDER1', '$DNS_FORWARDER2', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba.tests.dns_tkey", "fl2008r2dc", [python, os.path.join(srcdir(), "python/samba/tests/dns_tkey.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+plantestsuite_loadlist("samba.tests.dns_wildcard", "ad_dc", [python, os.path.join(srcdir(), "python/samba/tests/dns_wildcard.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba.tests.dns_invalid", "ad_dc", [python, os.path.join(srcdir(), "python/samba/tests/dns_invalid.py"), '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba.tests.dns_packet",
+ "ad_dc",
+ [python,
+ '-msamba.subunit.run',
+ '$LOADLIST',
+ "$LISTOPT"
+ "samba.tests.dns_packet"
+ ])
+
+plantestsuite_loadlist("samba.tests.sddl",
+ "none",
+ [python,
+ '-msamba.subunit.run',
+ '$LOADLIST',
+ "$LISTOPT"
+ "samba.tests.sddl"
+ ])
+
+for t in smbtorture4_testsuites("dns_internal."):
+ plansmbtorture4testsuite(t, "ad_dc_default:local", '//$SERVER/whavever')
+
+# Local tests
+for t in smbtorture4_testsuites("dlz_bind9."):
+ # The dlz_bind9 tests needs to look at the DNS database
+ plansmbtorture4testsuite(t, "chgdcpass:local", ["ncalrpc:$SERVER", '-U$USERNAME%$PASSWORD'])
+
+planpythontestsuite("nt4_dc_smb1", "samba.tests.libsmb")
+
+planpythontestsuite("ad_member", "samba.tests.smb-notify",
+ environ={'USERNAME':'$DC_USERNAME',
+ 'PASSWORD':'$DC_PASSWORD',
+ 'USERNAME_UNPRIV':'alice',
+ 'PASSWORD_UNPRIV':'Secret007',
+ 'STRICT_CHECKING':'0',
+ 'NOTIFY_SHARE':'notify_priv'})
+
+# Blackbox Tests:
+# tests that interact directly with the command-line tools rather than using
+# the API. These mainly test that the various command-line options of commands
+# work correctly.
+
+# smbtorture --fullname parameter test
+plantestsuite("samba4.blackbox.smbtorture_subunit_names", "none",
+ [
+ os.path.join(bbdir, "test_smbtorture_test_names.sh"),
+ smbtorture4
+ ])
+
+for env in ["ad_member", "ad_dc_ntvfs", "chgdcpass"]:
+ plantestsuite("samba4.blackbox.smbclient(%s:local)" % env, "%s:local" % env, [os.path.join(samba4srcdir, "utils/tests/test_smbclient.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$DOMAIN', smbclient4])
+
+plantestsuite("samba4.blackbox.samba_tool(ad_dc_default:local)", "ad_dc_default:local", [os.path.join(samba4srcdir, "utils/tests/test_samba_tool.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$DOMAIN', smbclient3])
+plantestsuite("samba4.blackbox.net_rpc_user(ad_dc)", "ad_dc", [os.path.join(bbdir, "test_net_rpc_user.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN'])
+
+plantestsuite("samba4.blackbox.test_primary_group", "ad_dc:local", [os.path.join(bbdir, "test_primary_group.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', '$PREFIX_ABS'])
+
+plantestsuite("samba4.blackbox.test_old_enctypes", "fl2003dc:local", [os.path.join(bbdir, "test_old_enctypes.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$NETBIOSNAME', '$PREFIX_ABS'])
+
+if have_heimdal_support:
+ plantestsuite("samba4.blackbox.kinit", "ad_dc_ntvfs:local", [os.path.join(bbdir, "test_kinit_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', "aes256-cts-hmac-sha1-96", smbclient4, configuration])
+ plantestsuite("samba4.blackbox.kinit", "fl2000dc:local", [os.path.join(bbdir, "test_kinit_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', "arcfour-hmac-md5", smbclient3, configuration])
+ plantestsuite("samba4.blackbox.kinit", "fl2008r2dc:local", [os.path.join(bbdir, "test_kinit_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', "aes256-cts-hmac-sha1-96", smbclient3, configuration])
+ plantestsuite("samba4.blackbox.kinit_trust", "fl2008r2dc:local", [os.path.join(bbdir, "test_kinit_trusts_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "forest", "aes256-cts-hmac-sha1-96"])
+ plantestsuite("samba4.blackbox.kinit_trust", "fl2003dc:local", [os.path.join(bbdir, "test_kinit_trusts_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external", "arcfour-hmac-md5"])
+ plantestsuite("samba4.blackbox.kinit_trust", "fl2000dc:local", [os.path.join(bbdir, "test_kinit_trusts_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external", "arcfour-hmac-md5"])
+ plantestsuite("samba4.blackbox.export.keytab", "ad_dc_ntvfs:local", [os.path.join(bbdir, "test_export_keytab_heimdal.sh"), '$SERVER', '$USERNAME', '$REALM', '$DOMAIN', "$PREFIX", smbclient4])
+ plantestsuite("samba4.blackbox.kpasswd", "ad_dc_ntvfs:local", [os.path.join(bbdir, "test_kpasswd_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_ntvfs"])
+ plantestsuite("samba4.blackbox.krb5.s4u", "fl2008r2dc:local", [os.path.join(bbdir, "test_s4u_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', configuration])
+else:
+ plantestsuite("samba4.blackbox.kinit", "ad_dc_ntvfs:local", [os.path.join(bbdir, "test_kinit_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', smbclient4, configuration])
+ plantestsuite("samba4.blackbox.kinit", "fl2000dc:local", [os.path.join(bbdir, "test_kinit_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', smbclient3, configuration])
+ plantestsuite("samba4.blackbox.kinit", "fl2008r2dc:local", [os.path.join(bbdir, "test_kinit_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', smbclient3, configuration])
+ plantestsuite("samba4.blackbox.kinit_trust", "fl2008r2dc:local", [os.path.join(bbdir, "test_kinit_trusts_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "forest"])
+ plantestsuite("samba4.blackbox.kinit_trust", "fl2003dc:local", [os.path.join(bbdir, "test_kinit_trusts_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external"])
+ plantestsuite("samba4.blackbox.kinit_trust", "fl2000dc:local", [os.path.join(bbdir, "test_kinit_trusts_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external"])
+ plantestsuite("samba4.blackbox.export.keytab", "ad_dc_ntvfs:local", [os.path.join(bbdir, "test_export_keytab_mit.sh"), '$SERVER', '$USERNAME', '$REALM', '$DOMAIN', "$PREFIX", smbclient4])
+ plantestsuite("samba4.blackbox.kpasswd", "ad_dc_ntvfs:local", [os.path.join(bbdir, "test_kpasswd_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_ntvfs"])
+
+plantestsuite("samba4.blackbox.pkinit_simple",
+ "ad_dc:local",
+ [os.path.join(bbdir, "test_pkinit_simple.sh"),
+ '$SERVER',
+ 'pkinit',
+ '$PASSWORD',
+ '$REALM',
+ '$DOMAIN',
+ '$PREFIX/ad_dc',
+ smbclient3,
+ configuration])
+plantestsuite("samba4.blackbox.pkinit_pac",
+ "ad_dc:local",
+ [os.path.join(bbdir, "test_pkinit_pac.sh"),
+ '$SERVER',
+ '$USERNAME',
+ '$PASSWORD',
+ '$REALM',
+ '$DOMAIN',
+ '$PREFIX/ad_dc',
+ configuration])
+
+plantestsuite("samba.blackbox.client_kerberos", "ad_dc", [os.path.join(bbdir, "test_client_kerberos.sh"), '$DOMAIN', '$REALM', '$USERNAME', '$PASSWORD', '$SERVER', '$PREFIX_ABS', '$SMB_CONF_PATH'])
+
+env="ad_member:local"
+plantestsuite("samba.blackbox.rpcclient_schannel",
+ env,
+ [os.path.join(bbdir, "test_rpcclient_schannel.sh"),
+ '$DOMAIN',
+ '$REALM',
+ '$DC_USERNAME',
+ '$DC_PASSWORD',
+ '$DC_SERVER',
+ '$PREFIX_ABS',
+ '$SMB_CONF_PATH',
+ env])
+env="ad_member_fips:local"
+plantestsuite("samba.blackbox.rpcclient_schannel",
+ env,
+ [os.path.join(bbdir, "test_rpcclient_schannel.sh"),
+ '$DOMAIN',
+ '$REALM',
+ '$DC_USERNAME',
+ '$DC_PASSWORD',
+ '$DC_SERVER',
+ '$PREFIX_ABS',
+ '$SMB_CONF_PATH',
+ env],
+ environ={'GNUTLS_FORCE_FIPS_MODE': '1',
+ 'OPENSSL_FORCE_FIPS_MODE': '1'})
+
+plantestsuite("samba4.blackbox.trust_ntlm", "fl2008r2dc:local", [os.path.join(bbdir, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', 'forest', 'auto', 'NT_STATUS_LOGON_FAILURE'])
+plantestsuite("samba4.blackbox.trust_ntlm", "fl2003dc:local", [os.path.join(bbdir, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', 'external', 'auto', 'NT_STATUS_LOGON_FAILURE'])
+plantestsuite("samba4.blackbox.trust_ntlm", "fl2000dc:local", [os.path.join(bbdir, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', 'external', 'auto', 'NT_STATUS_LOGON_FAILURE'])
+plantestsuite("samba4.blackbox.trust_ntlm", "ad_member:local", [os.path.join(bbdir, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$SERVER', '$SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$REALM', '$DOMAIN', 'member', 'auto', 'NT_STATUS_LOGON_FAILURE'])
+plantestsuite("samba4.blackbox.trust_ntlm", "nt4_member:local", [os.path.join(bbdir, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$SERVER', '$SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$DOMAIN', '$DOMAIN', 'member', 'auto', 'NT_STATUS_LOGON_FAILURE'])
+
+plantestsuite("samba4.blackbox.trust_utils(fl2008r2dc:local)", "fl2008r2dc:local", [os.path.join(bbdir, "test_trust_utils.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "forest"])
+plantestsuite("samba4.blackbox.trust_utils(fl2003dc:local)", "fl2003dc:local", [os.path.join(bbdir, "test_trust_utils.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external"])
+plantestsuite("samba4.blackbox.trust_utils(fl2000dc:local)", "fl2000dc:local", [os.path.join(bbdir, "test_trust_utils.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external"])
+plantestsuite("samba4.blackbox.trust_token", "fl2008r2dc", [os.path.join(bbdir, "test_trust_token.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$DOMSID', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$TRUST_DOMSID', 'forest'])
+plantestsuite("samba4.blackbox.trust_token", "fl2003dc", [os.path.join(bbdir, "test_trust_token.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$DOMSID', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$TRUST_DOMSID', 'external'])
+plantestsuite("samba4.blackbox.trust_token", "fl2000dc", [os.path.join(bbdir, "test_trust_token.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$DOMSID', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$TRUST_DOMSID', 'external'])
+plantestsuite("samba4.blackbox.ktpass(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(bbdir, "test_ktpass.sh"), '$PREFIX/ad_dc_ntvfs'])
+plantestsuite("samba4.blackbox.password_settings(ad_dc_ntvfs:local)", "ad_dc_ntvfs:local", [os.path.join(bbdir, "test_password_settings.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_ntvfs"])
+plantestsuite("samba4.blackbox.trust_user_account", "fl2008r2dc:local", [os.path.join(bbdir, "test_trust_user_account.sh"), '$PREFIX', '$REALM', '$DOMAIN', '$TRUST_REALM', '$TRUST_DOMAIN'])
+plantestsuite("samba4.blackbox.cifsdd(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(samba4srcdir, "client/tests/test_cifsdd.sh"), '$SERVER', '$USERNAME', '$PASSWORD', "$DOMAIN"])
+plantestsuite("samba4.blackbox.nmblookup(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(samba4srcdir, "utils/tests/test_nmblookup.sh"), '$NETBIOSNAME', '$NETBIOSALIAS', '$SERVER', '$SERVER_IP', nmblookup4])
+plantestsuite("samba4.blackbox.locktest(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(samba4srcdir, "torture/tests/test_locktest.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', '$PREFIX'])
+plantestsuite("samba4.blackbox.masktest", "ad_dc_ntvfs", [os.path.join(samba4srcdir, "torture/tests/test_masktest.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', '$PREFIX'])
+plantestsuite("samba4.blackbox.gentest(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(samba4srcdir, "torture/tests/test_gentest.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', "$PREFIX"])
+plantestsuite("samba4.blackbox.rfc2307_mapping(ad_dc_ntvfs:local)", "ad_dc_ntvfs:local", [os.path.join(samba4srcdir, "../nsswitch/tests/test_rfc2307_mapping.sh"), '$DOMAIN', '$USERNAME', '$PASSWORD', "$SERVER", "$UID_RFC2307TEST", "$GID_RFC2307TEST", configuration])
+plantestsuite("samba4.blackbox.chgdcpass", "chgdcpass", [os.path.join(bbdir, "test_chgdcpass.sh"), '$SERVER', "CHGDCPASS\$", '$REALM', '$DOMAIN', '$PREFIX/chgdcpass', "aes256-cts-hmac-sha1-96", '$PREFIX/chgdcpass', smbclient3])
+plantestsuite("samba4.blackbox.samba_upgradedns(chgdcpass:local)", "chgdcpass:local", [os.path.join(bbdir, "test_samba_upgradedns.sh"), '$SERVER', '$REALM', '$PREFIX', '$SELFTEST_PREFIX/chgdcpass'])
+plantestsuite("samba4.blackbox.net_ads", "ad_dc:client", [os.path.join(bbdir, "test_net_ads.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS'])
+plantestsuite("samba4.blackbox.net_offlinejoin", "ad_dc:client", [os.path.join(bbdir, "test_net_offline.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS'])
+plantestsuite("samba4.blackbox.client_etypes_all(ad_dc:client)", "ad_dc:client", [os.path.join(bbdir, "test_client_etypes.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS', 'all', '17_18_23'])
+plantestsuite("samba4.blackbox.client_etypes_legacy(ad_dc:client)", "ad_dc:client", [os.path.join(bbdir, "test_client_etypes.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS', 'legacy', '23'])
+plantestsuite("samba4.blackbox.client_etypes_strong(ad_dc:client)", "ad_dc:client", [os.path.join(bbdir, "test_client_etypes.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS', 'strong', '17_18'])
+plantestsuite("samba4.blackbox.net_ads_dns(ad_member:local)", "ad_member:local", [os.path.join(bbdir, "test_net_ads_dns.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$REALM', '$USERNAME', '$PASSWORD'])
+plantestsuite("samba4.blackbox.samba-tool_ntacl(ad_member:local)", "ad_member:local", [os.path.join(bbdir, "test_samba-tool_ntacl.sh"), '$PREFIX', '$DOMSID'])
+
+env = "ad_member:local"
+plantestsuite("samba4.blackbox.net_ads_search_server_P.primary", env,
+ [os.path.join(bbdir, "test_net_ads_search_server.sh"),
+ '$DC_SERVER', '$REALM'])
+plantestsuite("samba4.blackbox.net_ads_search_server_P.trust_e_both", env,
+ [os.path.join(bbdir, "test_net_ads_search_server.sh"),
+ '$TRUST_E_BOTH_SERVER', '$TRUST_E_BOTH_REALM'])
+plantestsuite("samba4.blackbox.net_ads_search_server_P.trust_f_both", env,
+ [os.path.join(bbdir, "test_net_ads_search_server.sh"),
+ '$TRUST_F_BOTH_SERVER', '$TRUST_F_BOTH_REALM'])
+
+if have_gnutls_fips_mode_support:
+ plantestsuite("samba4.blackbox.weak_crypto.client", "ad_dc", [os.path.join(bbdir, "test_weak_crypto.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc"])
+ plantestsuite("samba4.blackbox.test_weak_disable_ntlmssp_ldap", "ad_member:local", [os.path.join(bbdir, "test_weak_disable_ntlmssp_ldap.sh"),'$DC_USERNAME', '$DC_PASSWORD'])
+
+ for env in ["ad_dc_fips", "ad_member_fips"]:
+ plantestsuite("samba4.blackbox.weak_crypto.server",
+ env,
+ [os.path.join(bbdir, "test_weak_crypto_server.sh"),
+ '$SERVER',
+ '$USERNAME',
+ '$PASSWORD',
+ '$REALM',
+ '$DOMAIN',
+ "$PREFIX/ad_dc_fips",
+ configuration],
+ environ={'GNUTLS_FORCE_FIPS_MODE': '1',
+ 'OPENSSL_FORCE_FIPS_MODE': '1'})
+
+ plantestsuite("samba4.blackbox.net_ads_fips",
+ "ad_dc_fips:client",
+ [os.path.join(bbdir, "test_net_ads_fips.sh"),
+ '$DC_SERVER',
+ '$DC_USERNAME',
+ '$DC_PASSWORD',
+ '$PREFIX_ABS'],
+ environ={'GNUTLS_FORCE_FIPS_MODE': '1',
+ 'OPENSSL_FORCE_FIPS_MODE': '1'})
+
+ t = "--krb5auth=$DOMAIN/$DC_USERNAME%$DC_PASSWORD"
+ plantestsuite("samba3.wbinfo_simple.fips.%s" % t,
+ "ad_member_fips:local",
