[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Thu Apr 6 13:45:01 UTC 2023
The branch, master has been updated
via ca7b7bde391 selftest: Use "debug syslog format = always" in selftest
via 83fe7a0316d lib/util: Add "debug syslog format = always", which logs to stdout in syslog style
via 33effa76d6b s4:torture: Extend smb2 session requested_life_time
via e69453fc417 s4:torture: Fix warning messages for smb2.session
via 6dc7ae8b143 s4:torture: Fix warning messages for smb.raw.session
via 67535ac2259 s4:torture: Remove trailing white spaces
via 938cbe07db8 s3:tests: Add exit code with failed tests
via d163d1ba7aa s3:tests: Use CONFIGURATION passed down to the test
via fa591f52234 s3:tests: Correctly implement tests for forceuser/forcegroup
via bfae4262036 s3:tests: Use the CONFIGURATION passed down to the test
via d8acec0caf8 s3:selftest: Remove ad_dc_ntvfs for smbclient_machine_auth.plain
via e5ef368fb61 lib:ldb:tests: Fix signedness build error
via 0ef53b948e1 net_ads: fill ads->auth.realm from c->creds
via 3b585f9e8cc testprogs/blackbox: add test_net_ads_search_server.sh
from 112faff82f9 dsdb: modify unicodePwd requires encrypted connection
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ca7b7bde3915a821b1b9911abf18d2d441665382
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Apr 6 12:28:12 2023 +1200
selftest: Use "debug syslog format = always" in selftest
Some of the most difficult to debug issues in Samba development are around
timing, so this changes our default logging format in the selftest system
to include a high-resolution timestamp to help correlate bad events with
what else is going on at the same time.
This fits in well with the timestamps already logged into st/subunit
and may assist with correlation.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Apr 6 13:44:47 UTC 2023 on atb-devel-224
commit 83fe7a0316d3e5867a56cfdc51ec17f36ea03889
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Apr 6 12:26:11 2023 +1200
lib/util: Add "debug syslog format = always", which logs to stdout in syslog style
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 33effa76d6bdb53ecfc1e77c6706d765e34716be
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 10:04:57 2023 +0200
s4:torture: Extend smb2 session requested_life_time
It also only waits for the required amount of time elapsed. Hopefully
this should avoid running into timeouts.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit e69453fc41767fe99ed95b624d3fb25dc17b1ad6
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 10:04:34 2023 +0200
s4:torture: Fix warning messages for smb2.session
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 6dc7ae8b143bdd9d9573426d7ad6e753e1ff960e
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 10:00:15 2023 +0200
s4:torture: Fix warning messages for smb.raw.session
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 67535ac22594b7b7558871b8d582aa768925a144
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 09:59:14 2023 +0200
s4:torture: Remove trailing white spaces
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 938cbe07db8eb4784b40c961857707a31108793e
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 09:23:41 2023 +0200
s3:tests: Add exit code with failed tests
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit d163d1ba7aa1c511fadd69c39aa0df155e71b4d0
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 09:21:24 2023 +0200
s3:tests: Use CONFIGURATION passed down to the test
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit fa591f5223434b63429c5505ffbe948b4d6d6847
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 08:48:29 2023 +0200
s3:tests: Correctly implement tests for forceuser/forcegroup
They used the tmp share ...
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit bfae42620365e8caf41f181286268e8f18470aaa
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 08:47:16 2023 +0200
s3:tests: Use the CONFIGURATION passed down to the test
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit d8acec0caf820429c4e81b8c99b87d26105568e0
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 08:57:49 2023 +0200
s3:selftest: Remove ad_dc_ntvfs for smbclient_machine_auth.plain
There is no need to run it against this environment and saves resources.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit e5ef368fb61dd81dcdbd10dc2009cbbd96c399ca
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 5 08:44:54 2023 +0200
lib:ldb:tests: Fix signedness build error
lib/ldb/tests/ldb_filter_attrs_in_place_test.c:836:55: error: pointer
targets in passing argument 1 of ‘_assert_string_equal’ differ in
signedness [-Werror=pointer-sign]
836 | assert_string_equal(msg->elements[0].values[0].data,
| ^
| |
| uint8_t * {aka unsigned char *}
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 0ef53b948e13eb36b536228cccd89aa4c2adbb90
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Mar 2 14:46:25 2023 +0100
net_ads: fill ads->auth.realm from c->creds
We get the realm we use for authentication needs to
the realm belonging to the username we use.
