expect_extra_pac_buffers = '1'
cls.expect_extra_pac_buffers = bool(int(expect_extra_pac_buffers))
+ cname_checking = samba.tests.env_get_var_value('CHECK_CNAME',
+ allow_missing=True)
+ if cname_checking is None:
+ cname_checking = '1'
+ cls.cname_checking = bool(int(cname_checking))
+
def setUp(self):
super().setUp()
self.do_asn1_print = False
padata = self.getElementValue(rep, 'padata')
if self.strict_checking:
self.assertElementEqualUTF8(rep, 'crealm', expected_crealm)
+ if self.cname_checking:
if expected_anon:
expected_cname = self.PrincipalName_create(
name_type=NT_WELLKNOWN,
ticket_session_key = self.EncryptionKey_import(ticket_key)
self.assertElementEqualUTF8(ticket_private, 'crealm',
expected_crealm)
- if self.strict_checking:
+ if self.cname_checking:
self.assertElementEqualPrincipal(ticket_private, 'cname',
expected_cname)
self.assertElementPresent(ticket_private, 'transited')
elif pac_buffer.type == krb5pac.PAC_TYPE_LOGON_NAME:
expected_cname = kdc_exchange_dict['expected_cname']
- account_name = expected_cname['name-string'][0]
+ account_name = '/'.join(expected_cname['name-string'])
self.assertEqual(account_name, pac_buffer.info.account_name)
self.assertElementPresent(rep, 'stime')
self.assertElementPresent(rep, 'susec')
# error-code checked above
+ if expected_anon and not inner:
+ expected_cname = self.PrincipalName_create(
+ name_type=NT_WELLKNOWN,
+ names=['WELLKNOWN', 'ANONYMOUS'])
+ self.assertElementEqualPrincipal(rep, 'cname', expected_cname)
+ elif self.strict_checking:
+ self.assertElementMissing(rep, 'cname')
if self.strict_checking:
self.assertElementMissing(rep, 'crealm')
- if expected_anon and not inner:
- expected_cname = self.PrincipalName_create(
- name_type=NT_WELLKNOWN,
- names=['WELLKNOWN', 'ANONYMOUS'])
- self.assertElementEqualPrincipal(rep, 'cname', expected_cname)
- else:
- self.assertElementMissing(rep, 'cname')
self.assertElementEqualUTF8(rep, 'realm', expected_srealm)
self.assertElementEqualPrincipal(rep, 'sname', expected_sname)
self.assertElementMissing(rep, 'e-text')
tkt_sig_support = int('SAMBA4_USES_HEIMDAL' in config_hash)
expect_pac = int('SAMBA4_USES_HEIMDAL' in config_hash)
extra_pac_buffers = int('SAMBA4_USES_HEIMDAL' in config_hash)
+check_cname = int('SAMBA4_USES_HEIMDAL' in config_hash)
planoldpythontestsuite("none", "samba.tests.krb5.kcrypto")
planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.simple_tests",
environ={'SERVICE_USERNAME':'$SERVER',
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers})
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname})
planoldpythontestsuite("ad_dc_default:local", "samba.tests.krb5.s4u_tests",
environ={'ADMIN_USERNAME':'$USERNAME',
'ADMIN_PASSWORD':'$PASSWORD',
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers})
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname})
planoldpythontestsuite("rodc:local", "samba.tests.krb5.rodc_tests",
environ={'ADMIN_USERNAME':'$USERNAME',
'ADMIN_PASSWORD':'$PASSWORD',
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers})
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname})
planoldpythontestsuite("ad_dc_default", "samba.tests.dsdb_dns")
environ={'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers})
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname})
planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.test_ccache",
environ={
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.test_ldap",
environ={
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
for env in ['ad_dc_default', 'ad_member']:
planoldpythontestsuite(env, "samba.tests.krb5.test_rpc",
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planoldpythontestsuite("ad_dc_smb1", "samba.tests.krb5.test_smb",
environ={
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planoldpythontestsuite("ad_member_idmap_nss:local",
"samba.tests.krb5.test_min_domain_uid",
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
for env in ["ad_dc", smbv1_disabled_testenv]:
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planoldpythontestsuite('fl2008r2dc', 'samba.tests.krb5.salt_tests',
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
for env in ["rodc", "promoted_dc", "fl2000dc", "fl2008r2dc"]:
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planpythontestsuite("ad_dc", "samba.tests.krb5.compatability_tests",
environ={
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planpythontestsuite("ad_dc", "samba.tests.krb5.kdc_tests",
environ={'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers})
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname})
planpythontestsuite(
"ad_dc",
"samba.tests.krb5.kdc_tgs_tests",
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planpythontestsuite(
"ad_dc",
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planpythontestsuite(
"ad_dc",
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planpythontestsuite(
"ad_dc",
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
planpythontestsuite(
"ad_dc",
'FAST_SUPPORT': have_fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
- 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers
+ 'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
+ 'CHECK_CNAME': check_cname
})
for env in [