From 84e9e36f0cc3de3950b4b6f6e2f4e3275ceaa7fd Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 10 May 2017 08:39:53 +0200 Subject: [PATCH] works --- selftest/target/Samba3.pm | 2 -- selftest/target/Samba4.pm | 10 ++++++++-- source3/script/tests/test_smbclient_ntlm.sh | 12 ++++++++++-- source3/selftest/tests.py | 8 ++++---- 4 files changed, 22 insertions(+), 10 deletions(-) diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 5afb3de566b3..d706b0d18d5e 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -262,8 +262,6 @@ sub setup_nt4_dc_schannel rpc_daemon:lsasd = fork server schannel = yes - # used to reproduce bug #12772 - server max protocol = SMB2_02 "; my $vars = $self->provision($path, "NT4SCHANNEL", diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index e4b05997a0cd..ecbdf3fd2286 100755 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -1687,6 +1687,7 @@ sub provision_fl2000dc($$) my $extra_conf_options = " spnego:simulate_w2k=yes ntlmssp_server:force_old_spnego=yes + server max protocol = NT1 "; my $extra_provision_options = ["--use-ntvfs"]; # This environment uses plain text secrets @@ -1729,7 +1730,9 @@ sub provision_fl2003dc($$$) my $extra_conf_options = "allow dns updates = nonsecure and secure dcesrv:header signing = no dcesrv:max auth states = 0 - dns forwarder = 127.0.0.$swiface1 127.0.0.$swiface2"; + dns forwarder = 127.0.0.$swiface1 127.0.0.$swiface2 + server max protocol = SMB2_02 + "; my $extra_provision_options = ["--use-ntvfs"]; my $ret = $self->provision($prefix, "domain controller", @@ -1779,7 +1782,10 @@ sub provision_fl2008r2dc($$$) my ($self, $prefix, $dcvars) = @_; print "PROVISIONING DC WITH FOREST LEVEL 2008r2...\n"; - my $extra_conf_options = "ldap server require strong auth = no"; + my $extra_conf_options = " + ldap server require strong auth = no + server max protocol = SMB2_10 + "; my $extra_provision_options = ["--use-ntvfs"]; my $ret = $self->provision($prefix, "domain controller", diff --git a/source3/script/tests/test_smbclient_ntlm.sh b/source3/script/tests/test_smbclient_ntlm.sh index 33a927fe4c27..8bc97f0b9fb8 100755 --- a/source3/script/tests/test_smbclient_ntlm.sh +++ b/source3/script/tests/test_smbclient_ntlm.sh @@ -23,11 +23,19 @@ incdir=`dirname $0`/../../../testprogs/blackbox testit "smbclient username.password.NT1OLD" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mNT1 --option=clientusespnego=no --option=clientntlmv2auth=no -c quit $ADDARGS testit "smbclient username.password.NT1NEW" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mNT1 -c quit $ADDARGS -testit "smbclient username.password.SMB3" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mSMB3 -c quit $ADDARGS +testit "smbclient username.password.SMB2_02" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mSMB2_02 -c quit $ADDARGS +testit "smbclient username.password.SMB2_10" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mSMB2_10 -c quit $ADDARGS +testit "smbclient username.password.SMB3_00" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mSMB3_00 -c quit $ADDARGS +testit "smbclient username.password.SMB3_02" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mSMB3_02 -c quit $ADDARGS +testit "smbclient username.password.SMB3_11" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mSMB3_11 -c quit $ADDARGS testit "smbclient anonymous.nopassword.NT1OLD" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mNT1 --option=clientusespnego=no --option=clientntlmv2auth=no -c quit $ADDARGS testit "smbclient anonymous.nopassword.NT1NEW" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mNT1 -c quit $ADDARGS -testit "smbclient anonymous.nopassword.SMB3" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mSMB3 -c quit $ADDARGS +testit "smbclient anonymous.nopassword.SMB2_02" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mSMB2_02 -c quit $ADDARGS +testit "smbclient anonymous.nopassword.SMB2_10" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mSMB2_10 -c quit $ADDARGS +testit "smbclient anonymous.nopassword.SMB3_00" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mSMB3_00 -c quit $ADDARGS +testit "smbclient anonymous.nopassword.SMB3_02" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mSMB3_02 -c quit $ADDARGS +testit "smbclient anonymous.nopassword.SMB3_11" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mSMB3_11 -c quit $ADDARGS if test x"${MAPTOGUEST}" = x"never" ; then testit_expect_failure "smbclient anonymous.badpassword.NT1NEW.fail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mNT1 -c quit $ADDARGS testit_expect_failure "smbclient anonymous.badpassword.SMB3.fail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mSMB3 -c quit $ADDARGS diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 638ec06e086f..4972fcd1e32d 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -222,7 +222,7 @@ for options in ["", "--option=clientntlmv2auth=no", "--option=clientusespnego=no env = "nt4_dc" plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) %s" % (env, options), env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$DC_USERNAME', '$DC_PASSWORD', smbclient3, configuration, options]) -for env in ["nt4_dc", "nt4_member", "ad_member", "ad_dc", "ad_dc_ntvfs", "s4member", "fl2000dc"]: +for env in ["nt4_dc", "nt4_member", "ad_member", "ad_dc", "ad_dc_ntvfs", "s4member", "fl2000dc", "fl2003dc", "fl2008r2dc"]: plantestsuite("samba3.blackbox.smbclient_machine_auth.plain (%s:local)" % env, "%s:local" % env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_machine_auth.sh"), '$SERVER', smbclient3, configuration]) plantestsuite("samba3.blackbox.smbclient_ntlm.plain (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_ntlm.sh"), '$SERVER', '$DC_USERNAME', '$DC_PASSWORD', "never", smbclient3, configuration]) @@ -240,9 +240,9 @@ for env in ["ad_member:local", "nt4_dc:local"]: env = "nt4_dc" plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) ipv6" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IPV6', '$SERVER/$USERNAME', '$PASSWORD', smbclient3, configuration]) -for env in ["nt4_member", "ad_member", "nt4_dc_schannel", "ad_member_rfc2307", "ad_dc", "ktest"]: - for options in ["-mSMB2_02", "-mSMB2_10", "-mSMB3_00", "-mSMB3_02", "-mSMB3_11"]: - plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) %s SMB2/3" % (env, options), env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$SERVER/$USERNAME', '$PASSWORD', smbclient3, configuration, options]) +#for env in ["nt4_member", "ad_member", "nt4_dc_schannel", "ad_member_rfc2307", "ad_dc", "ktest"]: +# for options in ["-mSMB2_02", "-mSMB2_10", "-mSMB3_00", "-mSMB3_02", "-mSMB3_11"]: +# plantestsuite("samba3.blackbox.smbclient_auth.plain (%s) %s SMB2/3" % (env, options), env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$SERVER/$USERNAME', '$PASSWORD', smbclient3, configuration, options]) for env in ["nt4_member", "ad_member"]: plantestsuite("samba3.blackbox.net_cred_change.(%s:local)" % env, "%s:local" % env, [os.path.join(samba3srcdir, "script/tests/test_net_cred_change.sh"), configuration]) -- 2.34.1