The branch, master has been updated
via ef57bc6d4b5 torture: Fix ldap.basic multibind test
via c5e85f4b084 torture: Inline test_bind_simple()
via 0c36316ecb1 torture: Pass DN and password to ldap.basic test
via 0a5264838e9 torture: Add subunit output to ldap.basic test
from a9b6a8378e5 docs: Add missing winexe manpage
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ef57bc6d4b55c6f5428b9b9363a9989356deab3e
Author: Volker Lendecke <[email protected]>
Date: Tue Aug 4 14:04:48 2020 +0200
torture: Fix ldap.basic multibind test
It gets LDAP_STRONG_AUTH_REQUIRED from current AD servers
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Autobuild-User(master): Jeremy Allison <[email protected]>
Autobuild-Date(master): Thu Aug 20 18:44:49 UTC 2020 on sn-devel-184
commit c5e85f4b0840925a0495bb446cd1dea5ebf36932
Author: Volker Lendecke <[email protected]>
Date: Tue Aug 4 13:58:37 2020 +0200
torture: Inline test_bind_simple()
Avoid losing the specific error code with this simple wrapper function
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 0c36316ecb1473273d03136ae46a4fbd448e7fdb
Author: Volker Lendecke <[email protected]>
Date: Tue Aug 4 12:50:22 2020 +0200
torture: Pass DN and password to ldap.basic test
Without this, test_multibind() only gets NULL for userdn and password,
not doing what the test claims. This now fails, because our LDAP
server does not allow plain text binds.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 0a5264838e9c4b7e748660c08a11bf54efacd844
Author: Volker Lendecke <[email protected]>
Date: Tue Aug 4 12:48:08 2020 +0200
torture: Add subunit output to ldap.basic test
The next commit will make this fail, and we need to detect this in
knownfail.d/ldap. Without subunit output filter-subunit won't find it.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source4/selftest/tests.py | 5 ++++-
source4/torture/ldap/basic.c | 42 ++++++++++++++++++++----------------------
2 files changed, 24 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 42be34a8afc..31b777fbcb8 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -157,7 +157,10 @@ for t in smbtorture4_testsuites("ldap."):
if t == "ldap.nested-search":
plansmbtorture4testsuite(t, "ad_dc_default_smb1",
'-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_')
else:
- plansmbtorture4testsuite(t, "ad_dc_default", '-U"$USERNAME%$PASSWORD"
//$SERVER_IP/_none_')
+ plansmbtorture4testsuite(
+ t,
+ "ad_dc_default",
+ '-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_ -D
"$USERNAME"@"$REALM"##"$PASSWORD"')
for t in smbtorture4_testsuites("dsdb."):
plansmbtorture4testsuite(t, "ad_dc:local", "localhost")
diff --git a/source4/torture/ldap/basic.c b/source4/torture/ldap/basic.c
index 3c57109a3ba..825ee835c65 100644
--- a/source4/torture/ldap/basic.c
+++ b/source4/torture/ldap/basic.c
@@ -30,19 +30,6 @@
#include "torture/ldap/proto.h"
-static bool test_bind_simple(struct ldap_connection *conn, const char *userdn,
const char *password)
-{
- NTSTATUS status;
- bool ret = true;
-
- status = torture_ldap_bind(conn, userdn, password);
- if (!NT_STATUS_IS_OK(status)) {
- ret = false;
- }
-
- return ret;
-}
-
static bool test_bind_sasl(struct torture_context *tctx,
struct ldap_connection *conn, struct cli_credentials
*creds)
{
@@ -61,22 +48,31 @@ static bool test_bind_sasl(struct torture_context *tctx,
static bool test_multibind(struct ldap_connection *conn, const char *userdn,
const char *password)
{
- bool ret = true;
+ NTSTATUS status, expected;
+ bool ok;
printf("Testing multiple binds on a single connection as anonymous and
user\n");
- ret = test_bind_simple(conn, NULL, NULL);
- if (!ret) {
- printf("1st bind as anonymous failed\n");
- return ret;
+ status = torture_ldap_bind(conn, NULL, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("1st bind as anonymous failed with %s\n",
+ nt_errstr(status));
+ return false;
}
- ret = test_bind_simple(conn, userdn, password);
- if (!ret) {
- printf("2nd bind as authenticated user failed\n");
+ expected = NT_STATUS_LDAP(LDAP_STRONG_AUTH_REQUIRED);
+ status = torture_ldap_bind(conn, userdn, password);
+
+ ok = NT_STATUS_EQUAL(status, expected);
+ if (!ok) {
+ printf("2nd bind as authenticated user should have "
+ "failed with: %s, got %s\n",
+ nt_errstr(expected),
+ nt_errstr(status));
+ return false;
}
- return ret;
+ return true;
}
static bool test_search_rootDSE(struct ldap_connection *conn, const char
**basedn,
@@ -1000,6 +996,8 @@ bool torture_ldap_basic(struct torture_context *torture)
torture_ldap_close(conn);
talloc_free(mem_ctx);
+ torture_assert(torture, ret, "torture_ldap_basic failed");
+
return ret;
}
--
Samba Shared Repository
