blob: 31678d17e28ec045ac771ab378b814ce43c263ef (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
#!/bin/sh
if [ $# -lt 6 ]; then
cat <<EOF
Usage: test_smbclient_kerberos.sh USERNAME REALM PASSWORD SERVER SMBCLIENT TARGET
EOF
exit 1
fi
USERNAME="$1"
REALM=$2
PASSWORD="$3"
SERVER="$4"
smbclient="$5"
TARGET="$6"
shift 6
incdir=$(dirname $0)/../../../testprogs/blackbox
. ${incdir}/subunit.sh
. ${incdir}/common_test_fns.inc
failed=0
samba_kinit=kinit
if test -x ${BINDIR}/samba4kinit; then
samba_kinit=${BINDIR}/samba4kinit
fi
samba_kdestroy=kdestroy
if test -x ${BINDIR}/samba4kdestroy; then
samba_kdestroy=${BINDIR}/samba4kdestroy
fi
KRB5CCNAME_PATH="${PREFIX}/ccache_smbclient_kerberos"
KRB5CCNAME="FILE:${KRB5CCNAME_PATH}"
export KRB5CCNAME
# For ad_dc_fips this should succeed as Kerberos is set to required by default
test_smbclient "smbclient.smb3.kerberos[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
-U${USERNAME}%${PASSWORD} -mSMB3 ||
failed=$(expr $failed + 1)
test_smbclient "smbclient.smb3.kerberos.required[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=required -U${USERNAME}%${PASSWORD} -mSMB3 ||
failed=$(expr $failed + 1)
test_smbclient "smbclient.smb3.kerberos.desired[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=desired -U${USERNAME}%${PASSWORD} -mSMB3 ||
failed=$(expr $failed + 1)
if [ "$TARGET" = "ad_dc_fips" ] || [ "$TARGET" = "ad_member_fips" ]; then
test_smbclient_expect_failure "smbclient.smb3.kerberos.off[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=off -U${USERNAME}%${PASSWORD} -mSMB3 ||
failed=$(expr $failed + 1)
else
test_smbclient "smbclient.smb3.kerberos.off[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=off -U${USERNAME}%${PASSWORD} -mSMB3 ||
failed=$(expr $failed + 1)
fi
kerberos_kinit $samba_kinit ${USERNAME}@${REALM} ${PASSWORD}
test_smbclient "smbclient.smb3.kerberos.ccache[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-krb5-ccache=${KRB5CCNAME} -mSMB3 ||
failed=$(expr $failed + 1)
test_smbclient "smbclient.smb3.kerberos.desired[//${SERVER}/tmp]" \
"ls; quit" //${SERVER}/tmp \
--use-kerberos=desired -U${USERNAME}%${PASSWORD} -mSMB3 ||
failed=$(expr $failed + 1)
$samba_kdestroy
rm -rf $KRB5CCNAME_PATH
testok "$0" "$failed"
|