We derive the username from c->creds, so we need to
do the same for the realm.
Otherwise we try to authenticate as the wrong user.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15323
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3b585f9e8cc320841fab4cd5c3be53788d0a87ac
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Apr 5 16:45:21 2023 +0200
testprogs/blackbox: add test_net_ads_search_server.sh
This reproduces a regression with
'net ads search -P --server server.of.trusted.domain'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15323
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
ctdb/common/logging.c | 2 +-
docs-xml/smbdotconf/logging/debugsyslogformat.xml | 16 ++-
lib/ldb/tests/ldb_filter_attrs_in_place_test.c | 2 +-
lib/param/param_table.c | 12 ++
lib/util/debug.c | 39 ++++--
lib/util/debug.h | 8 +-
selftest/knownfail.d/smbclient_machine_auth.plain | 7 +
selftest/target/Samba3.pm | 3 +
selftest/target/Samba4.pm | 3 +
.../script/tests/test_smbclient_machine_auth.sh | 37 +++--
source3/script/tests/test_smbclient_ntlm.sh | 39 +++---
source3/selftest/tests.py | 2 +-
source3/utils/net_ads.c | 10 +-
source4/selftest/tests.py | 11 ++
source4/torture/raw/session.c | 22 +--
source4/torture/smb2/session.c | 156 +++++++++++++++++----
testprogs/blackbox/test_net_ads_search_server.sh | 37 +++++
17 files changed, 332 insertions(+), 74 deletions(-)
create mode 100644 selftest/knownfail.d/smbclient_machine_auth.plain
create mode 100755 testprogs/blackbox/test_net_ads_search_server.sh
Changeset truncated at 500 lines:
diff --git a/ctdb/common/logging.c b/ctdb/common/logging.c
index 3aa5ca996ee..ad6d0c959a4 100644
--- a/ctdb/common/logging.c
+++ b/ctdb/common/logging.c
@@ -146,7 +146,7 @@ static int file_log_setup(TALLOC_CTX *mem_ctx,
const char *app_name)
{
struct debug_settings settings = {
- .debug_syslog_format = true,
+ .debug_syslog_format = DEBUG_SYSLOG_FORMAT_ALWAYS,
.debug_hires_timestamp = true,
.debug_no_stderr_redirect = true,
};
diff --git a/docs-xml/smbdotconf/logging/debugsyslogformat.xml b/docs-xml/smbdotconf/logging/debugsyslogformat.xml
index f943f3a5323..ee1627de534 100644
--- a/docs-xml/smbdotconf/logging/debugsyslogformat.xml
+++ b/docs-xml/smbdotconf/logging/debugsyslogformat.xml
@@ -1,16 +1,28 @@
<samba:parameter name="debug syslog format"
context="G"
- type="boolean"
+ type="enum"
+ enumlist="enum_debug_syslog_format"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
- With this option enabled, debug messages are printed in a
+ With this option enabled (<constant>yes</constant> (alias
+ <constant>in_logs</constant>) or
+ <constant>always</constant>), debug messages are printed in a
single-line format like that traditionally produced by syslog.
The timestamp consists of an abbreviated month, space-padded date,
and time including seconds. This is followed by the hostname and
the program name, with the process-ID in square brackets.
</para>
+ <para>The value <constant>always</constant> produces this log
+ format even to <constant>STDOUT</constant> or
+ <constant>STDERR</constant>
+ </para>
+
+ <para>The value <constant>no</constant> defers to other parameters
+ and typically produces traditional two-line Samba logs to log files.