+ [os.path.join(srcdir(), "nsswitch/tests/test_wbinfo_simple.sh"), t],
+ environ={'GNUTLS_FORCE_FIPS_MODE': '1',
+ 'OPENSSL_FORCE_FIPS_MODE': '1'})
+ plantestsuite("samba4.wbinfo_name_lookup.fips",
+ "ad_member_fips",
+ [os.path.join(srcdir(), "nsswitch/tests/test_wbinfo_name_lookup.sh"),
+ '$DOMAIN',
+ '$REALM',
+ '$DC_USERNAME'],
+ environ={'GNUTLS_FORCE_FIPS_MODE': '1',
+ 'OPENSSL_FORCE_FIPS_MODE': '1'})
+
+ plansmbtorture4testsuite('rpc.fips.netlogon.crypto',
+ 'ad_dc_fips',
+ ['ncacn_np:$SERVER[krb5]',
+ '-U$USERNAME%$PASSWORD',
+ '--workgroup=$DOMAIN',
+ '--client-protection=encrypt'],
+ 'samba4.rpc.fips.netlogon.crypto',
+ environ={'GNUTLS_FORCE_FIPS_MODE': '1',
+ 'OPENSSL_FORCE_FIPS_MODE': '1'})
+
+plansmbtorture4testsuite('rpc.echo', "ad_dc_ntvfs", ['ncacn_np:$NETBIOSALIAS', '-U$DOMAIN/$USERNAME%$PASSWORD'], "samba4.rpc.echo against NetBIOS alias")
+
+# Test wbinfo trust auth
+for env in ["ad_member_oneway:local", "fl2000dc:local", "fl2003dc:local", "fl2008r2dc:local"]:
+ for t in ["--krb5auth=$TRUST_REALM/$TRUST_USERNAME%$TRUST_PASSWORD",
+ "--krb5auth=$TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD",
+ "--authenticate=$TRUST_REALM/$TRUST_USERNAME%$TRUST_PASSWORD",
+ "--authenticate=$TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD"]:
+ plantestsuite("samba3.wbinfo_simple.trust:%s" % t, env, [os.path.join(srcdir(), "nsswitch/tests/test_wbinfo_simple.sh"), t])
+
+# json tests hook into ``chgdcpass'' to make them run in contributor CI on
+# gitlab
+planpythontestsuite("chgdcpass", "samba.tests.blackbox.netads_json")
+
+# Tests using the "Simple" NTVFS backend
+for t in ["base.rw1"]:
+ plansmbtorture4testsuite(t, "ad_dc_ntvfs", ["//$SERVER/simple", '-U$USERNAME%$PASSWORD'], modname="samba4.ntvfs.simple.%s" % t)
+
+# Domain S4member Tests
+plansmbtorture4testsuite('rpc.echo', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], "samba4.rpc.echo against s4member server with local creds")
+plansmbtorture4testsuite('rpc.echo', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'], "samba4.rpc.echo against s4member server with domain creds")
+plansmbtorture4testsuite('rpc.samr', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], "samba4.rpc.samr against s4member server with local creds")
+plansmbtorture4testsuite('rpc.samr.users', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], "samba4.rpc.samr.users against s4member server with local creds",)
+plansmbtorture4testsuite('rpc.samr.passwords.default',
+ "s4member",
+ ['ncacn_np:$NETBIOSNAME',
+ '-U$NETBIOSNAME/$USERNAME%$PASSWORD'],
+ "samba4.rpc.samr.passwords.default against s4member server with local creds")
+plantestsuite("samba4.blackbox.smbclient against s4member server with local creds", "s4member", [os.path.join(samba4srcdir, "client/tests/test_smbclient.sh"), '$NETBIOSNAME', '$USERNAME', '$PASSWORD', '$NETBIOSNAME', '$PREFIX', smbclient4])
+
+# RPC Proxy
+plansmbtorture4testsuite("rpc.echo", "rpc_proxy", ['ncacn_ip_tcp:$NETBIOSNAME', '-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'], modname="samba4.rpc.echo against rpc proxy with domain creds")
+
+# Tests SMB signing
+for mech in [
+ "-k no",
+ "-k no --option=clientusespnego=no",
+ "-k no --option=gensec:spengo=no",
+ "-k yes",
+ "-k yes --option=gensec:fake_gssapi_krb5=yes --option=gensec:gssapi_krb5=no"]:
+ for signing in ["--option=clientsigning=desired", "--option=clientsigning=required"]:
+ signoptions = "%s %s" % (mech, signing)
+ name = "smb.signing on with %s" % signoptions
+ plansmbtorture4testsuite('base.xcopy', "ad_dc_ntvfs", ['//$NETBIOSNAME/xcopy_share', signoptions, '-U$USERNAME%$PASSWORD'], modname="samba4.%s" % name)
+
+for mech in [
+ "-k no",
+ "-k no --option=clientusespnego=no",
+ "-k no --option=gensec:spengo=no",
+ "-k yes"]:
+ signoptions = "%s --client-protection=off" % mech
+ name = "smb.signing disabled on with %s" % signoptions
+ plansmbtorture4testsuite('base.xcopy', "ad_member", ['//$NETBIOSNAME/xcopy_share', signoptions, '-U$DC_USERNAME%$DC_PASSWORD'], "samba4.%s domain-creds" % name)
+ plansmbtorture4testsuite('base.xcopy', "ad_dc", ['//$NETBIOSNAME/xcopy_share', signoptions, '-U$USERNAME%$PASSWORD'], "samba4.%s" % name)
+ plansmbtorture4testsuite('base.xcopy', "ad_dc",
+ ['//$NETBIOSNAME/xcopy_share', signoptions, '-U$DC_USERNAME%$DC_PASSWORD'], "samba4.%s administrator" % name)
+
+plantestsuite("samba4.blackbox.bogusdomain", "ad_member", ["testprogs/blackbox/bogus.sh", "$NETBIOSNAME", "xcopy_share", '$USERNAME', '$PASSWORD', '$DC_USERNAME', '$DC_PASSWORD', smbclient3])
+for mech in [
+ "-k no",
+ "-k no --option=clientusespnego=no",
+ "-k no --option=gensec:spengo=no"]:
+ signoptions = "%s --client-protection=off" % mech
+ plansmbtorture4testsuite('base.xcopy', "s4member", ['//$NETBIOSNAME/xcopy_share', signoptions, '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], modname="samba4.smb.signing on with %s local-creds" % signoptions)
+
+plansmbtorture4testsuite('base.xcopy', "ad_dc_ntvfs", ['//$NETBIOSNAME/xcopy_share', '-k', 'no', '--option=clientsigning=desired', '-U%'], modname="samba4.smb.signing --option=clientsigning=desired anon")
+plansmbtorture4testsuite('base.xcopy', "ad_dc_ntvfs", ['//$NETBIOSNAME/xcopy_share', '-k', 'no', '--option=clientsigning=required', '-U%'], modname="samba4.smb.signing --option=clientsigning=required anon")
+plansmbtorture4testsuite('base.xcopy', "s4member", ['//$NETBIOSNAME/xcopy_share', '-k', 'no', '--option=clientsigning=disabled', '-U%'], modname="samba4.smb.signing --option=clientsigning=disabled anon")
+
+# Test SPNEGO without issuing an optimistic token
+opt='--option=spnego:client_no_optimistic=yes'
+plansmbtorture4testsuite('base.xcopy', "ad_dc_smb1", ['//$NETBIOSNAME/xcopy_share', '-U$USERNAME%$PASSWORD', opt, '-k', 'no'], modname="samba4.smb.spnego.ntlmssp.no_optimistic")
+plansmbtorture4testsuite('base.xcopy', "ad_dc_smb1", ['//$NETBIOSNAME/xcopy_share', '-U$USERNAME%$PASSWORD', opt, '-k', 'yes'], modname="samba4.smb.spnego.krb5.no_optimistic")
+
+wb_opts_default = ["--option=\"torture:strict mode=no\"", "--option=\"torture:timelimit=1\"", "--option=\"torture:winbindd_separator=/\"", "--option=\"torture:winbindd_netbios_name=$SERVER\"", "--option=\"torture:winbindd_netbios_domain=$DOMAIN\""]
+
+winbind_ad_client_tests = smbtorture4_testsuites("winbind.struct") + smbtorture4_testsuites("winbind.pac")
+winbind_wbclient_tests = smbtorture4_testsuites("winbind.wbclient")
+for env in ["ad_dc", "ad_member", "nt4_member"]:
+ wb_opts = wb_opts_default[:]
+ if env in ["ad_member"]:
+ wb_opts += ["--option=\"torture:winbindd_domain_without_prefix=$DOMAIN\""]
+ for t in winbind_ad_client_tests:
+ plansmbtorture4testsuite(t, "%s:local" % env, wb_opts + ['//$SERVER/tmp', '--realm=$REALM', '--machine-pass', '--option=torture:addc=$DC_SERVER'])
+
+for env in ["nt4_dc", "fl2003dc"]:
+ for t in winbind_wbclient_tests:
+ plansmbtorture4testsuite(t, "%s:local" % env, '//$SERVER/tmp -U$DC_USERNAME%$DC_PASSWORD')
+
+for env in ["nt4_dc", "nt4_member", "ad_dc", "ad_member", "chgdcpass", "rodc"]:
+ tests = ["--ping", "--separator",
+ "--own-domain",
+ "--all-domains",
+ "--trusted-domains",
+ "--domain-info=BUILTIN",
+ "--domain-info=$DOMAIN",
+ "--online-status",
+ "--online-status --domain=BUILTIN",
+ "--online-status --domain=$DOMAIN",
+ "--check-secret --domain=$DOMAIN",
+ "--change-secret --domain=$DOMAIN",
+ "--check-secret --domain=$DOMAIN",
+ "--online-status --domain=$DOMAIN",
+ "--domain-users",
+ "--domain-groups",
+ "--name-to-sid=$DC_USERNAME",
+ "--name-to-sid=$DOMAIN/$DC_USERNAME",
+ "--user-info=$DOMAIN/$DC_USERNAME",
+ "--user-groups=$DOMAIN/$DC_USERNAME",
+ "--authenticate=$DOMAIN/$DC_USERNAME%$DC_PASSWORD",
+ "--allocate-uid",
+ "--allocate-gid"]
+
+ for t in tests:
+ plantestsuite("samba.wbinfo_simple.%s" % (t.replace(" --", ".").replace("--", "")), "%s:local" % env, [os.path.join(srcdir(), "nsswitch/tests/test_wbinfo_simple.sh"), t])
+
+ plantestsuite(
+ "samba.wbinfo_sids2xids.(%s:local)" % env, "%s:local" % env,
+ [os.path.join(samba3srcdir, "script/tests/test_wbinfo_sids2xids.sh")])
+
+ planpythontestsuite(env + ":local", "samba.tests.ntlm_auth")
+
+plantestsuite(
+ "samba.wbinfo_u_large_ad.(ad_dc:local)",
+ "ad_dc:local",
+ [os.path.join(samba3srcdir, "script/tests/test_wbinfo_u_large_ad.sh")])
+
+for env in ["ktest"]:
+ planpythontestsuite(env + ":local", "samba.tests.ntlm_auth_krb5")
+
+for env in ["s4member_dflt_domain", "s4member"]:
+ for cmd in ["id", "getent"]:
+ users = ["$DC_USERNAME", "$DC_USERNAME@$REALM"]
+ if env == "s4member":
+ users = ["$DOMAIN/$DC_USERNAME", "$DC_USERNAME@$REALM"]
+ for usr in users:
+ plantestsuite("samba4.winbind.dom_name_parse.cmd", env, "%s/dom_parse.sh %s %s" % (bbdir, cmd, usr))
+
+nsstest4 = binpath("nsstest")
+for env in ["ad_dc:local", "s4member:local", "nt4_dc:local", "ad_member:local", "nt4_member:local"]:
+ if os.path.exists(nsstest4):
+ plantestsuite("samba.nss.test using winbind(%s)" % env, env, [os.path.join(bbdir, "nsstest.sh"), nsstest4, os.path.join(samba4bindir, "plugins/libnss_wrapper_winbind.so.2")])
+ else:
+ skiptestsuite("samba.nss.test using winbind(%s)" % env, "nsstest not available")
+
+subunitrun = valgrindify(python) + " " + os.path.join(samba4srcdir, "scripting/bin/subunitrun")
+
+
+def planoldpythontestsuite(env, module, name=None, extra_path=[], environ={}, extra_args=[]):
+ environ = dict(environ)
+ py_path = list(extra_path)
+ if py_path:
+ environ["PYTHONPATH"] = ":".join(["$PYTHONPATH"] + py_path)
+ args = ["%s=%s" % item for item in environ.items()]
+ args += [subunitrun, "$LISTOPT", "$LOADLIST", module]
+ args += extra_args
+ if name is None:
+ name = module
+ plantestsuite_loadlist(name, env, args)
+
+if have_gnutls_fips_mode_support:
+ planoldpythontestsuite("ad_dc",
+ "samba.tests.dcerpc.createtrustrelax",
+ environ={'GNUTLS_FORCE_FIPS_MODE': '1',
+ 'OPENSSL_FORCE_FIPS_MODE': '1'})
+ planoldpythontestsuite("ad_dc_fips",
+ "samba.tests.dcerpc.createtrustrelax",
+ environ={'GNUTLS_FORCE_FIPS_MODE': '1',
+ 'OPENSSL_FORCE_FIPS_MODE': '1'})
+
+# Run complex search expressions test once for each database backend.
+# Right now ad_dc has mdb and ad_dc_ntvfs has tdb
+mdb_testenv = "ad_dc"
+tdb_testenv = "ad_dc_ntvfs"
+for testenv in [mdb_testenv, tdb_testenv]:
+ planoldpythontestsuite(testenv, "samba.tests.complex_expressions", extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+planoldpythontestsuite("ad_dc_default:local", "samba.tests.gensec", extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("none", "simple", extra_path=["%s/lib/tdb/python/tests" % srcdir()], name="tdb.python")
+planpythontestsuite("ad_dc_default:local", "samba.tests.dcerpc.sam")
+planpythontestsuite("ad_dc_default:local", "samba.tests.dsdb")
+planpythontestsuite("none", "samba.tests.dsdb_lock")
+planpythontestsuite("ad_dc_default:local", "samba.tests.dcerpc.bare")
+planpythontestsuite("ad_dc_default:local", "samba.tests.dcerpc.lsa")
+planpythontestsuite("ad_dc_default:local", "samba.tests.dcerpc.unix")
+planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.dcerpc.srvsvc")
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.timecmd")
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.join")
+planpythontestsuite("ad_member_s3_join", "samba.tests.samba_tool.join_member")
+planpythontestsuite("ad_dc_default",
+ "samba.tests.samba_tool.join_lmdb_size")
+planpythontestsuite("ad_dc_default",
+ "samba.tests.samba_tool.drs_clone_dc_data_lmdb_size")
+planpythontestsuite("ad_dc_default",
+ "samba.tests.samba_tool.promote_dc_lmdb_size")
+
+planpythontestsuite("none", "samba.tests.samba_tool.visualize")
+
+
+# test fsmo show
+for env in all_fl_envs:
+ planpythontestsuite(env + ":local", "samba.tests.samba_tool.fsmo")
+
+# test samba-tool user, group, contact and computer edit command
+for env in all_fl_envs:
+ env += ":local"
+ plantestsuite("samba.tests.samba_tool.user_edit", env, [os.path.join(srcdir(), "python/samba/tests/samba_tool/user_edit.sh"), '$SERVER', '$USERNAME', '$PASSWORD'])
+ plantestsuite("samba.tests.samba_tool.group_edit", env, [os.path.join(srcdir(), "python/samba/tests/samba_tool/group_edit.sh"), '$SERVER', '$USERNAME', '$PASSWORD'])
+ plantestsuite("samba.tests.samba_tool.contact_edit", env, [os.path.join(srcdir(), "python/samba/tests/samba_tool/contact_edit.sh"), '$SERVER', '$USERNAME', '$PASSWORD'])
+ plantestsuite("samba.tests.samba_tool.computer_edit", env, [os.path.join(srcdir(), "python/samba/tests/samba_tool/computer_edit.sh"), '$SERVER', '$USERNAME', '$PASSWORD'])
+
+# We run this test against both AD DC implementations because it is
+# the only test we have of GPO get/set behaviour, and this involves
+# the file server as well as the LDAP server.
+# It's also a good sanity-check that sysvol backup worked correctly.
+for env in ["ad_dc_ntvfs", "ad_dc", "offlinebackupdc", "renamedc",
+ smbv1_disabled_testenv]:
+ planpythontestsuite(env + ":local", "samba.tests.samba_tool.gpo")
+for env in ["ad_dc_ntvfs", "ad_dc"]:
+ planpythontestsuite(env + ":local", "samba.tests.samba_tool.gpo_exts")
+
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.processes")
+
+planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.samba_tool.user")
+for env in ["ad_dc_default:local", "ad_dc_no_ntlm:local"]:
+ planpythontestsuite(env, "samba.tests.samba_tool.user_wdigest")
+for env, nt_hash in [("ad_dc:local", True),
+ ("ad_dc_no_ntlm:local", False)]:
+ planpythontestsuite(env, "samba.tests.samba_tool.user",
+ environ={"EXPECT_NT_HASH": int(nt_hash)})
+ planpythontestsuite(env, "samba.tests.samba_tool.user_virtualCryptSHA_userPassword")
+ planpythontestsuite(env, "samba.tests.samba_tool.user_virtualCryptSHA_gpg")
+planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.user_check_password_script")
+
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.group")
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.ou")
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.computer")
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.contact")
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.forest")
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.schema")
+planpythontestsuite("schema_dc:local", "samba.tests.samba_tool.schema")
+planpythontestsuite("ad_dc:local", "samba.tests.samba_tool.ntacl")
+planpythontestsuite("none", "samba.tests.samba_tool.provision_password_check")
+planpythontestsuite("none", "samba.tests.samba_tool.provision_lmdb_size")
+planpythontestsuite("none", "samba.tests.samba_tool.provision_userPassword_crypt")
+planpythontestsuite("none", "samba.tests.samba_tool.help")
+# Make sure samba-tool can execute without import failures when run
+# without the ad-dc built. The fileserver test environment runs against
+# the samba-h5l-build autobuild. This build was chosen because it's
+# configured with --without-ad-dc and does not disable ads, which is
+# required to run some samba-tool commands.
