svn commit: samba r24890 - in branches/SAMBA_4_0: . source/selftest source/torture/rpc

Sun Sep 2 12:48:59 GMT 2007

Author: jelmer
Date: 2007-09-02 12:48:58 +0000 (Sun, 02 Sep 2007)
New Revision: 24890

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=24890

Log:
Integrate more of the RPC-SECRETS tests.
Modified:
   branches/SAMBA_4_0/
   branches/SAMBA_4_0/source/selftest/test_session_key.sh
   branches/SAMBA_4_0/source/torture/rpc/session_key.c


Changeset:

Property changes on: branches/SAMBA_4_0
___________________________________________________________________
Name: bzr:revision-info
...skipped...
Name: bzr:revision-id:v3-trunk0
...skipped...

Modified: branches/SAMBA_4_0/source/selftest/test_session_key.sh
===================================================================

--- branches/SAMBA_4_0/source/selftest/test_session_key.sh	2007-09-02 12:26:06 UTC (rev 24889)
+++ branches/SAMBA_4_0/source/selftest/test_session_key.sh	2007-09-02 12:48:58 UTC (rev 24890)
@@ -4,10 +4,7 @@
 . $incdir/test_functions.sh
 
 transport="ncacn_np"
-for keyexchange in "yes" "no"; do
- for ntlm2 in "yes" "no"; do
- for lm_key in "yes" "no"; do
-  for ntlmoptions in \
+for ntlmoptions in \
         "-k no --option=usespnego=yes" \
         "-k no --option=usespnego=yes --option=ntlmssp_client:128bit=no" \
         "-k no --option=usespnego=yes --option=ntlmssp_client:56bit=yes" \
@@ -20,12 +17,9 @@
         "-k no --option=usespnego=no --option=clientntlmv2auth=yes" \
         "-k no --option=gensec:spnego=no --option=clientntlmv2auth=yes" \
         "-k no --option=usespnego=no"; do
-   name="RPC-SECRETS on $transport with $bindoptions with NTLM2:$ntlm2 KEYEX:$keyexchange LM_KEY:$lm_key $ntlmoptions"
-   plantest "$name" dc $samba4bindir/smbtorture $TORTURE_OPTIONS $transport:"\$SERVER[$bindoptions]" --option=ntlmssp_client:keyexchange=$keyexchange --option=ntlmssp_client:ntlm2=$ntlm2 --option=ntlmssp_client:lm_key=$lm_key $ntlmoptions -U"\$USERNAME"%"\$PASSWORD" -W \$DOMAIN --option=gensec:target_hostname=\$NETBIOSNAME RPC-SECRETS "$*"
-  done
- done
- done
- done
+   name="RPC-SECRETS on $transport with $bindoptions with $ntlmoptions"
+   plantest "$name" dc $samba4bindir/smbtorture $TORTURE_OPTIONS $transport:"\$SERVER[$bindoptions]"  $ntlmoptions -U"\$USERNAME"%"\$PASSWORD" -W \$DOMAIN --option=gensec:target_hostname=\$NETBIOSNAME RPC-SECRETS "$*"
+done
 name="RPC-SECRETS on $transport with $bindoptions with Kerberos"
 plantest "$name" dc $samba4bindir/smbtorture $TORTURE_OPTIONS $transport:"\$SERVER[$bindoptions]" -k yes -U"\$USERNAME"%"\$PASSWORD" -W \$DOMAIN "--option=gensec:target_hostname=\$NETBIOSNAME" RPC-SECRETS "$*"
 name="RPC-SECRETS on $transport with $bindoptions with Kerberos - use target principal"

Modified: branches/SAMBA_4_0/source/torture/rpc/session_key.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/session_key.c	2007-09-02 12:26:06 UTC (rev 24889)
+++ branches/SAMBA_4_0/source/torture/rpc/session_key.c	2007-09-02 12:48:58 UTC (rev 24890)
@@ -134,6 +134,9 @@
 
 struct secret_settings {
 	uint32_t bindoptions;
+	bool keyexchange;
+	bool ntlm2;
+	bool lm_key;
 };
 
 static bool test_secrets(struct torture_context *torture, const void *_data)
@@ -143,6 +146,10 @@
 	struct dcerpc_binding *binding;
 	const struct secret_settings *settings = _data;
 