+ </para>
+
<para>
If <smbconfoption name="debug hires timestamp"/> is also enabled
then an RFC5424 timestamp is used instead.
diff --git a/lib/ldb/tests/ldb_filter_attrs_in_place_test.c b/lib/ldb/tests/ldb_filter_attrs_in_place_test.c
index da333c73c99..35c778d2080 100644
--- a/lib/ldb/tests/ldb_filter_attrs_in_place_test.c
+++ b/lib/ldb/tests/ldb_filter_attrs_in_place_test.c
@@ -833,7 +833,7 @@ static void test_filter_attrs_in_place_one_attr_matched_dn(void **state)
assert_non_null(msg->dn);
assert_string_equal(msg->elements[0].name, "distinguishedName");
assert_int_equal(msg->elements[0].num_values, 1);
- assert_string_equal(msg->elements[0].values[0].data,
+ assert_string_equal((char *)msg->elements[0].values[0].data,
ldb_dn_get_linearized(msg->dn));
}
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index cd6e3403a4c..512de250a2f 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -418,6 +418,18 @@ static const struct enum_list enum_spotlight_backend[] = {
{-1, NULL}
};
+static const struct enum_list enum_debug_syslog_format[] = {
+ {DEBUG_SYSLOG_FORMAT_NO, "No"},
+ {DEBUG_SYSLOG_FORMAT_NO, "False"},
+ {DEBUG_SYSLOG_FORMAT_NO, "0"},
+ {DEBUG_SYSLOG_FORMAT_IN_LOGS, "in_logs"},
+ {DEBUG_SYSLOG_FORMAT_IN_LOGS, "Yes"},
+ {DEBUG_SYSLOG_FORMAT_IN_LOGS, "True"},
+ {DEBUG_SYSLOG_FORMAT_IN_LOGS, "1"},
+ {DEBUG_SYSLOG_FORMAT_ALWAYS, "always"},
+ {-1, NULL}
+};
+
/* Note: We do not initialise the defaults union - it is not allowed in ANSI C
*
* NOTE: Handling of duplicated (synonym) parameters:
diff --git a/lib/util/debug.c b/lib/util/debug.c
index 43d5151fbab..95de5ce3595 100644
--- a/lib/util/debug.c
+++ b/lib/util/debug.c
@@ -1557,10 +1557,25 @@ void check_log_size( void )
static void Debug1(const char *msg, size_t msg_len)
{
int old_errno = errno;
+ enum debug_logtype logtype = state.logtype;
debug_count++;
- switch(state.logtype) {
+ if (state.settings.debug_syslog_format == DEBUG_SYSLOG_FORMAT_ALWAYS) {
+ switch(state.logtype) {
+ case DEBUG_STDOUT:
+ case DEBUG_STDERR:
+ case DEBUG_DEFAULT_STDOUT:
+ case DEBUG_DEFAULT_STDERR:
+ /* Behave the same as logging to a file */
+ logtype = DEBUG_FILE;
+ break;
+ default:
+ break;
+ }
+ }
+
+ switch(logtype) {
case DEBUG_CALLBACK:
debug_callback_log(msg, msg_len, current_msg_level);
break;
@@ -1749,23 +1764,31 @@ bool dbghdrclass(int level, int cls, const char *location, const char *func)
dbgsetclass(level, cls);
- /* Don't print a header if we're logging to stdout. */
- if ( state.logtype != DEBUG_FILE ) {
- return( true );
+ /*
+ * Don't print a header if we're logging to stdout,
+ * unless 'debug syslog format = always'
+ */
+ if (state.logtype != DEBUG_FILE &&
+ state.settings.debug_syslog_format != DEBUG_SYSLOG_FORMAT_ALWAYS)
+ {
+ return true;
}
- /* Print the header if timestamps are turned on. If parameters are
- * not yet loaded, then default to timestamps on.
+ /*
+ * Print the header if timestamps (or debug syslog format) is
+ * turned on. If parameters are not yet loaded, then default
+ * to timestamps on.