+planpythontestsuite("fileserver", "samba.tests.samba_tool.help")
+
+planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.passwordsettings")
+planpythontestsuite("ad_dc:local", "samba.tests.samba_tool.dsacl")
+
+planpythontestsuite("none", "samba.tests.samba_upgradedns_lmdb")
+
+# Run these against chgdcpass to share the runtime load
+planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.sites")
+planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.dnscmd")
+
+# Run this against chgdcpass to ensure at least one python3 test
+# against this autobuild target (samba-ad-dc-2)
+planpythontestsuite("chgdcpass:local", "samba.tests.dcerpc.rpcecho")
+
+planoldpythontestsuite("nt4_dc", "samba.tests.netbios", extra_args=['-U"$USERNAME%$PASSWORD"'])
+test_bin = os.path.abspath(os.path.join(os.getenv('BINDIR', './bin'), '../python/samba/tests/bin'))
+planoldpythontestsuite("ad_dc:local", "samba.tests.gpo", extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'PATH':':'.join([test_bin, os.getenv('PATH', '')])})
+planoldpythontestsuite("ad_member", "samba.tests.gpo_member", extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc:local", "samba.tests.dckeytab", extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+planoldpythontestsuite("ad_dc", "samba.tests.sid_strings")
+
+# Run the import test in environments that may not have the ad-dc built
+for env in ['fileserver_smb1', 'nt4_member', 'clusteredmember', 'ktest', 'nt4_dc', 'nt4_dc_smb1_done', 'nt4_dc_smb1', 'simpleserver', 'fileserver_smb1_done', 'fileserver', 'maptoguest', 'nt4_dc_schannel']:
+ planoldpythontestsuite(env, "samba.tests.imports")
+
+have_fast_support = 1
+claims_support = 0
+compound_id_support = 0
+if ('SAMBA4_USES_HEIMDAL' in config_hash or
+ 'HAVE_MIT_KRB5_1_20' in config_hash):
+ tkt_sig_support = 1
+else:
+ tkt_sig_support = 0
+
+if 'SAMBA4_USES_HEIMDAL' in config_hash:
+ full_sig_support = 1
+else:
+ full_sig_support = 0
+
+gnutls_pbkdf2_support = int('HAVE_GNUTLS_PBKDF2' in config_hash)
+
+if 'HAVE_MIT_KRB5_1_20' in config_hash:
+ kadmin_is_tgs = 1
+else:
+ kadmin_is_tgs = 0
+
+expect_pac = int('SAMBA4_USES_HEIMDAL' in config_hash)
+extra_pac_buffers = int('SAMBA4_USES_HEIMDAL' in config_hash)
+check_cname = int('SAMBA4_USES_HEIMDAL' in config_hash)
+check_padata = int('SAMBA4_USES_HEIMDAL' in config_hash)
+krb5_environ = {
+ 'SERVICE_USERNAME': '$SERVER',
+ 'ADMIN_USERNAME': '$DC_USERNAME',
+ 'ADMIN_PASSWORD': '$DC_PASSWORD',
+ 'ADMIN_KVNO': '1',
+ 'FOR_USER': '$DC_USERNAME',
+ 'STRICT_CHECKING':'0',
+ 'FAST_SUPPORT': have_fast_support,
+ 'CLAIMS_SUPPORT': claims_support,
+ 'COMPOUND_ID_SUPPORT': compound_id_support,
+ 'TKT_SIG_SUPPORT': tkt_sig_support,
+ 'FULL_SIG_SUPPORT': full_sig_support,
+ 'GNUTLS_PBKDF2_SUPPORT': gnutls_pbkdf2_support,
+ 'EXPECT_PAC': expect_pac,
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname,
+ 'CHECK_PADATA': check_padata,
+ 'KADMIN_IS_TGS': kadmin_is_tgs,
+}
+planoldpythontestsuite("none", "samba.tests.krb5.kcrypto")
+planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.simple_tests",
+ environ=krb5_environ)
+for env, fast_support in [("ad_dc_default:local", True),
+ ("fl2003dc:local", False)]:
+ planoldpythontestsuite(env, "samba.tests.krb5.s4u_tests",
+ environ={
+ **krb5_environ,
+ 'FAST_SUPPORT': int(fast_support),
+ })
+planoldpythontestsuite("rodc:local", "samba.tests.krb5.rodc_tests",
+ environ=krb5_environ)
+
+planoldpythontestsuite("ad_dc_default", "samba.tests.dsdb_dns")
+
+planoldpythontestsuite("fl2008r2dc:local", "samba.tests.krb5.xrealm_tests",
+ environ=krb5_environ)
+
+planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.test_ccache",
+ environ=krb5_environ)
+planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.test_ldap",
+ environ=krb5_environ)
+for env in ['ad_dc_default', 'ad_member']:
+ planoldpythontestsuite(env, "samba.tests.krb5.test_rpc",
+ environ=krb5_environ)
+planoldpythontestsuite("ad_dc_smb1", "samba.tests.krb5.test_smb",
+ environ=krb5_environ)
+planoldpythontestsuite("ad_member_idmap_nss:local",
+ "samba.tests.krb5.test_min_domain_uid",
+ environ=krb5_environ)
+planoldpythontestsuite("ad_member_idmap_nss:local",
+ "samba.tests.krb5.test_idmap_nss",
+ environ={
+ **krb5_environ,
+ 'MAPPED_USERNAME': 'bob',
+ 'MAPPED_PASSWORD': 'Secret007',
+ 'UNMAPPED_USERNAME': 'jane',
+ 'UNMAPPED_PASSWORD': 'Secret007',
+ 'INVALID_USERNAME': 'joe',
+ 'INVALID_PASSWORD': 'Secret007',
+ })
+
+for env in ["ad_dc", smbv1_disabled_testenv]:
+ planoldpythontestsuite(env, "samba.tests.smb", extra_args=['-U"$USERNAME%$PASSWORD"'])
+ planoldpythontestsuite(env + ":local", "samba.tests.ntacls_backup",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+planoldpythontestsuite(
+ "ad_dc_ntvfs:local", "samba.tests.dcerpc.registry",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+planoldpythontestsuite("ad_dc_ntvfs", "samba.tests.dcerpc.dnsserver", extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc", "samba.tests.dcerpc.dnsserver", extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+for env in ["chgdcpass", "ad_member"]:
+ planoldpythontestsuite(env, "samba.tests.dcerpc.raw_protocol",
+ environ={"MAX_NUM_AUTH": "8",
+ "USERNAME": "$DC_USERNAME",
+ "PASSWORD": "$DC_PASSWORD"})
+
+if have_heimdal_support:
+ planoldpythontestsuite("ad_dc_smb1:local", "samba.tests.auth_log", extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'CLIENT_IP': '10.53.57.11',
+ 'SOCKET_WRAPPER_DEFAULT_IFACE': 11})
+ planoldpythontestsuite("ad_dc_ntvfs:local", "samba.tests.auth_log", extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'CLIENT_IP': '10.53.57.11',
+ 'SOCKET_WRAPPER_DEFAULT_IFACE': 11})
+ planoldpythontestsuite("ad_dc_smb1", "samba.tests.auth_log_pass_change",
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'GNUTLS_PBKDF2_SUPPORT': gnutls_pbkdf2_support})
+ planoldpythontestsuite("ad_dc_ntvfs", "samba.tests.auth_log_pass_change",
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'GNUTLS_PBKDF2_SUPPORT': gnutls_pbkdf2_support})
+
+ # these tests use a NCA local RPC connection, so always run on the
+ # :local testenv, and so don't need to fake a client connection
+ for env in ["ad_dc_ntvfs:local", "ad_dc:local"]:
+ planoldpythontestsuite(env, "samba.tests.auth_log_ncalrpc", extra_args=['-U"$USERNAME%$PASSWORD"'])
+ planoldpythontestsuite(env, "samba.tests.auth_log_samlogon",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+ planoldpythontestsuite(env, "samba.tests.auth_log_netlogon",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+ planoldpythontestsuite(env, "samba.tests.auth_log_netlogon_bad_creds",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+ planoldpythontestsuite("ad_member:local",
+ "samba.tests.auth_log_winbind",
+ extra_args=['-U"$DC_USERNAME%$DC_PASSWORD"'])
+ planoldpythontestsuite("ad_dc", "samba.tests.audit_log_pass_change",
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'GNUTLS_PBKDF2_SUPPORT': gnutls_pbkdf2_support})
+ planoldpythontestsuite("ad_dc", "samba.tests.audit_log_dsdb",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+ planoldpythontestsuite("ad_dc", "samba.tests.group_audit",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+planoldpythontestsuite("fl2008r2dc:local",
+ "samba.tests.getdcname",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+planoldpythontestsuite("ad_dc_smb1",
+ "samba.tests.net_join_no_spnego",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc",
+ "samba.tests.net_join",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc",
+ "samba.tests.s3_net_join",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc",
+ "samba.tests.segfault",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+# Need to test the password hashing in multiple environments to ensure that
+# all the possible options are covered
+#
+# ad_dc:local functional_level >= 2008, gpg keys available
+planoldpythontestsuite("ad_dc:local",
+ "samba.tests.password_hash_gpgme",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+# ad_dc_ntvfs:local functional level >= 2008, gpg keys not available
+planoldpythontestsuite("ad_dc_ntvfs:local",
+ "samba.tests.password_hash_fl2008",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+# fl2003dc:local functional level < 2008, gpg keys not available
+planoldpythontestsuite("fl2003dc:local",
+ "samba.tests.password_hash_fl2003",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+# ad_dc: wDigest values over ldap
+planoldpythontestsuite("ad_dc",
+ "samba.tests.password_hash_ldap",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+for env in ["ad_dc_backup", smbv1_disabled_testenv]:
+ planoldpythontestsuite(env + ":local", "samba.tests.domain_backup",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+planoldpythontestsuite("ad_dc",
+ "samba.tests.domain_backup_offline")
+# Encrypted secrets
+# ensure default provision (ad_dc) and join (vampire_dc)
+# encrypt secret values on disk.
+planoldpythontestsuite("ad_dc:local",
+ "samba.tests.encrypted_secrets",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("vampire_dc:local",
+ "samba.tests.encrypted_secrets",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+# The fl2000dc environment is provisioned with the --plaintext_secrets option
+# so this test will fail, which proves the secrets are not being encrypted.
+# There is an entry in known_fail.d.
+planoldpythontestsuite("fl2000dc:local",
+ "samba.tests.encrypted_secrets",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+planpythontestsuite("none",
+ "samba.tests.lsa_string")
+
+planoldpythontestsuite("ad_dc_ntvfs",
+ "samba.tests.krb5_credentials",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+
+for env in ["ad_dc_ntvfs", "vampire_dc", "promoted_dc"]:
+ planoldpythontestsuite(env,
+ "samba.tests.py_credentials",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc_ntvfs",
+ "samba.tests.emulate.traffic",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc_ntvfs",
+ "samba.tests.emulate.traffic_packet",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc_ntvfs",
+ "samba.tests.blackbox.traffic_replay",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc_ntvfs",
+ "samba.tests.blackbox.traffic_learner",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("ad_dc_ntvfs",
+ "samba.tests.blackbox.traffic_summary",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("none", "samba.tests.loadparm")
+planoldpythontestsuite("fileserver",
+ "samba.tests.blackbox.mdsearch",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
+planoldpythontestsuite("fileserver",
+ "samba.tests.blackbox.smbcacls_basic")
+planoldpythontestsuite("fileserver",
+ "samba.tests.blackbox.smbcacls_basic",
+ "samba.tests.blackbox.smbcacls_basic(DFS)",
+ environ={'SHARE': 'msdfs-share',
+ 'TESTDIR': 'smbcacls_sharedir_dfs'})
+# Run smbcacls_propagate_inhertance tests on non msdfs root share
+planoldpythontestsuite("fileserver",
+ "samba.tests.blackbox.smbcacls_propagate_inhertance")
+#
+# A) Run the smbcacls_propagate_inhertance tests on a msdfs root share
+# *without* any nested dfs links
+# B) Run the smbcacls_propagate_inhertance tests on a msdfs root share
+# *with* a nested dfs link
+#
+planoldpythontestsuite("fileserver",
+ "samba.tests.blackbox.smbcacls_dfs_propagate_inherit",
+ "samba.tests.blackbox.smbcacls_dfs_propagate_inherit(DFS-msdfs-root)",
+ environ={'SHARE': 'smbcacls_share'})
+#
+# Want a selection of environments across the process models
+#
+for env in ["ad_dc_ntvfs:local", "ad_dc:local",
+ "fl2003dc:local", "fl2008r2dc:local",
+ "promoted_dc:local"]:
+ planoldpythontestsuite(env, "samba.tests.blackbox.smbcontrol")
+
+planoldpythontestsuite("none", "samba.tests.blackbox.downgradedatabase")
+
+planpythontestsuite("ad_member:local", "samba.tests.blackbox.netads_dns")
+
+plantestsuite_loadlist("samba4.ldap.python(ad_dc_default)", "ad_dc_default", [python, os.path.join(DSDB_PYTEST_DIR, "ldap.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba4.ldap_modify_order.python(ad_dc_default)",
+ "ad_dc_default",
+ [python, os.path.join(samba4srcdir,
+ "dsdb/tests/python/"
+ "ldap_modify_order.py"),
+ # add "-v" here to diagnose
+ '$SERVER',
+ '-U"$USERNAME%$PASSWORD"',
+ '--workgroup=$DOMAIN',
+ '$LOADLIST',
+ '$LISTOPT'])
+
+plantestsuite_loadlist("samba4.ldap_modify_order.normal_user.python(ad_dc_default)",
+ "ad_dc_default",
+ [python, os.path.join(samba4srcdir,
+ "dsdb/tests/python/"
+ "ldap_modify_order.py"),
+ '--normal-user',
+ # add "-v" here to diagnose
+ '$SERVER',
+ '-U"$USERNAME%$PASSWORD"',
+ '--workgroup=$DOMAIN',
+ '$LOADLIST',
+ '$LISTOPT'])
+
+planoldpythontestsuite("ad_dc",
+ "samba.tests.ldap_raw",
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'TEST_ENV': 'ad_dc'})
+
+plantestsuite_loadlist("samba.tests.ldap_spn", "ad_dc",
+ [python,
+ f"{srcdir()}/python/samba/tests/ldap_spn.py",
+ '$SERVER',
+ '-U"$USERNAME%$PASSWORD"',
+ '--workgroup=$DOMAIN',
+ '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba.tests.ldap_upn_sam_account", "ad_dc_ntvfs",
+ [python,
+ f"{srcdir()}/python/samba/tests/ldap_upn_sam_account.py",
+ '$SERVER',
+ '-U"$USERNAME%$PASSWORD"',
+ '--workgroup=$DOMAIN',
+ '$LOADLIST', '$LISTOPT'])
+
+
+plantestsuite_loadlist("samba4.tokengroups.krb5.python", "ad_dc_default:local", [python, os.path.join(DSDB_PYTEST_DIR, "token_group.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '-k', 'yes', '$LOADLIST', '$LISTOPT'])
+plantestsuite_loadlist("samba4.tokengroups.ntlm.python", "ad_dc_default:local", [python, os.path.join(DSDB_PYTEST_DIR, "token_group.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '-k', 'no', '$LOADLIST', '$LISTOPT'])
+plantestsuite("samba4.sam.python(fl2008r2dc)", "fl2008r2dc", [python, os.path.join(DSDB_PYTEST_DIR, "sam.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
+plantestsuite("samba4.sam.python(ad_dc_default)", "ad_dc_default", [python, os.path.join(DSDB_PYTEST_DIR, "sam.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
+plantestsuite("samba4.asq.python(ad_dc_default)", "ad_dc_default", [python, os.path.join(DSDB_PYTEST_DIR, "asq.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
+plantestsuite("samba4.user_account_control.python(ad_dc_default)", "ad_dc_default", [python, os.path.join(DSDB_PYTEST_DIR, "user_account_control.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
+plantestsuite("samba4.priv_attrs.python(ad_dc_default)", "ad_dc_default", ["STRICT_CHECKING=0", python, os.path.join(DSDB_PYTEST_DIR, "priv_attrs.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
+plantestsuite("samba4.priv_attrs.strict.python(ad_dc_default)", "ad_dc_default", [python, os.path.join(DSDB_PYTEST_DIR, "priv_attrs.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
+
+for env in ['ad_dc_default:local', 'schema_dc:local']:
+ planoldpythontestsuite(env, "dsdb_schema_info",
+ extra_path=[os.path.join(samba4srcdir, 'dsdb/tests/python')],
+ name="samba4.schemaInfo.python(%s)" % (env),
+ extra_args=['-U"$DOMAIN/$DC_USERNAME%$DC_PASSWORD"'])
+
+ planpythontestsuite(env, "samba.tests.dsdb_schema_attributes")
+
+plantestsuite_loadlist("samba4.urgent_replication.python(ad_dc_ntvfs)", "ad_dc_ntvfs:local", [python, os.path.join(DSDB_PYTEST_DIR, "urgent_replication.py"), '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '$LOADLIST', '$LISTOPT'])
+plantestsuite_loadlist("samba4.ldap.dirsync.python(ad_dc_ntvfs)", "ad_dc_ntvfs", [python, os.path.join(DSDB_PYTEST_DIR, "dirsync.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+plantestsuite_loadlist("samba4.ldap.match_rules.python", "ad_dc_ntvfs", [python, os.path.join(srcdir(), "lib/ldb-samba/tests/match_rules.py"), '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+plantestsuite_loadlist("samba4.ldap.match_rules.python", "ad_dc_ntvfs", [python, os.path.join(srcdir(), "lib/ldb-samba/tests/match_rules_remote.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+plantestsuite("samba4.ldap.index.python", "none", [python, os.path.join(srcdir(), "lib/ldb-samba/tests/index.py")])
+plantestsuite_loadlist("samba4.ldap.notification.python(ad_dc_ntvfs)", "ad_dc_ntvfs", [python, os.path.join(DSDB_PYTEST_DIR, "notification.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+plantestsuite_loadlist("samba4.ldap.sites.python(ad_dc_default)", "ad_dc_default", [python, os.path.join(DSDB_PYTEST_DIR, "sites.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+env = 'vampire_dc'
+# Test with LMDB (GSSAPI/SASL bind)
+plantestsuite_loadlist("samba4.ldap.large_ldap.gssapi.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "large_ldap.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--kerberos=yes', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+env = 'ad_dc_default'
+# Test with TDB (NTLMSSP bind)
+plantestsuite_loadlist("samba4.ldap.large_ldap.ntlmssp.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "large_ldap.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--kerberos=no', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+env = 'ad_dc_ntvfs'
+# Test with ldaps://
+plantestsuite_loadlist("samba4.ldap.large_ldap.ldaps.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "large_ldap.py"), 'ldaps://$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+env = 'fl2008r2dc'
+# Test with straight ldap
+plantestsuite_loadlist("samba4.ldap.large_ldap.straight_ldap.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "large_ldap.py"), 'ldap://$SERVER', '--simple-bind-dn=$USERNAME@$REALM', '--password=$PASSWORD', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+planoldpythontestsuite("ad_dc_default", "sort", environ={'SERVER' : '$SERVER', 'DATA_DIR' : os.path.join(samba4srcdir, 'dsdb/tests/python/testdata/')}, name="samba4.ldap.sort.python", extra_path=[os.path.join(samba4srcdir, 'dsdb/tests/python')], extra_args=['-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
+
+plantestsuite_loadlist("samba4.ldap.linked_attributes.python(ad_dc_ntvfs)", "ad_dc_ntvfs:local", [python, os.path.join(DSDB_PYTEST_DIR, "linked_attributes.py"), '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba4.ldap.subtree_rename.python(ad_dc_ntvfs)",
+ "ad_dc_ntvfs:local",
+ [python, os.path.join(samba4srcdir,
+ "dsdb/tests/python/subtree_rename.py"),
+ '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb',
+ '-U"$USERNAME%$PASSWORD"',
+ '--workgroup=$DOMAIN',
+ '$LOADLIST',
+ '$LISTOPT'])
+
+planoldpythontestsuite(
+ "ad_dc_ntvfs",
+ "samba.tests.ldap_referrals",
+ environ={
+ 'SERVER': '$SERVER',
+ },
+ name="samba.ldap.referrals",
+ extra_args=['-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
+
+# These should be the first tests run against testenvs created by backup/restore
+for env in ['offlinebackupdc', 'restoredc', 'renamedc', 'labdc']:
+ # check that a restored DC matches the original DC (backupfromdc)
+ plantestsuite("samba4.blackbox.ldapcmp_restore", env,
+ ["PYTHON=%s" % python,
+ os.path.join(bbdir, "ldapcmp_restoredc.sh"),
+ '$PREFIX_ABS/backupfromdc', '$PREFIX_ABS/%s' % env])
+
+# we also test joining backupfromdc here, as it's a bit special in that it
+# doesn't have Default-First-Site-Name
+for env in ['backupfromdc', 'offlinebackupdc', 'restoredc', 'renamedc',
+ 'labdc']:
+ # basic test that we can join the testenv DC
+ plantestsuite("samba4.blackbox.join_ldapcmp", env,
+ ["PYTHON=%s" % python, os.path.join(bbdir, "join_ldapcmp.sh")])
+
+env = 'backupfromdc'
+planoldpythontestsuite("%s:local" % env, "samba_tool_drs_no_dns",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.samba_tool_drs_no_dns.python(%s)" % env,
+ environ={'DC1': '$DC_SERVER', 'DC2': '$DC_SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+plantestsuite_loadlist("samba4.ldap.rodc.python(rodc)", "rodc",
+ [python,
+ os.path.join(DSDB_PYTEST_DIR, "rodc.py"),
+ '$SERVER', '-U"$USERNAME%$PASSWORD"',
+ '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+plantestsuite_loadlist("samba4.ldap.rodc_rwdc.python(rodc)", "rodc:local",
