[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Thu Aug 20 18:45:02 UTC 2020 

The branch, master has been updated
       via  ef57bc6d4b5 torture: Fix ldap.basic multibind test
       via  c5e85f4b084 torture: Inline test_bind_simple()
       via  0c36316ecb1 torture: Pass DN and password to ldap.basic test
       via  0a5264838e9 torture: Add subunit output to ldap.basic test
      from  a9b6a8378e5 docs: Add missing winexe manpage

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit ef57bc6d4b55c6f5428b9b9363a9989356deab3e
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Aug 4 14:04:48 2020 +0200

    torture: Fix ldap.basic multibind test
    
    It gets LDAP_STRONG_AUTH_REQUIRED from current AD servers
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Thu Aug 20 18:44:49 UTC 2020 on sn-devel-184

commit c5e85f4b0840925a0495bb446cd1dea5ebf36932
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Aug 4 13:58:37 2020 +0200

    torture: Inline test_bind_simple()
    
    Avoid losing the specific error code with this simple wrapper function
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 0c36316ecb1473273d03136ae46a4fbd448e7fdb
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Aug 4 12:50:22 2020 +0200

    torture: Pass DN and password to ldap.basic test
    
    Without this, test_multibind() only gets NULL for userdn and password,
    not doing what the test claims. This now fails, because our LDAP
    server does not allow plain text binds.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 0a5264838e9c4b7e748660c08a11bf54efacd844
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Aug 4 12:48:08 2020 +0200

    torture: Add subunit output to ldap.basic test
    
    The next commit will make this fail, and we need to detect this in
    knownfail.d/ldap. Without subunit output filter-subunit won't find it.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source4/selftest/tests.py    |  5 ++++-
 source4/torture/ldap/basic.c | 42 ++++++++++++++++++++----------------------
 2 files changed, 24 insertions(+), 23 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 42be34a8afc..31b777fbcb8 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -157,7 +157,10 @@ for t in smbtorture4_testsuites("ldap."):
     if t == "ldap.nested-search":
         plansmbtorture4testsuite(t, "ad_dc_default_smb1", '-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_')
     else:
-        plansmbtorture4testsuite(t, "ad_dc_default", '-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_')
+        plansmbtorture4testsuite(
+            t,
+            "ad_dc_default",
+            '-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_ -D "$USERNAME"@"$REALM"##"$PASSWORD"')
 
 for t in smbtorture4_testsuites("dsdb."):
     plansmbtorture4testsuite(t, "ad_dc:local", "localhost")
diff --git a/source4/torture/ldap/basic.c b/source4/torture/ldap/basic.c
index 3c57109a3ba..825ee835c65 100644
--- a/source4/torture/ldap/basic.c
+++ b/source4/torture/ldap/basic.c
@@ -30,19 +30,6 @@
 #include "torture/ldap/proto.h"
 
 
-static bool test_bind_simple(struct ldap_connection *conn, const char *userdn, const char *password)
-{
-	NTSTATUS status;
-	bool ret = true;
-
-	status = torture_ldap_bind(conn, userdn, password);
-	if (!NT_STATUS_IS_OK(status)) {
-		ret = false;
-	}
-
-	return ret;
-}
-
 static bool test_bind_sasl(struct torture_context *tctx,
 			   struct ldap_connection *conn, struct cli_credentials *creds)
 {
@@ -61,22 +48,31 @@ static bool test_bind_sasl(struct torture_context *tctx,
 
 static bool test_multibind(struct ldap_connection *conn, const char *userdn, const char *password)
 {
-	bool ret = true;
+	NTSTATUS status, expected;
+	bool ok;
 
 	printf("Testing multiple binds on a single connection as anonymous and user\n");
 
-	ret = test_bind_simple(conn, NULL, NULL);
-	if (!ret) {
-		printf("1st bind as anonymous failed\n");
-		return ret;
+	status = torture_ldap_bind(conn, NULL, NULL);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("1st bind as anonymous failed with %s\n",
+		       nt_errstr(status));
+		return false;
 	}
 
-	ret = test_bind_simple(conn, userdn, password);
-	if (!ret) {
-		printf("2nd bind as authenticated user failed\n");
+	expected = NT_STATUS_LDAP(LDAP_STRONG_AUTH_REQUIRED);
+	status = torture_ldap_bind(conn, userdn, password);
+
+	ok = NT_STATUS_EQUAL(status, expected);
+	if (!ok) {
+		printf("2nd bind as authenticated user should have "
+		       "failed with: %s, got %s\n",
+		       nt_errstr(expected),
+		       nt_errstr(status));
+		return false;
 	}
 
-	return ret;
+	return true;
 }
 
 static bool test_search_rootDSE(struct ldap_connection *conn, const char **basedn,
@@ -1000,6 +996,8 @@ bool torture_ldap_basic(struct torture_context *torture)
 	torture_ldap_close(conn);
 	talloc_free(mem_ctx);
 
+	torture_assert(torture, ret, "torture_ldap_basic failed");
+
 	return ret;
 }
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list