python/samba/tests/ntlm_auth.py

   1 # Unix SMB/CIFS implementation.
   2 #
   3 # Copyright (C) Samuel Cabrero <scabrero@suse.de> 2018
   4 #
   5 # This program is free software; you can redistribute it and/or modify
   6 # it under the terms of the GNU General Public License as published by
   7 # the Free Software Foundation; either version 3 of the License, or
   8 # (at your option) any later version.
   9 #
  10 # This program is distributed in the hope that it will be useful,
  11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13 # GNU General Public License for more details.
  14 #
  15 # You should have received a copy of the GNU General Public License
  16 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17 #
  18
  19 import os
  20 from subprocess import Popen, PIPE
  21 from samba.tests.ntlm_auth_base import NTLMAuthTestCase
  22 from samba.compat import get_string
  23
  24 class NTLMAuthHelpersTests(NTLMAuthTestCase):
  25
  26     def setUp(self):
  27         super(NTLMAuthHelpersTests, self).setUp()
  28         self.username = os.environ["DC_USERNAME"]
  29         self.password = os.environ["DC_PASSWORD"]
  30         self.domain = os.environ["DOMAIN"]
  31
  32     def test_specified_domain(self):
  33         """ ntlm_auth with specified domain """
  34
  35         username = "foo"
  36         password = "secret"
  37         domain = "FOO"
  38
  39         ret = self.run_helper(client_username=username,
  40                               client_password=password,
  41                               client_domain=domain,
  42                               server_username=username,
  43                               server_password=password,
  44                               server_domain=domain,
  45                               server_use_winbind=False)
  46         self.assertTrue(ret)
  47
  48         username = "foo"
  49         password = "secret"
  50         domain = "fOo"
  51
  52         ret = self.run_helper(client_username=username,
  53                               client_password=password,
  54                               client_domain=domain,
  55                               server_username=username,
  56                               server_password=password,
  57                               server_domain=domain,
  58                               server_use_winbind=False)
  59         self.assertTrue(ret)
  60
  61     def test_agaist_winbind(self):
  62         """ ntlm_auth against winbindd """
  63
  64         ret = self.run_helper(client_username=self.username,
  65                               client_password=self.password,
  66                               client_domain=self.domain,
  67                               server_use_winbind=True)
  68         self.assertTrue(ret)
  69
  70     def test_ntlmssp_gss_spnego(self):
  71         """ ntlm_auth with NTLMSSP client and gss-spnego server """
  72
  73         username = "foo"
  74         password = "secret"
  75         domain = "fOo"
  76
  77         ret = self.run_helper(client_username=username,
  78                               client_password=password,
  79                               client_domain=domain,
  80                               server_username=username,
  81                               server_password=password,
  82                               server_domain=domain,
  83                               client_helper="ntlmssp-client-1",
  84                               server_helper="gss-spnego",
  85                               server_use_winbind=False)
  86         self.assertTrue(ret)
  87
  88     def test_gss_spnego(self):
  89         """ ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server """
  90
  91         username = "foo"
  92         password = "secret"
  93         domain = "fOo"
  94
  95         ret = self.run_helper(client_username=username,
  96                               client_password=password,
  97                               client_domain=domain,
  98                               server_username=username,
  99                               server_password=password,
 100                               server_domain=domain,
 101                               client_helper="gss-spnego-client",
 102                               server_helper="gss-spnego",
 103                               server_use_winbind=False)
 104         self.assertTrue(ret)
 105
 106     def test_gss_spnego_winbind(self):
 107         """ ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server
 108         against winbind """
 109
 110         ret = self.run_helper(client_username=self.username,
 111                               client_password=self.password,
 112                               client_domain=self.domain,
 113                               client_helper="gss-spnego-client",
 114                               server_helper="gss-spnego",
 115                               server_use_winbind=True)
 116         self.assertTrue(ret)
 117
 118     def test_ntlmssp_gss_spnego_cached_creds(self):
 119         """ ntlm_auth with NTLMSSP client and gss-spnego server against
 120         winbind with cached credentials """
 121
 122         param = "--ccache-save=%s%s%s%%%s" % (self.domain,
 123                                               self.winbind_separator,
 124                                               self.username,
 125                                               self.password)
 126         cache_cmd = ["wbinfo",
 127                      param]
 128         self.check_exit_code(cache_cmd, 0)
 129
 130         ret = self.run_helper(client_username=self.username,
 131                               client_password=self.password,
 132                               client_domain=self.domain,
 133                               client_use_cached_creds=True,
 134                               client_helper="ntlmssp-client-1",
 135                               server_helper="gss-spnego",
 136                               server_use_winbind=True)
 137         self.assertTrue(ret)