+ [python,
+ os.path.join(samba4srcdir,
+ "dsdb/tests/python/rodc_rwdc.py"),
+ '$SERVER', '$DC_SERVER', '-U"$USERNAME%$PASSWORD"',
+ '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+planoldpythontestsuite("rodc:local", "replica_sync_rodc",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.replica_sync_rodc.python(rodc)",
+ environ={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+planoldpythontestsuite("ad_dc_default_smb1", "password_settings",
+ extra_path=[os.path.join(samba4srcdir, 'dsdb/tests/python')],
+ name="samba4.ldap.passwordsettings.python",
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+for env in all_fl_envs + ["schema_dc"]:
+ plantestsuite_loadlist("samba4.ldap_schema.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "ldap_schema.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+ plantestsuite("samba4.ldap.possibleInferiors.python(%s)" % env, env, [python, os.path.join(samba4srcdir, "dsdb/samdb/ldb_modules/tests/possibleinferiors.py"), "ldap://$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN"])
+ plantestsuite_loadlist("samba4.ldap.secdesc.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "sec_descriptor.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+ plantestsuite_loadlist("samba4.ldap.acl.python(%s)" % env, env, ["STRICT_CHECKING=0", python, os.path.join(DSDB_PYTEST_DIR, "acl.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+ plantestsuite_loadlist("samba4.ldap.acl_modify.python(%s)" % env, env, ["STRICT_CHECKING=0", python, os.path.join(DSDB_PYTEST_DIR, "acl_modify.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+
+for env in all_fl_envs + ["schema_dc", "ad_dc_no_ntlm"]:
+ if env != "fl2000dc":
+ # This test makes excessive use of the "userPassword" attribute which
+ # isn't available on DCs with Windows 2000 domain function level -
+ # therefore skip it in that configuration
+ plantestsuite_loadlist("samba4.ldap.passwords.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "passwords.py"), "$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN", '$LOADLIST', '$LISTOPT'])
+
+for env in ["ad_dc_slowtests"]:
+ # This test takes a lot of time, so we run it against a minimum of
+ # environments, please only add new ones if there's really a
+ # difference we need to test
+ plantestsuite_loadlist("samba4.ldap.vlv.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "vlv.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+ plantestsuite_loadlist("samba4.ldap.confidential_attr.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "confidential_attr.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+ plantestsuite_loadlist("samba4.ldap.password_lockout.python(%s)" % env, env, [python, os.path.join(DSDB_PYTEST_DIR, "password_lockout.py"), "$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN", "--realm=$REALM", '$LOADLIST', '$LISTOPT'])
+ planoldpythontestsuite(env, "tombstone_reanimation",
+ name="samba4.tombstone_reanimation.python",
+ environ={'TEST_SERVER': '$SERVER', 'TEST_USERNAME': '$USERNAME', 'TEST_PASSWORD': '$PASSWORD'},
+ extra_path=[os.path.join(samba4srcdir, 'dsdb/tests/python')]
+ )
+ planoldpythontestsuite(env, "samba.tests.join",
+ name="samba.tests.join.python(%s)" % env,
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+# this is a basic sanity-check of Kerberos/NTLM user login
+for env in ["offlinebackupdc", "restoredc", "renamedc", "labdc", "ad_dc_no_ntlm"]:
+ plantestsuite_loadlist("samba4.ldap.login_basics.python(%s)" % env, env,
+ [python, os.path.join(DSDB_PYTEST_DIR, "login_basics.py"),
+ "$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN", "--realm=$REALM",
+ '$LOADLIST', '$LISTOPT'])
+
+planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.upgradeprovisionneeddc")
+planpythontestsuite("ad_dc:local", "samba.tests.posixacl")
+planpythontestsuite("ad_dc_no_nss:local", "samba.tests.posixacl")
+plantestsuite_loadlist("samba4.deletetest.python(ad_dc_default)", "ad_dc_default", [python, os.path.join(DSDB_PYTEST_DIR, "deletetest.py"),
+ '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
+plantestsuite("samba4.blackbox.samba3dump", "none", [os.path.join(samba4srcdir, "selftest/test_samba3dump.sh")])
+plantestsuite("samba4.blackbox.upgrade", "none", ["PYTHON=%s" % python, os.path.join(samba4srcdir, "setup/tests/blackbox_s3upgrade.sh"), '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.provision.py", "none", ["PYTHON=%s" % python, os.path.join(samba4srcdir, "setup/tests/blackbox_provision.sh"), '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.provision_fileperms", "none", ["PYTHON=%s" % python, os.path.join(samba4srcdir, "setup/tests/provision_fileperms.sh"), '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.supported_features", "none",
+ ["PYTHON=%s" % python,
+ os.path.join(samba4srcdir,
+ "setup/tests/blackbox_supported_features.sh"),
+ '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.start_backup", "none",
+ ["PYTHON=%s" % python,
+ os.path.join(samba4srcdir,
+ "setup/tests/blackbox_start_backup.sh"),
+ '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.upgradeprovision.current", "none", ["PYTHON=%s" % python, os.path.join(samba4srcdir, "setup/tests/blackbox_upgradeprovision.sh"), '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.setpassword.py", "none", ["PYTHON=%s" % python, os.path.join(samba4srcdir, "setup/tests/blackbox_setpassword.sh"), '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.newuser.py", "none", ["PYTHON=%s" % python, os.path.join(samba4srcdir, "setup/tests/blackbox_newuser.sh"), '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.group.py", "none", ["PYTHON=%s" % python, os.path.join(samba4srcdir, "setup/tests/blackbox_group.sh"), '$PREFIX/provision'])
+plantestsuite("samba4.blackbox.spn.py(ad_dc_ntvfs:local)", "ad_dc_ntvfs:local", ["PYTHON=%s" % python, os.path.join(samba4srcdir, "setup/tests/blackbox_spn.sh"), '$PREFIX/ad_dc_ntvfs'])
+plantestsuite_loadlist("samba4.ldap.bind(fl2008r2dc)", "fl2008r2dc", [python, os.path.join(srcdir(), "auth/credentials/tests/bind.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '$LOADLIST', '$LISTOPT'])
+
+# This makes sure we test the rid allocation code
+t = "rpc.samr.large-dc"
+plansmbtorture4testsuite(t, "vampire_dc", ['$SERVER', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname=("samba4.%s.one" % t))
+plansmbtorture4testsuite(t, "vampire_dc", ['$SERVER', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname="samba4.%s.two" % t)
+
+# RPC smoke-tests for testenvs of interest (RODC, etc)
+for env in ['rodc', 'offlinebackupdc', 'restoredc', 'renamedc', 'labdc']:
+ plansmbtorture4testsuite('rpc.echo', env, ['ncacn_np:$SERVER', "-k", "yes", '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname="samba4.rpc.echo")
+ plansmbtorture4testsuite('rpc.echo', "%s:local" % env, ['ncacn_np:$SERVER', "-k", "yes", '-P', '--workgroup=$DOMAIN'], modname="samba4.rpc.echo")
+ plansmbtorture4testsuite('rpc.echo', "%s:local" % env, ['ncacn_np:$SERVER', "-k", "no", '-Utestallowed\ account%$DC_PASSWORD', '--workgroup=$DOMAIN'], modname="samba4.rpc.echo.testallowed")
+ plansmbtorture4testsuite('rpc.echo', "%s:local" % env, ['ncacn_np:$SERVER', "-k", "no", '-Utestdenied%$DC_PASSWORD', '--workgroup=$DOMAIN'], modname="samba4.rpc.echo.testdenied")
+ plantestsuite("samba4.blackbox.smbclient(%s:local)" % env, "%s:local" % env, [os.path.join(samba4srcdir, "utils/tests/test_smbclient.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$DOMAIN', binpath('smbclient')])
+
+planpythontestsuite("rodc:local", "samba.tests.samba_tool.rodc")
+
+plantestsuite("samba.blackbox.rpcclient_samlogon", "rodc:local", [os.path.join(samba3srcdir, "script/tests/test_rpcclient_samlogon.sh"),
+ "$DC_USERNAME", "$DC_PASSWORD", "ncacn_np:$SERVER", configuration])
+
+plantestsuite("samba.blackbox.rpcclient_samlogon_testallowed", "rodc:local", [os.path.join(samba3srcdir, "script/tests/test_rpcclient_samlogon.sh"),
+ "testallowed\ account", "$DC_PASSWORD", "ncacn_np:$SERVER", configuration])
+
+plantestsuite("samba.blackbox.rpcclient_samlogon_testdenied", "rodc:local", [os.path.join(samba3srcdir, "script/tests/test_rpcclient_samlogon.sh"),
+ "testdenied", "$DC_PASSWORD", "ncacn_np:$SERVER", configuration])
+
+
+# Test renaming the DC
+plantestsuite("samba4.blackbox.renamedc.sh", "none", ["PYTHON=%s" % python, os.path.join(bbdir, "renamedc.sh"), '$PREFIX/provision'])
+
+# DRS python tests
+# Note that $DC_SERVER is the PDC (e.g. ad_dc_ntvfs) and $SERVER is
+# the 2nd DC (e.g. vampire_dc).
+
+env = 'vampire_dc'
+planoldpythontestsuite(env, "ridalloc_exop",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.ridalloc_exop.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+# This test can pollute the environment a little by creating and
+# deleting DCs which can get into the replication state for a while.
+#
+# The setting of DC1 to $DC_SERVER means that it will join towards and
+# operate on schema_dc. This matters most when running
+# test_samba_tool_replicate_local as this sets up a full temp DC and
+# does new replication to it, which can show up in the replication
+# topology.
+#
+# That is why this test is run on the isolated environment and not on
+# those connected with ad_dc (vampiredc/promoteddc)
+#
+# The chgdcpass enviroment is likewise isolated and emulates Samba 4.5
+# with regard to GET_ANC
+
+env = 'schema_pair_dc'
+planoldpythontestsuite("%s:local" % env, "samba_tool_drs",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.samba_tool_drs.python(%s)" % env,
+ environ={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+for env in ['chgdcpass', 'schema_pair_dc']:
+ planoldpythontestsuite("%s:local" % env, "samba_tool_drs_critical",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.samba_tool_drs_critical.python(%s)" % env,
+ environ={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+planoldpythontestsuite(env, "getnc_schema",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.getnc_schema.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER',
+ "PLEASE_BREAK_MY_WINDOWS": "1"},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+# This test can be sensitive to the DC joins and replications don in
+# "samba_tool_drs" so run this is run against scheam_pair_dc/schema_dc
+# not the set of environments connected with ad_dc.
+
+# This will show the replication state of ad_dc
+planoldpythontestsuite("promoted_dc:local", "samba_tool_drs_showrepl",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.samba_tool_drs_showrepl.python(%s)" % env,
+ environ={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+for env in ['vampire_dc', 'promoted_dc']:
+ planoldpythontestsuite("%s:local" % env, "replica_sync",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.replica_sync.python(%s)" % env,
+ environ={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "delete_object",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.delete_object.python(%s)" % env,
+ environ={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "fsmo",
+ name="samba4.drs.fsmo.python(%s)" % env,
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "repl_secdesc",
+ name="samba4.drs.repl_secdesc.python(%s)" % env,
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "repl_move",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.repl_move.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "getnc_unpriv",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.getnc_unpriv.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "linked_attributes_drs",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.linked_attributes_drs.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "link_conflicts",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.link_conflicts.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+# Environment chgdcpass has the Samba 4.5 GET_ANC behaviour, which we
+# set a knownfail to expect
+for env in ['vampire_dc', 'promoted_dc', 'chgdcpass']:
+ planoldpythontestsuite(env, "getnc_exop",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.getnc_exop.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+for env in ['vampire_dc', 'promoted_dc', 'vampire_2000_dc']:
+ planoldpythontestsuite(env, "repl_schema",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.repl_schema.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+# A side-effect of the getncchanges tests is that they will create hundreds of
+# tombstone objects, so run them last to avoid interferring with (and slowing
+# down) the other DRS tests
+for env in ['vampire_dc', 'promoted_dc']:
+ planoldpythontestsuite(env, "getncchanges",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.getncchanges.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+for env in ['ad_dc_ntvfs']:
+ planoldpythontestsuite(env, "repl_rodc",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.repl_rodc.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$DC_SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+ planoldpythontestsuite(env, "cracknames",
+ extra_path=[os.path.join(samba4srcdir, 'torture/drs/python')],
+ name="samba4.drs.cracknames.python(%s)" % env,
+ environ={'DC1': "$DC_SERVER", 'DC2': '$DC_SERVER'},
+ extra_args=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
+
+planoldpythontestsuite("chgdcpass:local", "samba.tests.blackbox.samba_dnsupdate",
+ environ={'DNS_SERVER_IP': '$SERVER_IP'})
+
+for env in ["s4member", "rodc", "promoted_dc", "ad_dc", "ad_member"]:
+ plantestsuite("samba.blackbox.wbinfo(%s:local)" % env, "%s:local" % env, [os.path.join(samba4srcdir, "../nsswitch/tests/test_wbinfo.sh"), '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', env])
+
+# Offline logon (ad_member)
+plantestsuite("samba.blackbox.offline_logon",
+ "ad_member_offlogon",
+ [os.path.join(bbdir, "test_offline_logon.sh"),
+ '$DOMAIN',
+ 'alice', 'Secret007',
+ 'bob', 'Secret007',
+ 'jane', 'Secret007',
+ 'joe', 'Secret007'])
+
+#
+# KDC Tests
+#
+
+# This test is for users cached at the RODC
+plansmbtorture4testsuite('krb5.kdc', "rodc", ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestdenied%$PASSWORD',
+ '--workgroup=$DOMAIN', '--realm=$REALM',
+ '--option=torture:krb5-upn=testdenied_upn@$REALM.upn',
+ '--option=torture:expect_rodc=true'],
+ "samba4.krb5.kdc with account DENIED permission to replicate to an RODC")
+plansmbtorture4testsuite('krb5.kdc', "rodc", ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestallowed\ account%$PASSWORD',
+ '--workgroup=$DOMAIN', '--realm=$REALM',
+ '--option=torture:expect_machine_account=true',
+ '--option=torture:krb5-upn=testallowed\ upn@$REALM',
+ '--option=torture:krb5-hostname=testallowed',
+ '--option=torture:expect_rodc=true',
+ '--option=torture:expect_cached_at_rodc=true'],
+ "samba4.krb5.kdc with account ALLOWED permission to replicate to an RODC")
+
+# This ensures we have correct behaviour on a server that is not not the PDC emulator
+env = "promoted_dc"
+plansmbtorture4testsuite('krb5.kdc', env, ['ncacn_np:$SERVER_IP', "-k", "yes", '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--realm=$REALM'],
+ "samba4.krb5.kdc with specified account")
+plansmbtorture4testsuite('krb5.kdc', env, ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestupnspn%$PASSWORD', '--workgroup=$DOMAIN', '--realm=$REALM',
+ '--option=torture:expect_machine_account=true',
+ '--option=torture:krb5-upn=http/testupnspn.$DNSNAME@$REALM',
+ '--option=torture:krb5-hostname=testupnspn.$DNSNAME',
+ '--option=torture:krb5-service=http'],
+ "samba4.krb5.kdc with account having identical UPN and SPN")
+for env in ["fl2008r2dc", "fl2003dc"]:
+ fast_support = have_fast_support
+ if env in ["fl2003dc"]:
+ fast_support = 0
+ planoldpythontestsuite(env, "samba.tests.krb5.as_req_tests",
+ environ={
+ **krb5_environ,
+ 'FAST_SUPPORT': fast_support,
+ })
+
+planoldpythontestsuite('fl2008r2dc', 'samba.tests.krb5.salt_tests',
+ environ=krb5_environ)
+
+for env in ["rodc", "promoted_dc", "fl2000dc", "fl2008r2dc"]:
+ if env == "rodc":
+ # The machine account is cached at the RODC, as it is the local account
+ extra_options = ['--option=torture:expect_rodc=true', '--option=torture:expect_cached_at_rodc=true']
+ else:
+ extra_options = []
+
+ plansmbtorture4testsuite('krb5.kdc', "%s:local" % env, ['ncacn_np:$SERVER_IP', "-k", "yes", '-P',
+ '--workgroup=$DOMAIN', '--realm=$REALM',
+ '--option=torture:krb5-hostname=$SERVER',
+ '--option=torture:run_removedollar_test=true',
+ '--option=torture:expect_machine_account=true'] + extra_options,
+ "samba4.krb5.kdc with machine account")
+
+planpythontestsuite("ad_dc", "samba.tests.krb5.as_canonicalization_tests",
+ environ=krb5_environ)
+for env, fast_support in [("ad_dc", True),
+ ("fl2003dc", False)]:
+ planpythontestsuite(env, "samba.tests.krb5.compatability_tests",
+ environ={
+ **krb5_environ,
+ 'FAST_SUPPORT': int(fast_support),
+ })
+planpythontestsuite("ad_dc", "samba.tests.krb5.kdc_tests",
+ environ=krb5_environ)
+planpythontestsuite(
+ "ad_dc",
+ "samba.tests.krb5.kdc_tgs_tests",
+ environ=krb5_environ)
+planpythontestsuite(
+ "ad_dc",
+ "samba.tests.krb5.fast_tests",
+ environ=krb5_environ)
+planpythontestsuite(
+ "ad_dc",
+ "samba.tests.krb5.ms_kile_client_principal_lookup_tests",
+ environ=krb5_environ)
+planpythontestsuite(
+ "ad_dc",
+ "samba.tests.krb5.spn_tests",
+ environ=krb5_environ)
+planpythontestsuite(
+ "ad_dc",
+ "samba.tests.krb5.alias_tests",
+ environ=krb5_environ)
+planoldpythontestsuite(
+ 'ad_dc',
+ 'samba.tests.krb5.pac_align_tests',
+ environ=krb5_environ)
+planoldpythontestsuite(
+ 'ad_dc:local',
+ 'samba.tests.krb5.protected_users_tests',
+ environ=krb5_environ)
+for env, nt_hash in [("ad_dc:local", True),
+ ("ad_dc_no_ntlm:local", False)]:
+ planoldpythontestsuite(
+ env,
+ 'samba.tests.krb5.nt_hash_tests',
+ environ={
+ **krb5_environ,
+ 'EXPECT_NT_HASH': int(nt_hash),
+ })
+planoldpythontestsuite(
+ 'ad_dc',
+ 'samba.tests.krb5.kpasswd_tests',
+ environ=krb5_environ)
+planoldpythontestsuite(
+ 'ad_dc:local',
+ 'samba.tests.krb5.lockout_tests',
+ environ=krb5_environ)
+for env, forced_rc4 in [('ad_dc', False),
+ ('promoted_dc', True)]:
+ planoldpythontestsuite(
+ env,
+ 'samba.tests.krb5.etype_tests',
+ environ={
+ **krb5_environ,
+ 'DC_SERVER': '$SERVER',
+ 'DC_SERVER_IP': '$SERVER_IP',
+ 'DC_SERVER_IPV6': '$SERVER_IPV6',
+ 'FORCED_RC4': int(forced_rc4),
+ })
+
+for env in [
+ 'vampire_dc',
+ 'promoted_dc']:
+ planoldpythontestsuite(env, "samba.tests.kcc",
+ name="samba.tests.kcc",
+ environ={'TEST_SERVER': '$SERVER', 'TEST_USERNAME': '$USERNAME',
+ 'TEST_PASSWORD': '$PASSWORD',
+ 'TEST_ENV': env
+ },
+ extra_path=[os.path.join(srcdir(), "samba/python"), ])
+ planpythontestsuite(env, "samba.tests.samba_tool.visualize_drs")
+
+planpythontestsuite("ad_dc_default:local", "samba.tests.kcc.kcc_utils")
+
+for env in ["simpleserver", "fileserver", "nt4_dc", "ad_dc",
+ "ad_member", "offlinebackupdc", "restoredc", "renamedc", "labdc", 'schema_pair_dc']:
+ planoldpythontestsuite(env, "netlogonsvc",
+ extra_path=[os.path.join(srcdir(), 'python/samba/tests')],
+ name="samba.tests.netlogonsvc.python(%s)" % env)
+
+for env in ["ktest", "ad_member", "ad_dc_no_ntlm"]:
+ planoldpythontestsuite(env, "ntlmdisabled",
+ extra_path=[os.path.join(srcdir(), 'python/samba/tests')],
+ name="samba.tests.ntlmdisabled.python(%s)" % env)
+
+# Demote the vampire DC, it must be the last test each DC, before the dbcheck
+for env in ['vampire_dc', 'promoted_dc', 'rodc']:
+ planoldpythontestsuite(env, "samba.tests.samba_tool.demote",
+ name="samba.tests.samba_tool.demote",
+ environ={
+ 'CONFIGFILE': '$PREFIX/%s/etc/smb.conf' % env
+ },
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ extra_path=[os.path.join(srcdir(), "samba/python")]
+ )
+# TODO: Verifying the databases really should be a part of the
+# environment teardown.