*/
if (!(state.settings.timestamp_logs ||
state.settings.debug_prefix_timestamp ||
- state.settings.debug_syslog_format)) {
+ state.settings.debug_syslog_format != DEBUG_SYSLOG_FORMAT_NO))
+ {
return true;
}
GetTimeOfDay(&tv);
- if (state.settings.debug_syslog_format) {
+ if (state.settings.debug_syslog_format != DEBUG_SYSLOG_FORMAT_NO) {
if (state.settings.debug_hires_timestamp) {
timeval_str_buf(&tv, true, true, &tvbuf);
} else {
diff --git a/lib/util/debug.h b/lib/util/debug.h
index 4bbfa05df65..4e5ce3da035 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -325,12 +325,18 @@ enum debug_logtype {
DEBUG_CALLBACK = 5
};
+enum debug_syslog_format {
+ DEBUG_SYSLOG_FORMAT_NO = 0,
+ DEBUG_SYSLOG_FORMAT_IN_LOGS = 1,
+ DEBUG_SYSLOG_FORMAT_ALWAYS = 2,
+};
+
struct debug_settings {
size_t max_log_size;
bool timestamp_logs;
bool debug_prefix_timestamp;
bool debug_hires_timestamp;
- bool debug_syslog_format;
+ enum debug_syslog_format debug_syslog_format;
bool debug_pid;
bool debug_uid;
bool debug_class;
diff --git a/selftest/knownfail.d/smbclient_machine_auth.plain b/selftest/knownfail.d/smbclient_machine_auth.plain
new file mode 100644
index 00000000000..849c8da0ddf
--- /dev/null
+++ b/selftest/knownfail.d/smbclient_machine_auth.plain
@@ -0,0 +1,7 @@
+# These envs don't have forceuser/forcegroup shares
+^samba3.blackbox.smbclient_machine_auth.plain.smbclient...addc.forcegroup\(ad_dc:local\)
+^samba3.blackbox.smbclient_machine_auth.plain.smbclient...addc.forceuser\(ad_dc:local\)
+^samba3.blackbox.smbclient_machine_auth.plain.smbclient...dc5.forcegroup\(fl2000dc:local\)
+^samba3.blackbox.smbclient_machine_auth.plain.smbclient...dc5.forceuser\(fl2000dc:local\)
+^samba3.blackbox.smbclient_machine_auth.plain.smbclient...s4member.forcegroup\(s4member:local\)
+^samba3.blackbox.smbclient_machine_auth.plain.smbclient...s4member.forceuser\(s4member:local\)
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index d83eb879c78..830f0da533c 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -2856,6 +2856,9 @@ sub provision($$)
debug pid = yes
max log size = 0
+ debug syslog format = always
+ debug hires timestamp = yes
+
state directory = $lockdir
cache directory = $lockdir
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index d15156a538b..4e60155a20f 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -810,6 +810,9 @@ sub provision_raw_step1($$)
rpc server port:netlogon = 1026
include system krb5 conf = no
+ debug syslog format = always
+ debug hires timestamp = yes
+
";
print CONFFILE "
diff --git a/source3/script/tests/test_smbclient_machine_auth.sh b/source3/script/tests/test_smbclient_machine_auth.sh
index abb687c8243..c89f84892e7 100755
--- a/source3/script/tests/test_smbclient_machine_auth.sh
+++ b/source3/script/tests/test_smbclient_machine_auth.sh
@@ -4,22 +4,41 @@
if [ $# -lt 2 ]; then
cat <<EOF
-Usage: test_smbclient_machine_auth.sh SERVER SMBCLIENT <smbclient arguments>
+Usage: test_smbclient_machine_auth.sh SERVER SMBCLIENT CONFIGURATION <smbclient arguments>
EOF
exit 1
fi
SERVER="$1"
SMBCLIENT="$2"
-SMBCLIENT="$VALGRIND ${SMBCLIENT}"
-shift 2
+# This is used by test_smbclient()
+# shellcheck disable=2034
+CONFIGURATION="${3}"
+shift 3
ADDARGS="$*"
-incdir=$(dirname $0)/../../../testprogs/blackbox
-. $incdir/subunit.sh
+# This is used by test_smbclient()
+# shellcheck disable=2034
+smbclient="${VALGRIND} ${SMBCLIENT}"
-testit "smbclient //$SERVER/tmp" $SMBCLIENT //$SERVER/tmp --machine-pass -p 139 -c quit $ADDARGS
+incdir="$(dirname "${0}")/../../../testprogs/blackbox"
+. "${incdir}/subunit.sh"
+. "${incdir}/common_test_fns.inc"
-# Testing these here helps because we know the machine account isn't already this user/group
-testit "smbclient //$SERVER/forceuser" $SMBCLIENT //$SERVER/tmp --machine-pass -p 139 -c quit $ADDARGS
-testit "smbclient //$SERVER/forcegroup" $SMBCLIENT //$SERVER/tmp --machine-pass -p 139 -c quit $ADDARGS
+failed=0
+
+test_smbclient "smbclient //${SERVER}/tmp" \
+ "quit" "//${SERVER}/tmp" --machine-pass -p 139 "${ADDARGS}" || \
+ failed=$((failed + 1))
+
+# Testing these here helps because we know the machine account isn't already
+# this user/group.
