diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 17:20:00 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 17:20:00 +0000 |
commit | 8daa83a594a2e98f39d764422bfbdbc62c9efd44 (patch) | |
tree | 4099e8021376c7d8c05bdf8503093d80e9c7bad0 /testprogs/blackbox/test_trust_user_account.sh | |
parent | Initial commit. (diff) | |
download | samba-8daa83a594a2e98f39d764422bfbdbc62c9efd44.tar.xz samba-8daa83a594a2e98f39d764422bfbdbc62c9efd44.zip |
Adding upstream version 2:4.20.0+dfsg.upstream/2%4.20.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testprogs/blackbox/test_trust_user_account.sh')
-rwxr-xr-x | testprogs/blackbox/test_trust_user_account.sh | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/testprogs/blackbox/test_trust_user_account.sh b/testprogs/blackbox/test_trust_user_account.sh new file mode 100755 index 0000000..94a3aa3 --- /dev/null +++ b/testprogs/blackbox/test_trust_user_account.sh @@ -0,0 +1,58 @@ +#!/bin/sh + +if [ $# -lt 1 ]; then + cat <<EOF +Usage: test_trust_user_account.sh PREFIX OUR_REALM OUR_FLAT REMOTE_REALM REMOTE_FLAT +EOF + exit 1 +fi + +PREFIX="$1" +OUR_REALM="$2" +OUR_FLAT="$3" +REMOTE_REALM="$4" +REMOTE_FLAT="$5" +shift 5 + +. $(dirname $0)/subunit.sh + +samba_tool="$BINDIR/samba-tool" +samba4bindir="$BINDIR" +samba4srcdir="$SRCDIR/source4" +samba4kinit_binary="kinit -k" +if test -x $BINDIR/samba4kinit; then + samba4kinit_binary="$BINDIR/samba4kinit --use-keytab" +fi + +KEYTAB="$PREFIX/tmptda.keytab" + +KRB5_TRACE=/dev/stderr +export KRB5_TRACE + +testit "retrieve keytab for TDA of $REMOTE_REALM" $PYTHON $samba_tool domain exportkeytab $KEYTAB $CONFIGURATION --principal "$REMOTE_FLAT\$@$OUR_REALM" || failed=$(expr $failed + 1) + +KRB5CCNAME="$PREFIX/tmptda.ccache" +samba4kinit="$samba4kinit_binary -c $KRB5CCNAME" +export KRB5CCNAME + +rm -f $KRB5CCNAME + +EXPECTED_SALT="${OUR_REALM}krbtgt${REMOTE_FLAT}" +# +# Note the \$ is for the end of line in grep +# +# There must be no trailing '$' in the SALT string itself, +# it's removed from the sAMAccountName value (which includes the trailing '$') +# before construting the salt! +# +# Otherwise this would be: +# "^virtualKerberosSalt: ${EXPECTED_SALT}\\\$\$" +# +EXPECTED_GREP="^virtualKerberosSalt: ${EXPECTED_SALT}\$" +testit_grep "get virtualKerberosSalt for TDA of $REMOTE_FLAT\$" "$EXPECTED_GREP" $PYTHON $samba_tool user getpassword "$REMOTE_FLAT\$" $CONFIGURATION --attributes=virtualKerberosSalt || failed=$(expr $failed + 1) + +testit "kinit with keytab for TDA of $REMOTE_REALM" $samba4kinit -t $KEYTAB "$REMOTE_FLAT\$@$OUR_REALM" || failed=$(expr $failed + 1) + +rm -f $KRB5CCNAME $KEYTAB + +exit $failed |