+# check the databases are all OK. PLEASE LEAVE THIS AS THE LAST TEST
+for env in ["ad_dc", "fl2000dc", "fl2003dc", "fl2008r2dc",
+ 'vampire_dc', 'promoted_dc', 'backupfromdc', 'restoredc',
+ 'renamedc', 'offlinebackupdc', 'labdc']:
+ plantestsuite("samba4.blackbox.dbcheck(%s)" % env, env + ":local", ["PYTHON=%s" % python, os.path.join(bbdir, "dbcheck.sh"), '$PREFIX/provision', configuration])
+
+#
+# Tests to verify bug 13653 https://bugzilla.samba.org/show_bug.cgi?id=13653
+# ad_dc has an lmdb backend, ad_dc_ntvfs has a tdb backend.
+#
+planoldpythontestsuite("ad_dc_ntvfs:local",
+ "samba.tests.blackbox.bug13653",
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'TEST_ENV': 'ad_dc_ntvfs'})
+planoldpythontestsuite("ad_dc:local",
+ "samba.tests.blackbox.bug13653",
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ environ={'TEST_ENV': 'ad_dc'})
+# cmocka tests not requiring a specific environment
+#
+plantestsuite("samba4.dsdb.samdb.ldb_modules.unique_object_sids", "none",
+ [os.path.join(bindir(), "test_unique_object_sids")])
+plantestsuite("samba4.dsdb.samdb.ldb_modules.encrypted_secrets.tdb", "none",
+ [os.path.join(bindir(), "test_encrypted_secrets_tdb")])
+plantestsuite("samba4.dsdb.samdb.ldb_modules.encrypted_secrets.mdb", "none",
+ [os.path.join(bindir(), "test_encrypted_secrets_mdb")])
+plantestsuite("lib.audit_logging.audit_logging", "none",
+ [os.path.join(bindir(), "audit_logging_test")])
+plantestsuite("lib.audit_logging.audit_logging.errors", "none",
+ [os.path.join(bindir(), "audit_logging_error_test")])
+plantestsuite("samba4.dsdb.samdb.ldb_modules.audit_util", "none",
+ [os.path.join(bindir(), "test_audit_util")])
+plantestsuite("samba4.dsdb.samdb.ldb_modules.audit_log", "none",
+ [os.path.join(bindir(), "test_audit_log")])
+plantestsuite("samba4.dsdb.samdb.ldb_modules.audit_log.errors", "none",
+ [os.path.join(bindir(), "test_audit_log_errors")])
+plantestsuite("samba4.dsdb.samdb.ldb_modules.group_audit", "none",
+ [os.path.join(bindir(), "test_group_audit")])
+plantestsuite("samba4.dsdb.samdb.ldb_modules.group_audit.errors", "none",
+ [os.path.join(bindir(), "test_group_audit_errors")])
+plantestsuite("samba4.dcerpc.dnsserver.dnsutils", "none",
+ [os.path.join(bindir(), "test_rpc_dns_server_dnsutils")])
+plantestsuite("libcli.drsuapi.repl_decrypt", "none",
+ [os.path.join(bindir(), "test_repl_decrypt")])
+plantestsuite("librpc.ndr.ndr_string", "none",
+ [os.path.join(bindir(), "test_ndr_string")])
+plantestsuite("librpc.ndr.ndr", "none",
+ [os.path.join(bindir(), "test_ndr")])
+plantestsuite("librpc.ndr.ndr_macros", "none",
+ [os.path.join(bindir(), "test_ndr_macros")])
+plantestsuite("librpc.ndr.ndr_dns_nbt", "none",
+ [os.path.join(bindir(), "test_ndr_dns_nbt")])
+plantestsuite("libcli.ldap.ldap_message", "none",
+ [os.path.join(bindir(), "test_ldap_message")])
+
+# process restart and limit tests, these break the environment so need to run
+# in their own specific environment
+planoldpythontestsuite("preforkrestartdc:local",
+ "samba.tests.prefork_restart",
+ extra_path=[
+ os.path.join(srcdir(), 'python/samba/tests')],
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ name="samba.tests.prefork_restart")
+planoldpythontestsuite("preforkrestartdc:local",
+ "samba.tests.blackbox.smbcontrol_process",
+ extra_path=[
+ os.path.join(srcdir(), 'python/samba/tests')],
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ name="samba.tests.blackbox.smbcontrol_process")
+planoldpythontestsuite("proclimitdc",
+ "samba.tests.process_limits",
+ extra_path=[
+ os.path.join(srcdir(), 'python/samba/tests')],
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
+ name="samba.tests.process_limits")
+
+planoldpythontestsuite("none", "samba.tests.usage")
+planpythontestsuite("fileserver", "samba.tests.dcerpc.mdssvc")
diff --git a/source4/selftest/tests_win.sh b/source4/selftest/tests_win.sh
new file mode 100755
index 0000000..fafaef1
--- /dev/null
+++ b/source4/selftest/tests_win.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+if [ $(whoami) != "root" ]; then
+ echo "Windows tests will not run without root privileges."
+ exit 1
+fi
+
+if [ "$DO_SOCKET_WRAPPER" = SOCKET_WRAPPER ]; then
+ echo "Windows tests will not run with socket wrapper enabled."
+ exit 1
+fi
+
+if [ ! $WINTESTCONF ]; then
+ echo "Environment variable WINTESTCONF has not been defined."
+ echo "Windows tests will not run unconfigured."
+ exit 1
+fi
+
+if [ ! -r $WINTESTCONF ]; then
+ echo "$WINTESTCONF could not be read."
+ exit 1
+fi
+
+export WINTEST_DIR=$SRCDIR/selftest/win
+export TMPDIR=$TMPDIR
+export NETBIOSNAME=$NETBIOSNAME
+
+. $WINTESTCONF
+
+$SRCDIR/selftest/test_win.sh
diff --git a/source4/selftest/tests_win2k3_dc.sh b/source4/selftest/tests_win2k3_dc.sh
new file mode 100755
index 0000000..290a4ef
--- /dev/null
+++ b/source4/selftest/tests_win2k3_dc.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+if [ ! $WINTESTCONF ]; then
+ echo "Environment variable WINTESTCONF has not been defined."
+ echo "Windows tests will not run unconfigured."
+ exit 1
+fi
+
+if [ ! -r $WINTESTCONF ]; then
+ echo "$WINTESTCONF could not be read."
+ exit 1
+fi
+
+. selftest/test_functions.sh
+
+export SRCDIR=$SRCDIR
+
+tests="RPC-DRSUAPI RPC-SPOOLSS ncacn_np ncacn_ip_tcp"
+
+for name in $tests; do
+ testit $name rpc $SRCDIR/selftest/win/wintest_2k3_dc.sh $name
+done
diff --git a/source4/selftest/win/README b/source4/selftest/win/README
new file mode 100644
index 0000000..f6e716c
--- /dev/null
+++ b/source4/selftest/win/README
@@ -0,0 +1,72 @@
+This framework uses a VMware Server hosted Windows guest VM to test the
+behaviour of Windows -> Samba and Samba -> Windows interactions. To setup a
+Windows host for testing, vm_setup.tar.gz contain some scripts which create
+an administrative user account, and enable and start the installed telnet
+service on the Windows host. Optionally, the hostname and workgroup name can
+also be set. vm_setup.tar.gz is currently located in the SOC/bnh branch of
+Samba's SVN repository.
+
+PREREQUISITES
+
+To use these scripts, VMware Server needs to be running with a Windows guest
+VM installed, IP addressed, and VMware tools needs to be installed and running
+on the guest VM. The Windows OS I used to test with was Windows Server 2003,
+but I think this should work with any version of Windows that has the
+Microsoft telnet service installed. The VMware Server versions I used for
+testing was 1.0.0 build-27828, and 1.0.0 build-28343.
+
+PLEASE NOTE: Due to problems with my original revert_snapshot() code, the initial
+setup now requires that the VM configuration setting 'When Powering Off' is
+manually set to 'Revert to snapshot' (snapshot.action="autoRevert" in the
+guest's .vmx file). This should not be a permanent change, but the original
+revert_snapshot() code I wrote no longer works and i'm not sure why.
+
+On the machine that these scripts are running on (this need not be the same
+machine as the VMware host), the VMware perl scripting api needs to be
+installed, as well as the vix-perl api. These come with the VMware Server
+console package.
+
+After unzipping this file, the libraries are installed by extracting the
+VMware-vix-e.x.p-<revision number>.tar.gz and
+VMware-VmPerlAPI-e.x.p-<revision number>.tar.gz archives, and running the
+vmware-install.pl scripts inside their respective directories.
+
+On Slackware 10.2, I encountered a problem in that when I tried to use the vix
+api libraries, I would get the following error:
+
+SSLLoadSharedLibrary: Failed to load library /<client program directory>/libcrypto.so.0.9.7:/<client program directory>/libcrypto.so.0.9.7: cannot open a shared object file: No such file or directory.
+
+The fix found on the VMware knowledge base (search http://kb.vmware.com for
+Doc ID: 1837104) states that it's a known problem with the scripting libraries,
+and can be resolved by installing VMware Server on the host, which properly
+sets up the SSL module loader. This is what I would suggest if you encounter
+this, as it solved the problem for me (I don't have VMware Server actually
+running on that host though).
+
+INSTALLATION
+
+To use these scripts, modify initial_setup.conf to match your environment. The
+GUEST_HOSTNAME, GUEST_WORKGROUP, HOST_SERVER_NAME, HOST_SERVER_PORT,
+HOST_USERNAME, and HOST_PASSWORD variables are optional, and are commented out
+in this release.
+
+Running initial_setup.sh will:
+* Get the IP address of the Windows guest VM.
+* Take a snapshot of the pristine Windows guest.
+* Copy the windows scripts from the windows-scripts directory on the unix host
+ to the directory on the Windows guest specified by the
+ GUEST_SCRIPT_PATH option. This path will be created on the guest if
+ it does not already exist.
+* Execute win_setup.wsf on the Windows guest in order to create the
+ administrator account specified by GUEST_USERNAME and GUEST_PASSWORD,
+ enable and start the telnet service, and set the GUEST_HOSTNAME and
+ GUEST_WORKGROUP if configured.
+* If these operations are successful so far, another snapshot is taken at this
+ point. This is the snapshot which is restored if the tests encounter
+ problems they are unable to recover from.
+
+These operations leave the Windows guest in a state such that it can be
+remotely administered with telnet. Specifically, this will allow us to use
+'make wintest' in Samba 4 to perform smbtorture tests against a Windows host,
+and perform tests from a Windows client to a Samba server.
+
diff --git a/source4/selftest/win/VMHost.pm b/source4/selftest/win/VMHost.pm
new file mode 100644
index 0000000..37d721e
--- /dev/null
+++ b/source4/selftest/win/VMHost.pm
@@ -0,0 +1,359 @@
+#!/usr/bin/perl -w
+
+# A perl object to provide a simple, unified method of handling some
+# VMware Server VM management functions using the perl and VIX API's.
+# Copyright Brad Henry <brad@samba.org> 2006
+# Released under the GNU GPL version 3 or later.
+
+# VMware Perl API
+use VMware::VmPerl;
+use VMware::VmPerl::VM;
+use VMware::VmPerl::ConnectParams;
+
+# VMware C bindings
+use VMware::Vix::Simple;
+use VMware::Vix::API::Constants;
+
+# Create a class to abstract from the Vix and VMPerl APIs.
+{ package VMHost;
+ my $perl_vm = VMware::VmPerl::VM::new();
+ my $perl_vm_credentials;
+ my $vix_vm;
+ my $vix_vm_host;
+
+ my $err_code = 0;
+ my $err_str = "";
+
+ my $hostname;
+ my $port;
+ my $username;
+ my $password;
+ my $vm_cfg_path;
+ my $guest_admin_username;
+ my $guest_admin_password;
+
+ sub error {
+ my $old_err_code = $err_code;
+ my $old_err_str = $err_str;
+ $err_code = 0;
+ $err_str = "";
+ return ($old_err_code, $old_err_str);
+ }
+
+ # Power on the guest if it isn't already running.
+ # Returns 0 when the guest is already running, and
+ # if not, it waits until it is started.
+ sub start_guest {
+ my $vm_power_state = $perl_vm->get_execution_state();
+ if (!defined($vm_power_state)) {
+ ($err_code, $err_str) = $perl_vm->get_last_error();
+ return ($err_code);
+ }
+ if ($vm_power_state == VMware::VmPerl::VM_EXECUTION_STATE_OFF
+ || $vm_power_state ==
+ VMware::VmPerl::VM_EXECUTION_STATE_SUSPENDED)
+ {
+ if (!$perl_vm->start()) {
+ ($err_code, $err_str) =
+ $perl_vm->get_last_error();
+ return ($err_code);
+ }
+ while ($perl_vm->get_tools_last_active() == 0) {
+ sleep(60);
+ }
+ }
+ return ($err_code);
+ }
+
+ sub host_connect {
+ # When called as a method, the first parameter passed is the
+ # name of the method. Called locally, this function will lose
+ # the first parameter.
+ shift @_;
+ ($hostname, $port, $username, $password, $vm_cfg_path,
+ $guest_admin_username, $guest_admin_password) = @_;
+
+ # Connect to host using vmperl api.
+ $perl_vm_credentials =
+ VMware::VmPerl::ConnectParams::new($hostname, $port,
+ $username, $password);
+ if (!$perl_vm->connect($perl_vm_credentials, $vm_cfg_path)) {
+ ($err_code, $err_str) = $perl_vm->get_last_error();
+ undef $perl_vm;
+ return ($err_code);
+ }
+
+ # Connect to host using vix api.
+ ($err_code, $vix_vm_host) =
+ VMware::Vix::Simple::HostConnect(
+ VMware::Vix::Simple::VIX_API_VERSION,
+ VMware::Vix::Simple::VIX_SERVICEPROVIDER_VMWARE_SERVER,
+ $hostname, $port, $username, $password,
+ 0, VMware::Vix::Simple::VIX_INVALID_HANDLE);
+ if ($err_code != VMware::Vix::Simple::VIX_OK) {
+ $err_str =
+ VMware::Vix::Simple::GetErrorText($err_code);
+ undef $perl_vm;
+ undef $vix_vm;
+ undef $vix_vm_host;
+ return ($err_code);
+ }
+
+ # Power on our guest os if it isn't already running.
+ $err_code = start_guest();
+ if ($err_code != 0) {
+ my $old_err_str = $err_str;
+ $err_str = "Starting guest power after connect " .
+ "failed: " . $old_err_str;
+ undef $perl_vm;
+ undef $vix_vm;
+ undef $vix_vm_host;
+ return ($err_code);
+ }
+
+ # Open VM.
+ ($err_code, $vix_vm) =
+ VMware::Vix::Simple::VMOpen($vix_vm_host, $vm_cfg_path);
+ if ($err_code != VMware::Vix::Simple::VIX_OK) {
+ $err_str =
+ VMware::Vix::Simple::GetErrorText($err_code);
+ undef $perl_vm;
+ undef $vix_vm;
+ undef $vix_vm_host;
+ return ($err_code);
+ }
+
+ # Login to $vix_vm guest OS.
+ $err_code = VMware::Vix::Simple::VMLoginInGuest($vix_vm,
+ $guest_admin_username, $guest_admin_password,
+ 0);
+ if ($err_code != VMware::Vix::Simple::VIX_OK) {
+ $err_str =
+ VMware::Vix::Simple::GetErrorText($err_code);
+ undef $perl_vm;
+ undef $vix_vm;
+ undef $vix_vm_host;
+ return ($err_code);
+ }
+ return ($err_code);
+ }
+
+ sub host_disconnect {
+ undef $perl_vm;
+
+ $perl_vm = VMware::VmPerl::VM::new();
+ if (!$perl_vm) {
+ $err_code = 1;
+ $err_str = "Error creating new VmPerl object";
+ }
+
+ undef $vix_vm;
+ VMware::Vix::Simple::HostDisconnect($vix_vm_host);
+ VMware::Vix::Simple::ReleaseHandle($vix_vm_host);
+ return ($err_code);
+ }
+
+ sub host_reconnect {
+ $err_code = host_disconnect();
+ if ($err_code != 0) {
+ my $old_err_str = $err_str;
+ $err_str = "Disconnecting from host failed: " .
