5 Usage: test_ntlm_auth_s3.sh PYTHON SRC3DIR NTLM_AUTH
19 incdir=`dirname $0`/../../../testprogs/blackbox
22 SID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1`
23 BADSID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1 | sed 's/..$//'`
27 test_ntlm_server_1_check_output()
29 tmpfile=$PREFIX/ntlm_commands
32 LANMAN-Challenge: 0123456789abcdef
33 NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
36 Request-User-Session-Key: Yes
39 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --password=SecREt01< $tmpfile 2>&1'
45 if [ $ret != 0 ] ; then
52 echo "$out" | grep "User-Session-Key: 3F373EA8E4AF954F14FAA506F8EEBDC4" >/dev/null 2>&1
55 # authenticated .. succeed
58 echo failed to get successful authentication
63 test_ntlm_server_1_check_output_fail()
65 tmpfile=$PREFIX/ntlm_commands
67 # Break the password with a leading A on the challenge
69 LANMAN-Challenge: A123456789abcdef
70 NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
73 Request-User-Session-Key: Yes
76 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --password=SecREt01 < $tmpfile 2>&1'
82 if [ $ret != 0 ] ; then
89 echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
92 # failed to authenticate .. success
95 echo "incorrectly gave a successful authentication"
100 test_ntlm_server_1_check_winbind_output()
102 tmpfile=$PREFIX/ntlm_commands
104 # This isn't the correct password
109 Request-User-Session-Key: Yes
112 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$SID < $tmpfile 2>&1'
118 if [ $ret != 0 ] ; then
120 echo "command failed"
125 echo "$out" | grep "Authenticated: Yes" >/dev/null 2>&1
128 # authenticated .. success
131 echo "Failed to authenticate the user or match with SID $SID"
136 test_ntlm_server_1_check_winbind_output_wrong_sid()
138 tmpfile=$PREFIX/ntlm_commands
140 # This isn't the correct password
145 Request-User-Session-Key: Yes
148 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$BADSID < $tmpfile 2>&1'
154 if [ $ret != 0 ] ; then
156 echo "command failed"
161 echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
164 # failed to authenticate .. success
167 echo "incorrectly gave a successful authentication"
172 test_ntlm_server_1_check_winbind_output_fail()
174 tmpfile=$PREFIX/ntlm_commands
176 # This isn't the correct password
178 LANMAN-Challenge: 0123456789abcdef
179 NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
182 Request-User-Session-Key: Yes
185 cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 < $tmpfile 2>&1'
191 if [ $ret != 0 ] ; then
193 echo "command failed"
198 echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
201 # failed to authenticate .. success
204 echo "incorrectly gave a successful authentication"
209 # This should work even with NTLMv2
210 testit "ntlm_auth ntlm-server-1 with fixed password" test_ntlm_server_1_check_output || failed=`expr $failed + 1`
211 testit "ntlm_auth ntlm-server-1 with incorrect fixed password" test_ntlm_server_1_check_output_fail || failed=`expr $failed + 1`
212 testit "ntlm_auth ntlm-server-1 with plaintext password against winbind" test_ntlm_server_1_check_winbind_output || failed=`expr $failed + 1`
213 testit "ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid" test_ntlm_server_1_check_winbind_output_wrong_sid || failed=`expr $failed + 1`
214 testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1`