+test_smbclient "smbclient //${SERVER}/forceuser" \
+ "quit" "//${SERVER}/forceuser" --machine-pass -p 139 "${ADDARGS}" || \
+ failed=$((failed + 1))
+
+test_smbclient "smbclient //${SERVER}/forcegroup" \
+ "quit" "//${SERVER}/forcegroup" --machine-pass -p 139 "${ADDARGS}" || \
+ failed=$((failed + 1))
+
+exit ${failed}
diff --git a/source3/script/tests/test_smbclient_ntlm.sh b/source3/script/tests/test_smbclient_ntlm.sh
index d3e42dfb7f0..1e53b1eab3d 100755
--- a/source3/script/tests/test_smbclient_ntlm.sh
+++ b/source3/script/tests/test_smbclient_ntlm.sh
@@ -4,7 +4,7 @@
if [ $# -lt 6 ]; then
cat <<EOF
-Usage: test_smbclient_ntlm.sh SERVER USERNAME PASSWORD MAPTOGUEST SMBCLIENT PROTOCOL <smbclient arguments>
+Usage: test_smbclient_ntlm.sh SERVER USERNAME PASSWORD MAPTOGUEST SMBCLIENT PROTOCOL CONFIGURATION <smbclient arguments>
EOF
exit 1
fi
@@ -16,7 +16,8 @@ MAPTOGUEST="$4"
SMBCLIENT="$5"
PROTOCOL="$6"
SMBCLIENT="$VALGRIND ${SMBCLIENT}"
-shift 6
+CONFIGURATION=${7}
+shift 7
ADDARGS="$*"
incdir=$(dirname $0)/../../../testprogs/blackbox
@@ -29,47 +30,51 @@ EOF
exit 1
fi
+failed=0
+
if [ $PROTOCOL = "NT1" ]; then
- testit "smbclient username.password.NT1OLD" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mNT1 --option=clientusespnego=no --option=clientntlmv2auth=no -c quit $ADDARGS
- testit "smbclient username.password.NT1NEW" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mNT1 -c quit $ADDARGS
+ testit "smbclient username.password.NT1OLD" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mNT1 --option=clientusespnego=no --option=clientntlmv2auth=no -c quit $ADDARGS || failed=$((failed + 1))
+ testit "smbclient username.password.NT1NEW" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mNT1 -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "SMB3" ]; then
- testit "smbclient username.password.SMB3" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mSMB3 -c quit $ADDARGS
+ testit "smbclient username.password.SMB3" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U$USERNAME%$PASSWORD -mSMB3 -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "NT1" ]; then
- testit "smbclient anonymous.nopassword.NT1OLD" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mNT1 --option=clientusespnego=no --option=clientntlmv2auth=no -c quit $ADDARGS
- testit "smbclient anonymous.nopassword.NT1NEW" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mNT1 -c quit $ADDARGS
+ testit "smbclient anonymous.nopassword.NT1OLD" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mNT1 --option=clientusespnego=no --option=clientntlmv2auth=no -c quit $ADDARGS || failed=$((failed + 1))
+ testit "smbclient anonymous.nopassword.NT1NEW" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mNT1 -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "SMB3" ]; then
- testit "smbclient anonymous.nopassword.SMB3" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mSMB3 -c quit $ADDARGS
+ testit "smbclient anonymous.nopassword.SMB3" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U% -mSMB3 -c quit $ADDARGS || failed=$((failed + 1))
fi
if test x"${MAPTOGUEST}" = x"never"; then
if [ $PROTOCOL = "NT1" ]; then
- testit_expect_failure "smbclient anonymous.badpassword.NT1NEW.fail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mNT1 -c quit $ADDARGS
+ testit_expect_failure "smbclient anonymous.badpassword.NT1NEW.fail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mNT1 -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "SMB3" ]; then
- testit_expect_failure "smbclient anonymous.badpassword.SMB3.fail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mSMB3 -c quit $ADDARGS
+ testit_expect_failure "smbclient anonymous.badpassword.SMB3.fail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mSMB3 -c quit $ADDARGS || failed=$((failed + 1))
fi
else
if [ $PROTOCOL = "NT1" ]; then