+ $old_err_str;
+ return ($err_code);
+ }
+
+ $err_code = host_connect(NULL, $hostname, $port, $username,
+ $password, $vm_cfg_path, $guest_admin_username,
+ $guest_admin_password);
+ if ($err_code != 0) {
+ my $old_err_str = $err_str;
+ $err_str = "Re-connecting to host failed: " .
+ $old_err_str;
+ return ($err_code);
+ }
+ return ($err_code);
+ }
+
+ sub create_snapshot {
+ my $snapshot;
+
+ ($err_code, $snapshot) =
+ VMware::Vix::Simple::VMCreateSnapshot($vix_vm,
+ "Snapshot", "Created by vm_setup.pl", 0,
+ VMware::Vix::Simple::VIX_INVALID_HANDLE);
+
+ VMware::Vix::Simple::ReleaseHandle($snapshot);
+
+ if ($err_code != VMware::Vix::Simple::VIX_OK) {
+ $err_str =
+ VMware::Vix::Simple::GetErrorText($err_code);
+ return $err_code;
+ }
+
+ $err_code = host_reconnect();
+ if ($err_code != 0) {
+ my $old_err_str = $err_str;
+ $err_str = "Reconnecting to host after creating " .
+ "snapshot: " . $old_err_str;
+ return ($err_code);
+ }
+ return ($err_code);
+ }
+
+ sub revert_snapshot {
+ # Because of problems with VMRevertToSnapshot(), we have to
+ # rely on the guest having set 'Revert to Snapshot' following
+ # a power-off event.
+ $err_code = VMware::Vix::Simple::VMPowerOff($vix_vm, 0);
+ if ($err_code != VMware::Vix::Simple::VIX_OK) {
+ $err_str =
+ VMware::Vix::Simple::GetErrorText($err_code);
+ return $err_code;
+ }
+
+ # host_reconnect() will power-on a guest in a non-running state.
+ $err_code = host_reconnect();
+ if ($err_code != 0) {
+ my $old_err_str = $err_str;
+ $err_str = "Reconnecting to host after reverting " .
+ "snapshot: " . $old_err_str;
+ return ($err_code);
+ }
+ return ($err_code);
+ }
+
+ # $dest_path must exist. It doesn't get created.
+ sub copy_files_to_guest {
+ shift @_;
+ my (%files) = @_;
+
+ my $src_file;
+ my $dest_file;
+
+ foreach $src_file (keys(%files)) {
+ $dest_file = $files{$src_file};
+ $err_code =
+ VMware::Vix::Simple::VMCopyFileFromHostToGuest(
+ $vix_vm, $src_file, $dest_file, 0,
+ VMware::Vix::Simple::VIX_INVALID_HANDLE);
+ if ($err_code != VMware::Vix::Simple::VIX_OK) {
+ $err_str = "Copying $src_file: " .
+ VMware::Vix::Simple::GetErrorText(
+ $err_code);
+ return $err_code;
+ }
+ }
+ return $err_code;
+ }
+
+ sub copy_to_guest {
+ # Read parameters $src_path, $dest_path.
+ shift @_;
+ my ($src_path, $dest_dir) = @_;
+
+ my $len = length($dest_dir);
+ my $idx = rindex($dest_dir, '\\');
+ if ($idx != ($len - 1)) {
+ $err_code = -1;
+ $err_str = "Destination $dest_dir must be a " .
+ "directory path";
+ return ($err_code);
+ }
+
+ # Create the directory $dest_path on the guest VM filesystem.
+ my $cmd = "cmd.exe ";
+ my $cmd_args = "/C MKDIR " . $dest_dir;
+ $err_code = run_on_guest(NULL, $cmd, $cmd_args);
+ if ( $err_code != 0) {
+ my $old_err_str = $err_str;
+ $err_str = "Creating directory $dest_dir on host: " .
+ $old_err_str;
+ return ($err_code);
+ }
+
+ # If $src_filepath specifies a file, create it in $dest_path
+ # and keep the same name.
+ # If $src_path is a directory, create the files it contains in
+ # $dest_path, keeping the same names.
+ $len = length($src_path);
+ my %files;
+ $idx = rindex($src_path, '/');
+ if ($idx == ($len - 1)) {
+ # $src_path is a directory.
+ if (!opendir (DIR_HANDLE, $src_path)) {
+ $err_code = -1;
+ $err_str = "Error opening directory $src_path";
+ return $err_code;
+ }
+
+ foreach $file (readdir DIR_HANDLE) {
+ my $src_file = $src_path . $file;
+
+ if (!opendir(DIR_HANDLE2, $src_file)) {
+ # We aren't interested in subdirs.
+ my $dest_path = $dest_dir . $file;
+ $files{$src_file} = $dest_path;
+ } else {
+ closedir(DIR_HANDLE2);
+ }
+ }
+ } else {
+ # Strip if preceding path from $src_path.
+ my $src_file = substr($src_path, ($idx + 1), $len);
+ my $dest_path = $dest_dir . $src_file;
+
+ # Add $src_path => $dest_path to %files.
+ $files{$src_path} = $dest_path;
+ }
+
+ $err_code = copy_files_to_guest(NULL, %files);
+ if ($err_code != 0) {
+ my $old_err_str = $err_str;
+ $err_str = "Copying files to host after " .
+ "populating %files: " . $old_err_str;
+ return ($err_code);
+ }
+ return ($err_code);
+ }
+
+ sub run_on_guest {
+ # Read parameters $cmd, $cmd_args.
+ shift @_;
+ my ($cmd, $cmd_args) = @_;
+
+ $err_code = VMware::Vix::Simple::VMRunProgramInGuest($vix_vm,
+ $cmd, $cmd_args, 0,
+ VMware::Vix::Simple::VIX_INVALID_HANDLE);
+ if ($err_code != VMware::Vix::Simple::VIX_OK) {
+ $err_str = VMware::Vix::Simple::GetErrorText(
+ $err_code);
+ return ($err_code);
+ }
+
+ return ($err_code);
+ }
+
+ sub get_guest_ip {
+ my $guest_ip = $perl_vm->get_guest_info('ip');
+
+ if (!defined($guest_ip)) {
+ ($err_code, $err_str) = $perl_vm->get_last_error();
+ return NULL;
+ }
+
+ if (!($guest_ip)) {
+ $err_code = 1;
+ $err_str = "Guest did not set the 'ip' variable";
+ return NULL;
+ }
+ return $guest_ip;
+ }
+
+ sub DESTROY {
+ host_disconnect();
+ undef $perl_vm;
+ undef $vix_vm_host;
+ }
+}
+
+return TRUE;
diff --git a/source4/selftest/win/common.exp b/source4/selftest/win/common.exp
new file mode 100644
index 0000000..93d24a6
--- /dev/null
+++ b/source4/selftest/win/common.exp
@@ -0,0 +1,521 @@
+# A library of commonly used functions written in expect.
+# Copyright Brad Henry <brad@samba.org> 2006
+# Released under the GNU GPL version 3 or later.
+
+# This function maps a drive letter to a share point.
+proc map_share { remote_prompt share_drive sharepoint username domain password } {
+ set default_err_str "Unknown error in function map_share"
+ set err_str $default_err_str
+
+ set cmd "net use $share_drive $sharepoint $password /USER:$username@$domain\r\n"
+ send $cmd
+
+ expect {
+ "The command completed successfully." {
+ expect_prompt $remote_prompt
+ set err_str "OK"
+ } \
+ "The local device name is already in use." {
+ expect_prompt $remote_prompt
+ set err_str "The device name $share_drive is already in use"
+ } \
+ "The network name cannot be found." {
+ expect_prompt $remote_prompt
+ set err_str "Sharepoint $sharepoint could not be found"
+ } \
+ timeout {
+ set err_str "Function map_share timed out while mapping $share_drive to $sharepoint"
+ }
+ }
+ return $err_str
+}
+
+# This function unmaps a drive letter from a share point.
+proc unmap_share { remote_prompt share_drive } {
+ set default_err_str "Unknown error in function unmap_share"
+ set err_str $default_err_str
+
+ set cmd "net use $share_drive /DELETE\r\n"
+ send $cmd
+
+ expect {
+ "was deleted successfully." {
+ expect_prompt $remote_prompt
+ set err_str "OK"
+ } \
+ "NET HELPMSG 2250" {
+ expect_prompt $remote_prompt
+ set err_str "The network connection could not be found while unmapping $share_drive"
+ } \
+ timeout {
+ set err_str "Function unmap_share timed out while unmapping $share_drive"
+ }
+ }
+ return $err_str
+}
+
+# This function uses xcopy to copy a text file from one location on the
+# remote windows host to another.
+proc xcopy_file { remote_prompt in_filename out_filename xcopy_options } {
+ set default_err_str "Unknown error in function xcopy_file"
+ set err_str $default_err_str
+
+ set cmd "xcopy $in_filename $out_filename $xcopy_options\r\n"
+ send $cmd
+
+ expect {
+ "(F = file, D = directory)? " {
+ set cmd "F\r\n"
+ send $cmd
+ expect {
+ "1 File(s) copied\r\n\r\n" {
+ expect_prompt $remote_prompt
+ set err_str "OK"
+ } \
+ "0 File(s) copied\r\n\r\n" {
+ expect_prompt $remote_prompt
+ set err_str $default_err_str
+ } \
+ timeout {
+ set err_str "Function xcopy_file has timed out while copying $in_filename"
+ }
+ }
+ } \
+ "1 File(s) copied\r\n\r\n" {
+ expect_prompt $remote_prompt
+ set err_str "OK"
+ } \
+ "0 File(s) copied\r\n\r\n" {
+ expect_prompt $remote_prompt
+ set err_str $default_err_str
+ } \
+ timeout {
+ set err_str "Function xcopy_file timed out while copying $in_filename"
+ }
+ }
+ return $err_str
+}
+
+# This function creates a temporary file on the remote windows host.
+# The file contents are populated by a recursive directory listing of
+# the windows %HOMEDRIVE%.
+proc create_tmp_file { remote_prompt filename } {
+ set default_err_str "Unknown error in function create_tmp_file"
+ set err_str $default_err_str
+
+ set cmd "dir %HOMEDRIVE%\\ /S > $filename\r\n"
+ send $cmd
+ expect {
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ timeout {
+ set err_str "Function create_tmp_file timed out while creating $filename"
+ }
+ }
+ return $err_str
+}
+
+# This function compares two files on the remote windows host.
+proc compare_files { remote_prompt file1 file2 } {
+ set default_err_str "Unknown error in function compare_files"
+ set err_str $default_err_str
+
+ set cmd "fc $file1 $file2\r\n"
+ send $cmd
+ expect {
+ "FC: no differences encountered\r\n\r\n\r\n" {
+ expect_prompt $remote_prompt
+ set err_str "OK"
+ } \
+ "\*\*\*\*\* $file1" {
+ expect_prompt $remote_prompt
+ set err_str "Files $file1 and $file2 differ"
+ } \
+ "\*\*\*\*\* $file2" {
+ expect_prompt $remote_prompt
+ set err_str "Files $file1 and $file2 differ"
+ } \
+ timeout {
+ set err_str "Function compare_files timed out while comparing files $file1 and $file2"
+ }
+ }
+ return $err_str
+}
+
+# This function deletes a file on the remote windows host.
+proc delete_file { remote_prompt filename } {
+ set default_err_str "Unknown error in function delete_file"
+ set err_str $default_err_str
+
+ set cmd "del $filename\r\n"
+ send $cmd
+ expect {
+ "Could Not" {
+ expect_prompt $remote_prompt
+ set err_str $default_err_str
+ } \
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ timeout {
+ set err_str "Function delete_file timed oout while deleting $filename"
+ }
+ }
+ return $err_str
+}
+
+# This function copies a text file over telnet from the local unix host
+# to the remote windows host.
+proc copy_file { remote_prompt in_filename out_filename } {
+ set default_err_str "Unknown error in function copy_file"
+ set err_str $default_err_str
+
+ # The octal ASCII code for Control-Z is 032.
+ set CTRLZ \032
+
+ # Open local file and read contents.
+ set in_file [open $in_filename r]
+ set in_data [read $in_file]
+
+ # Initiate copy on remote host.
+ set cmd "copy con $out_filename\r\n"
+ send $cmd
+
+ # Separate $in_data into lines and send to remote host.
+ set out_data [split $in_data "\n"]
+ foreach out_line $out_data {
+ send $out_line
+ # We might as well do a unix -> windows line conversion.
+ send "\r\n"
+ # Are we overwriting an existing file?
+ # If so, exit so we can handle it.
+ expect {
+ "(Yes/No/All)" {
+ send "NO\r\n"
+ expect_prompt $remote_prompt
+ set err_str "File exists"
+ } \
+ $out_line {
+ set err_str "OK"
+ } \
+ timeout {
+ set err_str "Function copy_file timed out while copying $in_filename"
+ }
+ }
+ if { $err_str != "OK" } {
+ return $err_str
+ } else {
+ set err_str $default_err_str
+ }
+ }
+
+ # ^Z\r to complete the transfer.
+ send $CTRLZ
+ send "\r"
+ expect {
+ "file(s) copied." {
+ set err_str [expect_prompt $remote_prompt]
+ } \
+ $remote_prompt {
+ set err_str $default_err_str
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Function copy_file timed out while finishing copy of $in_filename"
+ }
+ }
+ return $err_str
+}
+
+# This function waits for the command prompt and reports an error on
+# timeout.
+proc expect_prompt { remote_prompt } {
+ set default_err_str "Unknown error occurred while waiting for the command prompt"
+ set err_str $default_err_str
+
+ expect {
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ timeout {
+ set err_str "Timeout occurred while waiting for the command prompt"
+ }
+ }
+ return $err_str
+}
+
+# This function will create a telnet login shell to $remote_host as $username.
+# If expected dialogue is not received, return with a specific error if one
+# is recognized. Otherwise return a generic error indicating the function
+# name.
+proc telnet_login { remote_prompt remote_host username password } {
+
+ set default_err_str "Unknown error in function telnet_login"
+ set err_str $default_err_str
+
+ set cmd "telnet $remote_host\r"
+ send $cmd
+ expect {
+ "login: " {
+ set err_str "OK"
+ } \
+ "Connection refused" {
+ set err_str "Connection refused"
+ } \
+ "No route to host" {
+ set err_str "No route to host"
+ } \
+ timeout {
+ set err_str "Function telnet_login timed out while waiting for the login prompt"
+ }
+ }
+ if { $err_str != "OK" } {
+ # Return because something unexpected happened.
+ return $err_str
+ } else {
+ # Reset err_str
+ set err_str $default_err_str
+ }
+
+ set cmd "$username\r"
+ send $cmd
+ expect {
+ "password: " {
+ set err_str "OK"
+ } \
+ timeout {
+ set err_str "Function telnet_login timed out while waiting for the password prompt"
+ }
+ }
+ if { $err_str != "OK" } {
+ return $err_str
+ } else {
+ set err_str $default_err_str
+ }
+
+ set cmd "$password\r"
+ send $cmd
+ expect {
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ "Login Failed" {
+ set err_str "Telnet login failed"
+ } \
+ timeout {
+ set err_str "Function telnet_login timed out while waiting for the command prompt"
+ }
+ }
+ return $err_str
+}
+
+proc create_directory { remote_prompt sharepath } {
+
+ set default_err_str "Unknown error in function create_directory"
+ set err_str $default_err_str
+
+ set cmd "mkdir $sharepath\r\n"
+ send $cmd
+ expect {
+ "already exists" {
+ expect_prompt $remote_prompt
+ set err_str "Directory already exists"
+ } \
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Timeout reached starting create_directory."
+ }
+ }
+ return $err_str
+}
+
+proc delete_directory { remote_prompt sharepath } {
+
+ set default_err_str "Unknown error in function delete_directory"
+ set err_str $default_err_str
+
+ set cmd "rmdir /S /Q $sharepath\r\n"
+ send $cmd
+ expect {
+ "Access is denied." {
+ expect_prompt $remote_prompt
+ set err_str "Directory access is denied"
+ } \
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Timeout reached in delete_directory"
+ }
+ }
+ return $err_str
+}
+
+proc create_share { remote_prompt username sharepath sharename } {
+
+ set default_err_str "Unknown error in function create_share"
+ set err_str $default_err_str
+
+ set cmd "net share $sharename=$sharepath /GRANT:$username,FULL\r\n"
+ send $cmd
+ expect {
+ "was shared successfully." {
+ set err_str [expect_prompt $remote_prompt]
+ } \
+ "NET HELPMSG 2118." {
+ expect_prompt $remote_prompt
+ set err_str "The name has already been shared"
+ } \
+ $remote_prompt {
+ set err_str $default_err_str
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Timeout reached in create_share"
+ }
+ }
+ return $err_str
+}
+
+proc delete_share { remote_prompt sharename } {
+
+ set default_err_str "Unknown error in function delete_share"
+ set err_str $default_err_str
+
+ set cmd "net share $sharename /DELETE\r\n"
+ send $cmd
+ expect {
+ "was deleted successfully." {
+ set err_str [expect_prompt $remote_prompt]
+ } \
+ "does not exist." {
+ expect_prompt $remote_prompt
+ set err_str "The share does not exist"
+ } \
+ $remote_prompt {
+ set err_str $default_err_str
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Timeout reached in delete_share"
+ }
+ }
+ return $err_str
+}
+
+proc delete_hosts_entry { remote_prompt hosts_file_path backup_hosts_filename } {
+
+ set default_err_str "Unknown error in function delete_hosts_entry"
+ set err_str $default_err_str
+
+ set cmd "cd $hosts_file_path\r\n"
+ send $cmd
+ expect {
+ "." {
+ expect_prompt $remote_prompt
+ set err_str $default_err_str
+ } \
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Timeout reached in delete_hosts_entry"
+ }
+ }
+ if { $err_str != "OK" } {
+ return $err_str
+ } else {
+ set err_str $default_err_str
+ }
+
+ set cmd "move /Y $backup_hosts_filename hosts\r\n"
+ send $cmd
+ expect {
+ "1 file(s) moved." {
+ set err_str [expect_prompt $remote_prompt]
+ } \
+ "cannot find the file specified." {
+ expect_prompt $remote_prompt
+ set err_str "File not found"
+ } \
+ $remote_prompt {
+ set err_str $default_err_str
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Function delete_hosts_entry timed out while renaming $backup_hosts_filename"
+ }
+ }
+ return $err_str
+}
+
+proc create_hosts_entry { remote_prompt hosts_file_path hostname ip \
+ backup_hosts_filename } {
+
+ set default_err_str "Unknown error in function create_hosts_entry"
+ set err_str $default_err_str
+
+ set cmd "cd $hosts_file_path\r\n"
+ send $cmd
+ expect {
+ "." {
+ expect_prompt $remote_prompt
+ set err_str $default_err_str
+ } \
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Timeout reached in create_hosts_entry"
+ }
+ }
+ if { $err_str != "OK" } {
+ return $err_str
+ } else {
+ set err_str $default_err_str
+ }
+
+ set cmd "copy /Y hosts $backup_hosts_filename\r\n"
+ send $cmd
+ expect {
+ "1 file(s) copied." {
+ set err_str [expect_prompt $remote_prompt]
+ } \
+ "cannot find the file specified." {
+ expect_prompt $remote_prompt
+ set err_str "File not found."