+	lp_set_cmdline("ntlmssp client:keyexchange", settings->keyexchange?"True":"False");
+	lp_set_cmdline("ntlmssp_client:ntlm2", settings->ntlm2?"True":"False");
+	lp_set_cmdline("ntlmssp_client:lm_key", settings->lm_key?"True":"False");
+
 	torture_assert_ntstatus_ok(torture, torture_rpc_binding(torture, &binding), 
 				   "Getting bindoptions");
 
@@ -165,27 +172,54 @@
 	return true;
 }
 
-/* TEST session key correctness by pushing and pulling secrets */
-
-struct torture_suite *torture_rpc_lsa_secrets(TALLOC_CTX *mem_ctx)
+static struct torture_tcase *add_test(struct torture_suite *suite, uint32_t bindoptions, 
+				     bool keyexchange, bool ntlm2, bool lm_key)
 {
-	struct torture_suite *suite = torture_suite_create(mem_ctx, "SECRETS");
+	char *name = NULL;
 	struct secret_settings *settings;
 
 	settings = talloc_zero(suite, struct secret_settings);
-	settings->bindoptions = DCERPC_PUSH_BIGENDIAN;
+	settings->bindoptions = bindoptions;
 
-	torture_suite_add_simple_tcase(suite, "bigendian", test_secrets, settings);
+	if (bindoptions == DCERPC_PUSH_BIGENDIAN)
+		name = talloc_strdup(suite, "bigendian");
+	else if (bindoptions == DCERPC_SEAL)
+		name = talloc_strdup(suite, "seal");
+	else if (bindoptions == 0) 
+		name = talloc_strdup(suite, "none");
+	else
+		name = talloc_strdup(suite, "unknown");
 
-	settings = talloc_zero(suite, struct secret_settings);
-	settings->bindoptions = DCERPC_SEAL;
+	name = talloc_asprintf_append(name, " keyexchange:%s", keyexchange?"yes":"no");
+	settings->keyexchange = keyexchange;
 
-	torture_suite_add_simple_tcase(suite, "seal", test_secrets, settings);
+	name = talloc_asprintf_append(name, " ntlm2:%s", ntlm2?"yes":"no");
+	settings->ntlm2 = ntlm2;
 
-	settings = talloc_zero(suite, struct secret_settings);
-	settings->bindoptions = 0;
+	name = talloc_asprintf_append(name, " lm_key:%s", lm_key?"yes":"no");
+	settings->lm_key = lm_key;
 
-	torture_suite_add_simple_tcase(suite, "none", test_secrets, settings);
+	return torture_suite_add_simple_tcase(suite, name, test_secrets, settings);
+}
 
+static const bool bool_vals[] = { true, false };
+
+/* TEST session key correctness by pushing and pulling secrets */
+struct torture_suite *torture_rpc_lsa_secrets(TALLOC_CTX *mem_ctx)
+{
+	struct torture_suite *suite = torture_suite_create(mem_ctx, "SECRETS");
+	int keyexchange, ntlm2, lm_key;
+
+	for (keyexchange = 0; keyexchange < ARRAY_SIZE(bool_vals); keyexchange++) {
+		for (ntlm2 = 0; ntlm2 < ARRAY_SIZE(bool_vals); ntlm2++) {
+			for (lm_key = 0; lm_key < ARRAY_SIZE(bool_vals); lm_key++) {
+				add_test(suite, DCERPC_PUSH_BIGENDIAN, bool_vals[keyexchange], bool_vals[ntlm2], 
+					 bool_vals[lm_key]);
+				add_test(suite, DCERPC_SEAL, bool_vals[keyexchange], bool_vals[ntlm2], bool_vals[lm_key]);
+				add_test(suite, 0, bool_vals[keyexchange], bool_vals[ntlm2], bool_vals[lm_key]);
+			}
+		}
+	}
+
 	return suite;
 }