- testit "smbclient anonymous.badpassword.NT1NEW.guest" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mNT1 -c quit $ADDARGS
+ testit "smbclient anonymous.badpassword.NT1NEW.guest" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mNT1 -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "SMB3" ]; then
- testit "smbclient anonymous.badpassword.SMB3.guest" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mSMB3 -c quit $ADDARGS
+ testit "smbclient anonymous.badpassword.SMB3.guest" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -U%badpassword -mSMB3 -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "NT1" ]; then
- testit "smbclient baduser.badpassword.NT1NEW.guest" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mNT1 -c quit $ADDARGS
+ testit "smbclient baduser.badpassword.NT1NEW.guest" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mNT1 -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "SMB3" ]; then
- testit "smbclient baduser.badpassword.SMB3.guest" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mSMB3 -c quit $ADDARGS
+ testit "smbclient baduser.badpassword.SMB3.guest" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mSMB3 -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "NT1" ]; then
- testit_expect_failure "smbclient baduser.badpassword.NT1OLD.signfail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mNT1 --option=clientusespnego=no --option=clientntlmv2auth=no --client-protection=sign -c quit $ADDARGS
- testit_expect_failure "smbclient baduser.badpassword.NT1NEW.signfail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mNT1 --client-protection=sign -c quit $ADDARGS
+ testit_expect_failure "smbclient baduser.badpassword.NT1OLD.signfail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mNT1 --option=clientusespnego=no --option=clientntlmv2auth=no --client-protection=sign -c quit $ADDARGS || failed=$((failed + 1))
+ testit_expect_failure "smbclient baduser.badpassword.NT1NEW.signfail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mNT1 --client-protection=sign -c quit $ADDARGS || failed=$((failed + 1))
fi
if [ $PROTOCOL = "SMB3" ]; then
- testit_expect_failure "smbclient baduser.badpassword.SMB3.signfail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mSMB3 --client-protection=sign -c quit $ADDARGS
+ testit_expect_failure "smbclient baduser.badpassword.SMB3.signfail" $SMBCLIENT //$SERVER/IPC\$ $CONFIGURATION -Ubaduser%badpassword -mSMB3 --client-protection=sign -c quit $ADDARGS || failed=$((failed + 1))
fi
fi
+
+exit ${failed}
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index c65475bbc0f..0346867abd1 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -540,7 +540,7 @@ for options in ["", "--option=clientntlmv2auth=no", "--option=clientusespnego=no
env = "nt4_dc"
plantestsuite("samba3.blackbox.smbclient_auth.plain.%s" % (options), env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_auth.sh"), '$SERVER', '$SERVER_IP', '$DC_USERNAME', '$DC_PASSWORD', smbclient3, configuration, options])
-for env in ["nt4_dc", "nt4_member", "ad_member", "ad_dc", "ad_dc_ntvfs", "s4member", "fl2000dc"]:
+for env in ["nt4_dc", "nt4_member", "ad_member", "ad_dc", "s4member", "fl2000dc"]:
plantestsuite("samba3.blackbox.smbclient_machine_auth.plain", "%s:local" % env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_machine_auth.sh"), '$SERVER', smbclient3, configuration])
smb1_env = env
if smb1_env == "ad_dc" or smb1_env == "nt4_dc":
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 2c5786a6e65..d1b2a25ca92 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -710,7 +710,15 @@ retry:
TALLOC_FREE(ads);
return ADS_ERROR(LDAP_NO_MEMORY);
}
- }
+ } else if (ads->auth.realm == NULL) {
+ const char *c_realm = cli_credentials_get_realm(c->creds);
+
+ ads->auth.realm = talloc_strdup(ads, c_realm);
+ if (ads->auth.realm == NULL) {