+ } \
+ $remote_prompt {
+ set err_str $default_err_str
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Function create_hosts_entry timed out while copying hosts file"
+ }
+ }
+ if { $err_str != "OK" } {
+ return $err_str
+ } else {
+ set err_str $default_err_str
+ }
+
+ set cmd "echo $ip $hostname #smbtorture host. >> hosts\r\n"
+ send $cmd
+ expect {
+ $remote_prompt {
+ set err_str "OK"
+ } \
+ timeout {
+ expect_prompt $remote_prompt
+ set err_str "Function create_hosts timed out while updating hosts file"
+ }
+ }
+ return $err_str
+}
diff --git a/source4/selftest/win/test_win.conf b/source4/selftest/win/test_win.conf
new file mode 100644
index 0000000..ed52be9
--- /dev/null
+++ b/source4/selftest/win/test_win.conf
@@ -0,0 +1,83 @@
+
+# perl needs to know to look in $WINTEST_DIR for VMHost.pm.
+export PERLLIB=$WINTEST_DIR
+
+# Command prompt that we are expecting on the windows host.
+export SMBTORTURE_REMOTE_PROMPT=">"
+
+##
+## The variables in this section apply to the 'make wintest_dc' set of tests.
+##
+
+# A username and password with admin rights to the DC we're testing against.
+export WIN2K3_DC_USERNAME="tortureuser"
+export WIN2K3_DC_PASSWORD="torturepass"
+
+# The domain and realm that the DC is configured for.
+export WIN2K3_DC_DOMAIN="WINTESTDC"
+export WIN2K3_DC_REALM="wintest.dc"
+
+# The path to the DC vmware image config file, local to the vmware server.
+export WIN2K3_DC_VM_CFG_PATH="/var/lib/vmware/Virtual Machines/Windows Server 2003 DC BuildFarm/Windows 2003 DC BuildFarm.vmx"
+
+##
+## The parameters in this section apply to the 'make wintest' set of tests.
+##
+
+# The username and password we will be testing with.
+# This user will need admin rights on the remote windows host.
+export SMBTORTURE_USERNAME="tortureuser"
+export SMBTORTURE_PASSWORD="torturepass"
+
+# The name of the workgroup we will be using on the remote windows host.
+export SMBTORTURE_WORKGROUP="SMBTEST"
+
+# The name of and path to the windows share we'll be testing against.
+export SMBTORTURE_REMOTE_SHARE_NAME="smbtorture_share"
+export SMBTORTURE_REMOTE_SHARE_PATH="%HOMEDRIVE%\smbtorture_shared_dir"
+
+# Default timeout for the expect scripts to wait for a response from the remote.
+export SMBTORTURE_EXPECT_TIMEOUT=30
+
+# Path to the local smbtorture binary.
+export SMBTORTURE_BIN_PATH="bin/smbtorture"
+
+# Local system hostname and ip address we'll be adding to the remote's
+# hosts file.
+export SMBTORTURE_LOCAL_HOSTNAME=$NETBIOSNAME
+export SMBTORTURE_LOCAL_IP="192.168.100.12"
+
+# Filename of the windows hosts' unedited hosts file.
+export REMOTE_BACKUP_HOSTS_FILENAME="hosts.smbtorture"
+export REMOTE_HOSTS_FILE_PATH="%SYSTEMROOT%\\system32\\drivers\\etc"
+
+# These coincide with the parameters mktestsetup.sh uses to setup smbd.
+export SMBTORTURE_LOCAL_USERNAME="administrator"
+export SMBTORTURE_LOCAL_PASSWORD="penguin"
+export SMBTORTURE_LOCAL_DOMAIN="SAMBADOMAIN"
+
+# This is the name of the samba share the windows vm will connect to.
+export SMBTORTURE_LOCAL_SHARE_NAME="TMP"
+
+# This is the drive letter which will be used to mount a share on the windows vm.
+export SMBTORTURE_REMOTE_DRIVE_LETTER="X:"
+
+# This is the name of the file which will be created on the windows vm
+# and used for samba server tests.
+export SMBTORTURE_TMP_FILENAME="smbtorture.tmp"
+
+# The path to the vmware image config file local to the vmware server.
+export VM_CFG_PATH="/var/lib/vmware/Virtual Machines/Win2k3-BuildFarm/Win2k3-BuildFarm.vmx"
+
+# In order to copy files and execute programs on the guest vm,
+# we need administrator-level credentials to log in with.
+export GUEST_ADMIN_USERNAME="administrator"
+export GUEST_ADMIN_PASSWORD="adminpass"
+
+# These parameters are optional. If not specified, the script tries to access
+# a local vmware server as the executing user.
+# logged-in user running the script are used.
+export HOST_SERVER_NAME="vmhost"
+export HOST_SERVER_PORT=902
+export HOST_USERNAME="vmuser"
+export HOST_PASSWORD="vmpass"
diff --git a/source4/selftest/win/vm_get_ip.pl b/source4/selftest/win/vm_get_ip.pl
new file mode 100644
index 0000000..9657a34
--- /dev/null
+++ b/source4/selftest/win/vm_get_ip.pl
@@ -0,0 +1,48 @@
+#!/usr/bin/perl -w
+
+# A perl script to connect to a VMware server and get the IP address of a VM.
+# Copyright Brad Henry <brad@samba.org> 2006
+# Released under the GNU GPL version 3 or later.
+
+use VMHost;
+
+sub check_error {
+ my $vm = VMHost;
+ my $custom_err_str = "";
+ ($vm, $custom_err_str) = @_;
+
+ my ($err_code, $err_str) = $vm->error;
+ if ($err_code != 0) {
+ undef $vm;
+ die $custom_err_str . "Returned $err_code: $err_str.\n";
+ }
+}
+
+# Read in parameters from environment.
+my $vm_cfg_path = $ENV{"$ARGV[0]"};
+my $host_server_name = $ENV{'HOST_SERVER_NAME'};
+my $host_server_port = $ENV{'HOST_SERVER_PORT'};
+if (!defined($host_server_port)) {
+ $host_server_port = 902;
+}
+
+my $host_username = $ENV{'HOST_USERNAME'};
+my $host_password = $ENV{'HOST_PASSWORD'};
+my $guest_admin_username = $ENV{'GUEST_ADMIN_USERNAME'};
+my $guest_admin_password = $ENV{'GUEST_ADMIN_PASSWORD'};
+
+my $vm = VMHost;
+
+$vm->host_connect($host_server_name, $host_server_port, $host_username,
+ $host_password, $vm_cfg_path, $guest_admin_username,
+ $guest_admin_password);
+check_error($vm, "Error in \$vm->host_connect().\n");
+
+my $guest_ip = $vm->get_guest_ip();
+check_error($vm, "Error in \$vm->get_guest_ip().\n");
+
+print $guest_ip;
+
+undef $vm;
+
+exit 0;
diff --git a/source4/selftest/win/vm_load_snapshot.pl b/source4/selftest/win/vm_load_snapshot.pl
new file mode 100644
index 0000000..35e80ba
--- /dev/null
+++ b/source4/selftest/win/vm_load_snapshot.pl
@@ -0,0 +1,46 @@
+#!/usr/bin/perl -w
+
+# A perl script to connect to a VMware server and revert a VM snapshot.
+# Copyright Brad Henry <brad@samba.org> 2006
+# Released under the GNU GPL version 3 or later.
+
+use VMHost;
+
+sub check_error {
+my $vm = VMHost;
+ my $custom_err_str = "";
+ ($vm, $custom_err_str) = @_;
+
+ my ($err_code, $err_str) = $vm->error;
+ if ($err_code != 0) {
+ undef $vm;
+ die $custom_err_str . "Returned $err_code: $err_str.\n";
+ }
+}
+
+# Read in parameters from environment.
+my $vm_cfg_path = $ENV{'VM_CFG_PATH'};
+my $host_server_name = $ENV{'HOST_SERVER_NAME'};
+my $host_server_port = $ENV{'HOST_SERVER_PORT'};
+if (!defined($host_server_port)) {
+ $host_server_port = 902;
+}
+
+my $host_username = $ENV{'HOST_USERNAME'};
+my $host_password = $ENV{'HOST_PASSWORD'};
+my $guest_admin_username = $ENV{'GUEST_ADMIN_USERNAME'};
+my $guest_admin_password = $ENV{'GUEST_ADMIN_PASSWORD'};
+
+my $vm = VMHost;
+
+$vm->host_connect($host_server_name, $host_server_port, $host_username,
+ $host_password, $vm_cfg_path, $guest_admin_username,
+ $guest_admin_password);
+check_error($vm, "Error in \$vm->host_connect().\n");
+
+$vm->revert_snapshot();
+check_error($vm, "Error in \$vm->revert_snapshot().\n");
+
+undef $vm;
+
+exit 0;
diff --git a/source4/selftest/win/wintest_2k3_dc.sh b/source4/selftest/win/wintest_2k3_dc.sh
new file mode 100755
index 0000000..4852e22
--- /dev/null
+++ b/source4/selftest/win/wintest_2k3_dc.sh
@@ -0,0 +1,120 @@
+#!/bin/sh
+
+if [ $# -lt 1 ]; then
+ cat <<EOF
+Usage: wintest_2k3_dc.sh TESTGROUP
+EOF
+ exit 1
+fi
+
+TESTGROUP=$1
+
+if [ -z $WINTEST_DIR ]; then
+ echo "Environment variable WINTEST_DIR not found."
+ exit 1
+fi
+
+# This variable is defined in the per-hosts .fns file for build-farm hosts that run windows tests.
+if [ -z $WINTESTCONF ]; then
+ echo "Please point environment variable WINTESTCONF to your test_win.conf file."
+ exit 1
+fi
+
+. $WINTESTCONF
+. $WINTEST_DIR/wintest_functions.sh
+
+export WIN2K3_DC_REMOTE_HOST=$(perl -I$WINTEST_DIR $WINTEST_DIR/vm_get_ip.pl WIN2K3_DC_VM_CFG_PATH)
+
+if [ -z $WIN2K3_DC_REMOTE_HOST ]; then
+ # Restore snapshot to ensure VM is in a known state, then exit.
+ restore_snapshot "Test failed to get the IP address of the windows 2003 DC." "$WIN2K3_DC_VM_CFG_PATH"
+ exit 1
+fi
+
+server=$WIN2K3_DC_REMOTE_HOST
+username=$WIN2K3_DC_USERNAME
+password=$WIN2K3_DC_PASSWORD
+domain=$WIN2K3_DC_DOMAIN
+realm=$WIN2K3_DC_REALM
+
+OPTIONS="-U$username%$password -W $domain --option realm=$realm"
+
+all_errs=0
+
+on_error()
+{
+ name=$1
+
+ all_errs=$(expr $all_errs + 1)
+ restore_snapshot "$name test failed." "$WIN2K3_DC_VM_CFG_PATH"
+}
+
+drsuapi_tests()
+{
+
+ name="RPC-DRSUAPI on ncacn_ip_tcp with seal"
+ bin/smbtorture \
+ ncacn_ip_tcp:$server[seal] $OPTIONS \
+ RPC-DRSUAPI || on_error "$name"
+
+ name="RPC-DRSUAPI on ncacn_ip_tcp with seal,bigendian"
+ bin/smbtorture \
+ ncacn_ip_tcp:$server[seal,bigendian] $OPTIONS \
+ RPC-DRSUAPI || on_error "$name"
+}
+
+spoolss_tests()
+{
+
+ name="RPC-SPOOLSS on ncacn_np"
+ bin/smbtorture \
+ ncacn_np:$server $OPTIONS \
+ RPC-SPOOLSS || on_error "$name"
+}
+
+ncacn_ip_tcp_tests()
+{
+ bindopt=$1
+ transport="ncacn_ip_tcp"
+ tests="RPC-SCHANNEL RPC-EPMAPPER RPC-SAMR RPC-NETLOGON RPC-LSA RPC-SAMLOGON RPC-SAMSYNC RPC-MULTIBIND"
+
+ for bindoptions in $bindopt; do
+ for t in $tests; do
+ name="$t on $transport with $bindoptions"
+ bin/smbtorture $TORTURE_OPTIONS \
+ $transport:$server[$bindoptions] \
+ $OPTIONS $t || on_error "$name"
+ done
+ done
+}
+
+ncacn_np_tests()
+{
+ bindopt=$1
+ transport="ncacn_np"
+ tests="RPC-SCHANNEL RPC-DSSETUP RPC-EPMAPPER RPC-SAMR RPC-WKSSVC RPC-SRVSVC RPC-EVENTLOG RPC-NETLOGON RPC-LSA RPC-SAMLOGON RPC-SAMSYNC RPC-MULTIBIND RPC-WINREG"
+
+ for bindoptions in $bindopt; do
+ for t in $tests; do
+ name="$t on $transport with $bindoptions"
+ bin/smbtorture $TORTURE_OPTIONS \
+ $transport:$server[$bindoptions] \
+ $OPTIONS $t || on_error "$name"
+ done
+ done
+}
+
+bindoptions="padcheck connect sign seal ntlm,sign ntml,seal $VALIDATE bigendian"
+
+case $TESTGROUP in
+RPC-DRSUAPI) drsuapi_tests ;;
+RPC-SPOOLSS) spoolss_tests ;;
+ncacn_ip_tcp) ncacn_ip_tcp_tests $bindoptions ;;
+ncacn_np) ncacn_np_tests $bindoptions ;;
+*)
+ echo "$TESTGROUP is not a known set of tests."
+ exit 1
+ ;;
+esac
+
+exit $all_errs
diff --git a/source4/selftest/win/wintest_base.sh b/source4/selftest/win/wintest_base.sh
new file mode 100755
index 0000000..6905b5e
--- /dev/null
+++ b/source4/selftest/win/wintest_base.sh
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+. selftest/test_functions.sh
+
+. selftest/win/wintest_functions.sh
+
+# This variable is defined in the per-hosts .fns file.
+. $WINTESTCONF
+
+if [ $# -lt 4 ]; then
+ cat <<EOF
+Usage: test_net.sh SERVER USERNAME PASSWORD DOMAIN
+EOF
+ exit 1
+fi
+
+server="$1"
+username="$2"
+password="$3"
+domain="$4"
+shift 4
+
+export SMBTORTURE_REMOTE_HOST=$server
+
+base_tests="BASE-UNLINK BASE-ATTR BASE-DELETE BASE-TCON BASE-OPEN BASE-CHKPATH"
+
+all_errs=0
+err=0
+
+on_error()
+{
+ errstr=$1
+
+ all_errs=$(expr $all_errs + 1)
+ restore_snapshot $errstr "$VM_CFG_PATH"
+}
+
+for t in $base_tests; do
+ test_name="$t / WINDOWS SERVER"
+ echo -e "\n$test_name SETUP PHASE"
+
+ setup_share_test
+
+ if [ $err_rtn -ne 0 ]; then
+ # If test setup fails, load VM snapshot and skip test.
+ on_error "\n$test_name setup failed, skipping test."
+ else
+ echo -e "\n$test_name setup completed successfully."
+
+ $SMBTORTURE_BIN_PATH -U $username%$password \
+ -W $domain //$server/$SMBTORTURE_REMOTE_SHARE_NAME \
+ $t || err=1
+ if [ $err -ne 0 ]; then
+ on_error "\n$test_name failed."
+ else
+ echo -e "\n$test_name CLEANUP PHASE"
+ remove_share_test
+ if [ $err_rtn -ne 0 ]; then
+ # If cleanup fails, restore VM snapshot.
+ on_error "\n$test_name removal failed."
+ else
+ echo -e "\n$test_name removal completed successfully."
+ fi
+ fi
+ fi
+done
+
+exit $all_errs
diff --git a/source4/selftest/win/wintest_client.exp b/source4/selftest/win/wintest_client.exp
new file mode 100644
index 0000000..ccf5d06
--- /dev/null
+++ b/source4/selftest/win/wintest_client.exp
@@ -0,0 +1,95 @@
+# An expect script to create a temporary file, map a share, copy the file to the share,
+# and compare the contents of the two files.
+# Copyright Brad Henry <brad@samba.org> 2006
+# Released under the GNU GPL version 3 or later.
+
+proc run_test { remote_prompt tmp_filename share_drive host_drive buildhost_ip buildhost_share username domain password } {
+
+ # Create the temp file on the windows host and connect to the samba share.
+ set host_tmpfile "$host_drive\\$tmp_filename"
+ set err_str [create_tmp_file $remote_prompt $host_tmpfile]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+
+ set buildhost_sharepoint "\\\\$buildhost_ip\\$buildhost_share"
+ set err_str [map_share $remote_prompt $share_drive $buildhost_sharepoint $username $domain $password]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+
+ # Copy the temp file to the share and compare its contents with the original.
+ set share_tmpfile "$share_drive\\$tmp_filename"
+ set xcopy_options ""
+ set err_str [xcopy_file $remote_prompt $host_tmpfile $share_tmpfile $xcopy_options]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+
+ set err_str [compare_files $remote_prompt $host_tmpfile $share_tmpfile]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+
+ # Remove files and unmap share.
+ set err_str [delete_file $remote_prompt $share_tmpfile]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+ set err_str [delete_file $remote_prompt $host_tmpfile]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+
+ set err_str [unmap_share $remote_prompt $share_drive]
+ if {$err_str != "OK" } {
+ return $err_str
+ }
+
+ return $err_str
+}
+
+# Read parameters.
+set remote_prompt $env(SMBTORTURE_REMOTE_PROMPT)
+set remote_host $env(SMBTORTURE_REMOTE_HOST)
+set username $env(SMBTORTURE_USERNAME)
+set password $env(SMBTORTURE_PASSWORD)
+set timeout $env(SMBTORTURE_EXPECT_TIMEOUT)
+
+set tmp_filename $env(SMBTORTURE_TMP_FILENAME)
+
+set share_drive $env(SMBTORTURE_REMOTE_DRIVE_LETTER)
+set host_drive "%HOMEDRIVE%"
+
+set buildhost_ip $env(SMBTORTURE_LOCAL_IP)
+set buildhost_share $env(SMBTORTURE_LOCAL_SHARE_NAME)
+set buildhost_username $env(SMBTORTURE_LOCAL_USERNAME)
+set buildhost_domain $env(SMBTORTURE_LOCAL_DOMAIN)
+set buildhost_password $env(SMBTORTURE_LOCAL_PASSWORD)
+
+set err_val [spawn $env(SHELL)]
+if {$err_val == 0} {
+ puts stderr "Expect failed while spawning a shell process."
