Adding upstream version 2:4.20.0+dfsg.upstream/2%4.20.0+dfsg

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 17:20:00 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 17:20:00 +0000
commit: 8daa83a594a2e98f39d764422bfbdbc62c9efd44 (patch)
tree: 4099e8021376c7d8c05bdf8503093d80e9c7bad0 /python/samba/tests/dcerpc/binding.py
parent: Initial commit. (diff)
download: samba-8daa83a594a2e98f39d764422bfbdbc62c9efd44.tar.xz
samba-8daa83a594a2e98f39d764422bfbdbc62c9efd44.zip
1 files changed, 101 insertions, 0 deletions
diff --git a/python/samba/tests/dcerpc/binding.py b/python/samba/tests/dcerpc/binding.py
new file mode 100644
index 0000000..1ad1f29
--- /dev/null
+++ b/python/samba/tests/dcerpc/binding.py
@@ -0,0 +1,101 @@
+#
+# Unix SMB/CIFS implementation.
+# Copyright (c) 2020      Andreas Schneider <asn@samba.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+"""Tests for samba.dcerpc., credentials and binding strings"""
+
+import samba.tests
+from samba.tests import RpcInterfaceTestCase, TestCase
+from samba.dcerpc import lsa
+import samba.dcerpc.security as security
+from samba.credentials import Credentials, SMB_ENCRYPTION_REQUIRED, SMB_ENCRYPTION_OFF
+from samba import NTSTATUSError
+
+class RpcBindingTests(RpcInterfaceTestCase):
+
+    def get_user_creds(self):
+        c = Credentials()
+        c.guess()
+        domain = samba.tests.env_get_var_value('DOMAIN')
+        username = samba.tests.env_get_var_value('USERNAME')
+        password = samba.tests.env_get_var_value('PASSWORD')
+        c.set_domain(domain)
+        c.set_username(username)
+        c.set_password(password)
+        return c
+
+    def test_smb3_dcerpc_no_encryption(self):
+        creds = self.get_user_creds()
+        creds.set_smb_encryption(SMB_ENCRYPTION_OFF)
+
+        lp = self.get_loadparm()
+        lp.set('client ipc max protocol', 'SMB3')
+        lp.set('client ipc min protocol', 'SMB3')
+
+        binding_string = ("ncacn_np:%s" % (samba.tests.env_get_var_value('SERVER')))
+        lsa_conn = lsa.lsarpc(binding_string, lp, creds)
+        self.assertFalse(lsa_conn.transport_encrypted())
+
+        objectAttr = lsa.ObjectAttribute()
+        objectAttr.sec_qos = lsa.QosInfo()
+
+        pol_handle = lsa_conn.OpenPolicy2('',
+                                          objectAttr,
+                                          security.SEC_FLAG_MAXIMUM_ALLOWED)
+        self.assertIsNotNone(pol_handle)
+
+    def test_smb3_dcerpc_encryption(self):
+        creds = self.get_user_creds()
+        creds.set_smb_encryption(SMB_ENCRYPTION_REQUIRED)
+
+        lp = self.get_loadparm()
+        lp.set('client ipc max protocol', 'SMB3')
+        lp.set('client ipc min protocol', 'SMB3')
+
+        binding_string = ("ncacn_np:%s" % (samba.tests.env_get_var_value('SERVER')))
+        lsa_conn = lsa.lsarpc(binding_string, lp, creds)
+        self.assertTrue(lsa_conn.transport_encrypted())
+
+        objectAttr = lsa.ObjectAttribute()
+        objectAttr.sec_qos = lsa.QosInfo()
+
+        pol_handle = lsa_conn.OpenPolicy2('',
+                                          objectAttr,
+                                          security.SEC_FLAG_MAXIMUM_ALLOWED)
+        self.assertIsNotNone(pol_handle)
+
+    def test_smb2_dcerpc_encryption(self):
+        creds = self.get_user_creds()
+        creds.set_smb_encryption(SMB_ENCRYPTION_REQUIRED)
+
+        lp = self.get_loadparm()
+        lp.set('client ipc max protocol', 'SMB2')
+        lp.set('client ipc min protocol', 'SMB2')
+
+        binding_string = ("ncacn_np:%s" % (samba.tests.env_get_var_value('SERVER')))
+        self.assertRaises(NTSTATUSError, lsa.lsarpc, binding_string, lp, creds)
+
+    def test_smb1_dcerpc_encryption(self):
+        creds = self.get_user_creds()
+        creds.set_smb_encryption(SMB_ENCRYPTION_REQUIRED)
+
+        lp = self.get_loadparm()
+        lp.set('client ipc max protocol', 'NT1')
+        lp.set('client ipc min protocol', 'NT1')
+
+        binding_string = ("ncacn_np:%s" % (samba.tests.env_get_var_value('SERVER')))
+        self.assertRaises(NTSTATUSError, lsa.lsarpc, binding_string, lp, creds)
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 17:20:00 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 17:20:00 +0000
commit	8daa83a594a2e98f39d764422bfbdbc62c9efd44 (patch)
tree	4099e8021376c7d8c05bdf8503093d80e9c7bad0 /python/samba/tests/dcerpc/binding.py
parent	Initial commit. (diff)
download	samba-8daa83a594a2e98f39d764422bfbdbc62c9efd44.tar.xz samba-8daa83a594a2e98f39d764422bfbdbc62c9efd44.zip