+ TALLOC_FREE(ads);
+ return ADS_ERROR(LDAP_NO_MEMORY);
+ }
+ }
status = ads_connect(ads);
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index fc38c09966d..f9e37610bdc 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -669,6 +669,17 @@ plantestsuite("samba4.blackbox.client_etypes_strong(ad_dc:client)", "ad_dc:clien
plantestsuite("samba4.blackbox.net_ads_dns(ad_member:local)", "ad_member:local", [os.path.join(bbdir, "test_net_ads_dns.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$REALM', '$USERNAME', '$PASSWORD'])
plantestsuite("samba4.blackbox.samba-tool_ntacl(ad_member:local)", "ad_member:local", [os.path.join(bbdir, "test_samba-tool_ntacl.sh"), '$PREFIX', '$DOMSID'])
+env = "ad_member:local"
+plantestsuite("samba4.blackbox.net_ads_search_server_P.primary", env,
+ [os.path.join(bbdir, "test_net_ads_search_server.sh"),
+ '$DC_SERVER', '$REALM'])
+plantestsuite("samba4.blackbox.net_ads_search_server_P.trust_e_both", env,
+ [os.path.join(bbdir, "test_net_ads_search_server.sh"),
+ '$TRUST_E_BOTH_SERVER', '$TRUST_E_BOTH_REALM'])
+plantestsuite("samba4.blackbox.net_ads_search_server_P.trust_f_both", env,
+ [os.path.join(bbdir, "test_net_ads_search_server.sh"),
+ '$TRUST_F_BOTH_SERVER', '$TRUST_F_BOTH_REALM'])
+
if have_gnutls_fips_mode_support:
plantestsuite("samba4.blackbox.weak_crypto.client", "ad_dc", [os.path.join(bbdir, "test_weak_crypto.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc"])
plantestsuite("samba4.blackbox.test_weak_disable_ntlmssp_ldap", "ad_member:local", [os.path.join(bbdir, "test_weak_disable_ntlmssp_ldap.sh"),'$DC_USERNAME', '$DC_PASSWORD'])
diff --git a/source4/torture/raw/session.c b/source4/torture/raw/session.c
index fc528cfd0ba..76ae8089240 100644
--- a/source4/torture/raw/session.c
+++ b/source4/torture/raw/session.c
@@ -1,18 +1,18 @@
-/*
+/*
Unix SMB/CIFS implementation.
test suite for session setup operations
Copyright (C) Gregor Beck 2012
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -246,12 +246,18 @@ static bool test_session_expire1(struct torture_context *tctx)
use_kerberos = cli_credentials_get_kerberos_state(
samba_cmdline_get_creds());
if (use_kerberos != CRED_USE_KERBEROS_REQUIRED) {
- torture_warning(tctx, "smb2.session.expire1 requires -k yes!");
- torture_skip(tctx, "smb2.session.expire1 requires -k yes!");
+ torture_warning(tctx,
+ "smb2.session.expire1 requires "
+ "--use-kerberos=required!");
+ torture_skip(tctx,
+ "smb2.session.expire1 requires "
+ "--use-kerberos=required!");
}
- torture_assert_int_equal(tctx, use_kerberos, CRED_USE_KERBEROS_REQUIRED,
- "please use -k yes");
+ torture_assert_int_equal(tctx,
+ use_kerberos,
+ CRED_USE_KERBEROS_REQUIRED,
+ "please use --use-kerberos=required");
lpcfg_set_option(tctx->lp_ctx, "gensec_gssapi:requested_life_time=4");
diff --git a/source4/torture/smb2/session.c b/source4/torture/smb2/session.c
index fe2beafbe9b..51df51542d4 100644
--- a/source4/torture/smb2/session.c
+++ b/source4/torture/smb2/session.c
@@ -34,6 +34,17 @@
#include "lib/param/param.h"
#include "lib/util/tevent_ntstatus.h"
+/* Ticket lifetime we want to request in seconds */
+#define KRB5_TICKET_LIFETIME 5
+/* Allowed clock skew in seconds */
+#define KRB5_CLOCKSKEW 5
+/* Time till ticket fully expired in seconds */
+#define KRB5_TICKET_EXPIRETIME KRB5_TICKET_LIFETIME + KRB5_CLOCKSKEW
+
+#define texpand(x) #x
+#define GENSEC_GSSAPI_REQUESTED_LIFETIME(x) \
+ "gensec_gssapi:requested_life_time=" texpand(x)
+
#define CHECK_CREATED(tctx, __io, __created, __attribute) \
do { \
torture_assert_int_equal(tctx, (__io)->out.create_action, \
@@ -55,6 +66,20 @@
} \
}
+static void sleep_remaining(struct torture_context *tctx,
+ const struct timeval *endtime)
+{
+ struct timeval current = tevent_timeval_current();
--
Samba Shared Repository
More information about the samba-cvs
mailing list