selftest: move some more expected failures to expectedfail.d

author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Fri, 22 Mar 2024 03:20:18 +0000 (16:20 +1300)

committer Andrew Bartlett <abartlet@samba.org>

Wed, 10 Apr 2024 06:15:46 +0000 (06:15 +0000)
author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Fri, 22 Mar 2024 03:20:18 +0000 (16:20 +1300)
committer Andrew Bartlett <abartlet@samba.org>
Wed, 10 Apr 2024 06:15:46 +0000 (06:15 +0000)
diff --git a/selftest/expectedfail.d/ldap-tlsverifypeer b/selftest/expectedfail.d/ldap-tlsverifypeer

new file mode 100644 (file)

index 0000000..d124487
--- /dev/null
+++ b/selftest/expectedfail.d/ldap-tlsverifypeer
@@ -0,0 +1,10 @@
+# These are supposed to fail as we want to verify the "tls verify peer"
+# restrictions. Note that fl2008r2dc uses a self-signed certificate
+# with does not have a crl file.
+#
+^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=ca_and_name_if_available\(
+^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=ca_and_name\(
+^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=as_strict_as_possible\(
+^samba4.ldb.simple.ldaps.*SERVER_IP.*tlsverifypeer=ca_and_name\(
+^samba4.ldb.simple.ldaps.*SERVER_IP.*tlsverifypeer=as_strict_as_possible\(
+^samba4.ldb.simple.ldaps.*SERVER.REALM.*tlsverifypeer=as_strict_as_possible.*fl2008r2dc
diff --git a/selftest/knownfail b/selftest/knownfail

index 746983691575f1d520ee507b517bb0a74ca7830e..77f5d5d5be6261f7e7bb3dced8b1884f01ccd0e3 100644 (file)
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -317,16 +317,6 @@
  ^samba4.ldb.simple.ldap with SIMPLE-BIND.*ad_dc_ntvfs # ldap server require strong auth = allow_sasl_over_tls
  ^samba4.ldb.simple.ldap with SIMPLE-BIND.*fl2003dc    # ldap server require strong auth = yes
  ^samba4.ldb.simple.ldaps with SASL-BIND.*fl2003dc     # ldap server require strong auth = yes
-# These are supposed to fail as we want to verify the "tls verify peer"
-# restrictions. Note that fl2008r2dc uses a self-signed certificate
-# with does not have a crl file.
-#
-^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=ca_and_name_if_available\(
-^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=ca_and_name\(
-^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=as_strict_as_possible\(
-^samba4.ldb.simple.ldaps.*SERVER_IP.*tlsverifypeer=ca_and_name\(
-^samba4.ldb.simple.ldaps.*SERVER_IP.*tlsverifypeer=as_strict_as_possible\(
-^samba4.ldb.simple.ldaps.*SERVER.REALM.*tlsverifypeer=as_strict_as_possible.*fl2008r2dc
  #
  # we don't allow auth_level_connect anymore...
  #
author	Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
	Fri, 22 Mar 2024 03:20:18 +0000 (16:20 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Wed, 10 Apr 2024 06:15:46 +0000 (06:15 +0000)
selftest/expectedfail.d/ldap-tlsverifypeer	[new file with mode: 0644]	patch \| blob
selftest/knownfail		patch \| blob \| history