+ exit $err_val
+}
+
+set err_str [telnet_login $remote_prompt $remote_host $username $password]
+if {$err_str != "OK"} {
+ puts stderr "\nFunction telnet_login failed during Samba server testing."
+ puts stderr "Error was: $err_str."
+ exit 1
+}
+
+set err_str [run_test $remote_prompt $tmp_filename $share_drive $host_drive $buildhost_ip $buildhost_share $buildhost_username $buildhost_domain $buildhost_password]
+if {$err_str != "OK"} {
+ puts stderr "\nFunction run_test failed during Samba server testing."
+ puts stderr "Error was: $err_str."
+
+ # Log off from the telnet server.
+ send "exit\r\n"
+ exit 1
+}
+
+# Log off from the telnet server.
+send "exit\r\n"
+exit 0
diff --git a/source4/selftest/win/wintest_client.sh b/source4/selftest/win/wintest_client.sh
new file mode 100755
index 0000000..b956c71
--- /dev/null
+++ b/source4/selftest/win/wintest_client.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+. selftest/test_functions.sh
+
+. selftest/win/wintest_functions.sh
+
+# This variable is defined in the per-hosts .fns file.
+. $WINTESTCONF
+
+export SMBTORTURE_REMOTE_HOST=$1
+
+test_name="WINDOWS CLIENT / SAMBA SERVER SHARE"
+
+cat $WINTEST_DIR/common.exp >$TMPDIR/client_test.exp
+cat $WINTEST_DIR/wintest_client.exp >>$TMPDIR/client_test.exp
+
+expect $TMPDIR/client_test.exp || all_errs=$(expr $all_errs + 1)
+
+if [ $all_errs ] >0; then
+ # Restore snapshot to ensure VM is in a known state.
+ restore_snapshot "\n$test_name failed." "$VM_CFG_PATH"
+fi
+
+rm -f $TMPDIR/client_test.exp
+
+exit $all_errs
diff --git a/source4/selftest/win/wintest_functions.sh b/source4/selftest/win/wintest_functions.sh
new file mode 100755
index 0000000..9b6bed9
--- /dev/null
+++ b/source4/selftest/win/wintest_functions.sh
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+# Setup the windows environment.
+# This was the best way I could figure out including library files
+# for the moment.
+# I was finding that "cat common.exp wintest_setup.exp | expect -f -"
+# fails to run, but exits with 0 status something like 1% of the time.
+
+setup_share_test()
+{
+ echo -e "\nSetting up windows environment."
+ cat $WINTEST_DIR/common.exp >$TMPDIR/setup.exp
+ cat $WINTEST_DIR/wintest_setup.exp >>$TMPDIR/setup.exp
+ expect $TMPDIR/setup.exp
+ err_rtn=$?
+ rm -f $TMPDIR/setup.exp
+}
+
+# Clean up the windows environment after the test has run or failed.
+remove_share_test()
+{
+ echo -e "\nCleaning up windows environment."
+ cat $WINTEST_DIR/common.exp >$TMPDIR/remove.exp
+ cat $WINTEST_DIR/wintest_remove.exp >>$TMPDIR/remove.exp
+ expect $TMPDIR/remove.exp
+ err_rtn=$?
+ rm -f $TMPDIR/remove.exp
+}
+
+restore_snapshot()
+{
+ err_str=$1
+ VMX_PATH=$2
+
+ # Display the error that caused us to restore the snapshot.
+ echo -e $err_str
+
+ if [ -z $HOST_SERVER_NAME ]; then
+ # The vmware server is running locally.
+ vmrun revertToSnapshot "$VMX_PATH"
+ err_rtn=$?
+ else
+ vmrun -h $HOST_SERVER_NAME -P $HOST_SERVER_PORT \
+ -u $HOST_USERNAME -p $HOST_PASSWORD \
+ revertToSnapshot "$VMX_PATH"
+ err_rtn=$?
+ fi
+
+ if [ $err_rtn -eq 0 ]; then
+ echo "Snapshot restored."
+ else
+ echo "Error $err_rtn restoring snapshot!"
+ fi
+}
diff --git a/source4/selftest/win/wintest_net.sh b/source4/selftest/win/wintest_net.sh
new file mode 100755
index 0000000..429be6c
--- /dev/null
+++ b/source4/selftest/win/wintest_net.sh
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+. selftest/test_functions.sh
+
+. selftest/win/wintest_functions.sh
+
+# This variable is defined in the per-hosts .fns file.
+. $WINTESTCONF
+
+if [ $# -lt 4 ]; then
+ cat <<EOF
+Usage: test_net.sh SERVER USERNAME PASSWORD DOMAIN
+EOF
+ exit 1
+fi
+
+server="$1"
+username="$2"
+password="$3"
+domain="$4"
+shift 4
+
+ncacn_np_tests="NET-API-LOOKUP NET-API-LOOKUPHOST NET-API-RPCCONN-BIND NET-API-RPCCONN-SRV NET-API-RPCCONN-DC NET-API-RPCCONN-DCINFO NET-API-LISTSHARES"
+#These tests fail on ncacn_np: NET-API-LOOKUPPDC NET-API-CREATEUSER NET-API-DELETEUSER
+
+ncalrpc_tests="NET-API-RPCCONN-SRV NET-API-RPCCONN-DC NET-API-RPCCONN-DCINFO NET-API-LISTSHARES"
+#These tests fail on ncalrpc: NET-API-CREATEUSER NET-API-DELETEUSER
+
+ncacn_ip_tcp_tests="NET-API-LOOKUP NET-API-LOOKUPHOST NET-API-RPCCONN-SRV NET-API-RPCCONN-DC NET-API-RPCCONN-DCINFO NET-API-LISTSHARES"
+#These tests fail on ncacn_ip_tcp: NET-API-LOOKUPPDC NET-API-CREATEUSER NET-API-DELETEUSER
+
+bind_options="seal,padcheck bigendian"
+
+test_type="ncalrpc ncacn_np ncacn_ip_tcp"
+
+all_errs=0
+
+on_error()
+{
+ errstr=$1
+
+ all_errs=$(expr $all_errs + 1)
+ restore_snapshot "$errstr" "$VM_CFG_PATH"
+}
+
+for o in $bind_options; do
+ for transport in $test_type; do
+ case $transport in
+ ncalrpc) net_test=$ncalrpc_tests ;;
+ ncacn_np) net_test=$ncacn_np_tests ;;
+ ncacn_ip_tcp) net_test=$ncacn_ip_tcp_tests ;;
+ esac
+
+ for t in $net_test; do
+ test_name="$t on $transport with $o"
+ $SMBTORTURE_BIN_PATH -U $username%$password \
+ -W $domain $transport:$server[$o] \
+ $t || on_error "\n$test_name failed."
+ done
+ done
+done
+
+exit $all_errs
diff --git a/source4/selftest/win/wintest_raw.sh b/source4/selftest/win/wintest_raw.sh
new file mode 100755
index 0000000..c22dacd
--- /dev/null
+++ b/source4/selftest/win/wintest_raw.sh
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+. selftest/test_functions.sh
+
+. selftest/win/wintest_functions.sh
+
+# This variable is defined in the per-hosts .fns file.
+. $WINTESTCONF
+
+if [ $# -lt 4 ]; then
+ cat <<EOF
+Usage: test_net.sh SERVER USERNAME PASSWORD DOMAIN
+EOF
+ exit 1
+fi
+
+server="$1"
+username="$2"
+password="$3"
+domain="$4"
+shift 4
+
+export SMBTORTURE_REMOTE_HOST=$server
+
+raw_tests="RAW-QFILEINFO RAW-SFILEINFO-BASE RAW-MKDIR RAW-SEEK RAW-OPEN RAW-WRITE RAW-UNLINK RAW-READ RAW-CLOSE RAW-IOCTL RAW-RENAME RAW-EAS RAW-STREAMS"
+# This test fails: RAW-QFSINFO
+
+all_errs=0
+err=0
+
+on_error()
+{
+ errstr=$1
+ all_errs=$(expr $all_errs + 1)
+
+ restore_snapshot "$errstr" "$VM_CFG_PATH"
+}
+
+for t in $raw_tests; do
+ test_name="$t / WINDOWS SERVER"
+ echo -e "\n$test_name SETUP PHASE"
+
+ setup_share_test
+
+ if [ $err_rtn -ne 0 ]; then
+ # If test setup fails, load VM snapshot and skip test.
+ on_error "\n$test_name setup failed, skipping test."
+ else
+ echo -e "\n$test_name setup completed successfully."
+
+ $SMBTORTURE_BIN_PATH -U $username%$password -W $domain \
+ //$server/$SMBTORTURE_REMOTE_SHARE_NAME \
+ $t || err=1
+ if [ $err -ne 0 ]; then
+ on_error "\n$test_name failed."
+ else
+ echo -e "\n$test_name CLEANUP PHASE"
+ remove_share_test
+ if [ $err_rtn -ne 0 ]; then
+ # If cleanup fails, restore VM snapshot.
+ on_error "\n$test_name removal failed."
+ else
+ echo -e "\n$test_name removal completed successfully."
+ fi
+ fi
+ fi
+done
+
+exit $all_errs
diff --git a/source4/selftest/win/wintest_remove.exp b/source4/selftest/win/wintest_remove.exp
new file mode 100644
index 0000000..36dc4a7
--- /dev/null
+++ b/source4/selftest/win/wintest_remove.exp
@@ -0,0 +1,71 @@
+# An expect script to remove a directory and share which was
+# previously setup for an smbtorture test.
+# Copyright Brad Henry <brad@samba.org> 2006
+# Released under the GNU GPL version 3 or later.
+
+proc remove_test { remote_prompt sharepath sharename hosts_file_path \
+ backup_hosts_filename } {
+
+ set err_str [delete_share $remote_prompt $sharename]
+ if { $err_str != "OK" } {
+ puts stderr "Error in function delete_share: $err_str."
+ puts stderr "Function remove_test will continue."
+ }
+
+ set err_str [delete_directory $remote_prompt $sharepath]
+ if { $err_str != "OK" } {
+ puts stderr "Error in function delete_directory: $err_str."
+ puts stderr "Function remove_test will continue."
+ }
+
+ # Overwrite the current hosts file with the backup we made during setup.
+ set err_str [delete_hosts_entry $remote_prompt $hosts_file_path \
+ $backup_hosts_filename]
+ if { $err_str != "OK" } {
+ puts stderr "Error in function delete_hosts_entry: $err_str."
+ puts stderr "Function remove_test will continue."
+ }
+ return $err_str
+}
+
+# read parameters
+set remote_host $env(SMBTORTURE_REMOTE_HOST)
+set remote_prompt $env(SMBTORTURE_REMOTE_PROMPT)
+
+set username $env(SMBTORTURE_USERNAME)
+set password $env(SMBTORTURE_PASSWORD)
+
+set timeout $env(SMBTORTURE_EXPECT_TIMEOUT)
+
+set sharepath $env(SMBTORTURE_REMOTE_SHARE_PATH)
+set sharename $env(SMBTORTURE_REMOTE_SHARE_NAME)
+
+set backup_hosts_filename $env(REMOTE_BACKUP_HOSTS_FILENAME)
+set hosts_file_path $env(REMOTE_HOSTS_FILE_PATH)
+
+set err_val [spawn $env(SHELL)]
+if {$err_val == 0} {
+ puts stderr "Expect failed while spawning a shell process."
+ exit $err_val
+}
+
+set err_str [telnet_login $remote_prompt $remote_host $username $password]
+if {$err_str != "OK"} {
+ puts stderr "\nFunction telnet_login failed during cleanup."
+ puts stderr "Error was: $err_str."
+ exit 1
+}
+
+set err_str [remove_test $remote_prompt $sharepath $sharename \
+ $hosts_file_path $backup_hosts_filename]
+if {$err_str != "OK"} {
+ puts stderr "\nFunction remove_test failed."
+ puts stderr "Error was: $err_str."
+ # Log off from the telnet server.
+ send "exit\r\n"
+ exit 1
+}
+
+# Log off from the telnet server.
+send "exit\r\n"
+exit 0
diff --git a/source4/selftest/win/wintest_rpc.sh b/source4/selftest/win/wintest_rpc.sh
new file mode 100755
index 0000000..03ac6a8
--- /dev/null
+++ b/source4/selftest/win/wintest_rpc.sh
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+. selftest/test_functions.sh
+
+. selftest/win/wintest_functions.sh
+
+# This variable is defined in the per-hosts .fns file.
+. $WINTESTCONF
+
+if [ $# -lt 4 ]; then
+ cat <<EOF
+Usage: test_rpc.sh SERVER USERNAME PASSWORD DOMAIN
+EOF
+ exit 1
+fi
+
+server="$1"
+username="$2"
+password="$3"
+domain="$4"
+shift 4
+
+ncacn_np_tests="RPC-SRVSVC RPC-UNIXINFO RPC-ECHO RPC-DSSETUP RPC-ALTERCONTEXT RPC-MULTIBIND"
+# These tests fail on ncacn_np: RPC-SPOOLSS RPC-SCHANNEL RPC-JOIN RPC-LSA
+# RPC-NETLOGON
+
+ncalrpc_tests="RPC-UNIXINFO RPC-ECHO"
+# These tests fail on ncalrpc: RPC-SCHANNEL RPC-JOIN RPC-LSA RPC-DSSETUP
+# RPC-ALTERCONTEXT RPC-MULTIBIND RPC-NETLOGON
+
+ncacn_ip_tcp_tests="RPC-UNIXINFO RPC-ECHO"
+# These tests fail on ncacn_ip_tcp: RPC-SCHANNEL RPC-JOIN RPC-LSA RPC-DSSETUP
+# RPC-ALTERCONTEXT RPC-MULTIBIND RPC-NETLOGON
+
+bind_options="seal,padcheck bigendian"
+
+test_type="ncalrpc ncacn_np ncacn_ip_tcp"
+
+all_errs=0
+
+on_error()
+{
+ errstr=$1
+ all_errs=$(expr $all_errs + 1)
+
+ restore_snapshot "$errstr" "$VM_CFG_PATH"
+}
+
+for o in $bind_options; do
+ for transport in $test_type; do
+ case $transport in
+ ncalrpc) rpc_test=$ncalrpc_tests ;;
+ ncacn_np) rpc_test=$ncacn_np_tests ;;
+ ncacn_ip_tcp) rpc_test=$ncacn_ip_tcp_tests ;;
+ esac
+
+ for t in $rpc_test; do
+ test_name="$t on $transport with $o"
+
+ $SMBTORTURE_BIN_PATH -U $username%$password \
+ -W $domain $transport:$server[$o] \
+ $t || on_error "\n$test_name failed."
+ done
+ done
+done
+
+exit $all_errs
diff --git a/source4/selftest/win/wintest_setup.exp b/source4/selftest/win/wintest_setup.exp
new file mode 100644
index 0000000..c48ad14
--- /dev/null
+++ b/source4/selftest/win/wintest_setup.exp
@@ -0,0 +1,104 @@
+# An expect script to setup a directory and share for an smbtorture test.
+# Copyright Brad Henry <brad@samba.org> 2006
+# Released under the GNU GPL version 3 or later.
+
+proc setup_test { remote_prompt sharepath sharename username local_hostname \
+ local_ip hosts_file_path backup_hosts_filename } {
+
+ # If creating the directory fails, remove, then
+ # re-create the directory.
+ set err_str [create_directory $remote_prompt $sharepath]
+ if { $err_str != "OK" } {
+ if { $err_str != "Directory already exists" } {
+ puts stderr "\nUnexpected error occurred in setup_test.\n"
+ puts stderr "Function create_directory returned $err_str."
+ } else {
+ puts stdout "\nDirectory $sharepath exists."
+ }
+ puts stdout "Re-creating directory $sharepath."
+
+ set err_str [delete_directory $remote_prompt $sharepath]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+ set err_str [create_directory $remote_prompt $sharepath]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+ }
+
+ # If creating the share fails, remove, then
+ # re-create the share.
+ set err_str [create_share $remote_prompt $username $sharepath \
+ $sharename]
+ if { $err_str != "OK" } {
+ if { $err_str != "The name has already been shared" } {
+ puts stderr "\nUnexpected error occurred in setup_test."
+ puts stderr "Function create_share returned $err_str."
+ } else {
+ puts stdout "\nShare $sharename exists."
+ }
+ puts stdout "Re-creating share $sharename."
+
+ set err_str [delete_share $remote_prompt $sharename]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+ set err_str [create_share $remote_prompt $username $sharepath \
+ $sharename]
+ if { $err_str != "OK" } {
+ return $err_str
+ }
+ }
+
+ # Add a hosts file entry on the windows machine for the smbtorture host.
+ set err_str [create_hosts_entry $remote_prompt $hosts_file_path \
+ $local_hostname $local_ip $backup_hosts_filename]
+ return $err_str
+}
+
+# Read parameters.
+set remote_host $env(SMBTORTURE_REMOTE_HOST)
+set remote_prompt $env(SMBTORTURE_REMOTE_PROMPT)
+
+set username $env(SMBTORTURE_USERNAME)
+set password $env(SMBTORTURE_PASSWORD)
+
+set timeout $env(SMBTORTURE_EXPECT_TIMEOUT)
+
+set sharepath $env(SMBTORTURE_REMOTE_SHARE_PATH)
+set sharename $env(SMBTORTURE_REMOTE_SHARE_NAME)
+
+set local_hostname $env(SMBTORTURE_LOCAL_HOSTNAME)
+set local_ip $env(SMBTORTURE_LOCAL_IP)
+
+set backup_hosts_filename $env(REMOTE_BACKUP_HOSTS_FILENAME)
+set hosts_file_path $env(REMOTE_HOSTS_FILE_PATH)
+
+set err_val [spawn $env(SHELL)]
+if {$err_val == 0} {
+ puts stderr "Expect failed while spawning a shell process."
+ exit $err_val
+}
+
+set err_str [telnet_login $remote_prompt $remote_host $username $password]
+if {$err_str != "OK"} {
+ puts stderr "\nFunction telnet_login failed during setup."
+ puts stderr "Error was: $err_str."
+ exit 1
+}
+
+set err_str [setup_test $remote_prompt $sharepath $sharename $username \
+ $local_hostname $local_ip $hosts_file_path \
+ $backup_hosts_filename]
+if {$err_str != "OK"} {
+ puts stderr "\nFunction setup_test failed during setup."
+ puts stderr "Error was: $err_str."
+ # Log off from the telnet server.
+ send "exit\r\n"
+ exit 1
+}
+
+# Log off from the telnet server.
+send "exit\r\n"
+exit 0