a WaO4@sDddlZddlmZmZddlmZddlmZGdddeZdS)N)PopenPIPE)NTLMAuthTestCase) get_stringcseZdZfddZddZddZddZd d Zd d Zd dZ ddZ ddZ ddZ ddZ ddZddZddZZS)NTLMAuthHelpersTestscs|tt|tjd|_tjd|_tjd|_t| d|j}| dd|_ | |j d|j dd|_dS) NZ DC_USERNAMEZ DC_PASSWORDZDOMAINz wbinfo -n %s rz S-1-5-21-)superrsetUposenvironusernamepassworddomainrZ check_outputsplit group_sid assertTrue startswith bad_group_sid)selfout __class__7/usr/lib/python3/dist-packages/samba/tests/ntlm_auth.pyr s   zNTLMAuthHelpersTests.setUpc Cs`d}d}d}|j||||||dd}||d}d}d}|j||||||dd}||dS)z! ntlm_auth with specified domain foosecretZFOOF)client_usernameclient_password client_domainserver_usernameserver_password server_domainserver_use_winbindfOoN run_helperrrr rrretrrrtest_specified_domain$s0 z*NTLMAuthHelpersTests.test_specified_domaincCs&|j|j|j|jdd}||dS)z ntlm_auth against winbindd T)rrrr#Nr&r rrrrr(rrrtest_against_winbindAs z)NTLMAuthHelpersTests.test_against_winbindc Cs6d}d}d}|j||||||dddd }||dS) z5 ntlm_auth with NTLMSSP client and gss-spnego server rrr$ntlmssp-client-1 gss-spnegoF rrrr r!r" client_helper server_helperr#Nr%r'rrrtest_ntlmssp_gss_spnegoJs z,NTLMAuthHelpersTests.test_ntlmssp_gss_spnegoc Cs6d}d}d}|j||||||dddd }||dS) z@ ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server rrr$gss-spnego-clientr.Fr/Nr%r'rrrtest_gss_spnego\s z$NTLMAuthHelpersTests.test_gss_spnegocCs*|j|j|j|jdddd}||dS)zX ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind r3r.T)rrrr0r1r#Nr*r+rrrtest_gss_spnego_winbindnsz,NTLMAuthHelpersTests.test_gss_spnego_winbindc CsXd|j|j|j|jf}d|g}||d|j|j|j|jddddd}||dS) ze ntlm_auth with NTLMSSP client and gss-spnego server against winbind with cached credentials z--ccache-save=%s%s%s%%%sZwbinforTr-r.)rrrZclient_use_cached_credsr0r1r#N)rwinbind_separatorr rcheck_exit_coder&r)rZparamZ cache_cmdr(rrr$test_ntlmssp_gss_spnego_cached_credszs$ z9NTLMAuthHelpersTests.test_ntlmssp_gss_spnego_cached_credscCsP|j|j|j|j|jdd}|||j|j|j|j|jdd}||dS)z7 ntlm_auth against winbindd with require-membership-of T)rrrrequire_membershipr#Nr&r rrrrrZ assertFalser+rrrtest_require_memberships z,NTLMAuthHelpersTests.test_require_membershipc CsX|j|j|j|j|jdddd}|||j|j|j|j|jdddd}||dS)zs ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with require-membership-of r3r.T)rrrr9r0r1r#Nr:r+rrr"test_require_membership_gss_spnegos$ z7NTLMAuthHelpersTests.test_require_membership_gss_spnegocCst|jd|jddgtttd}d|j|j|j|jf}|j| dd\}}| |j d| | d t|jd|jddgtttd}d|j|j|j|jf}|j| dd\}}| |j d| | d d S) z? ntlm_auth plaintext authentication with require-membership-of --require-membership-of--helper-protocolzsquid-2.5-basicstdoutstdinstderrz %s%s%s %s utf-8inputrsOK sERR N)rntlm_auth_pathrrrr6r r communicateencode assertEqual returncoderrr)rprocZcredsrerrrrrtest_plaintext_with_memberships6 z3NTLMAuthHelpersTests.test_plaintext_with_membershipcCs,gd}t|jddddgtttd}d|}|j|dd \}}||jd |d }|t |d ||d d ||dd||dd||ddd|d <t|jddddgtttd}d|}|j|dd \}}||jd |d }|t |d||d ddS)z- ntlm_auth ntlm-server-1 with fixed password )"LANMAN-Challenge: 0123456789abcdef=NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6zNT-Domain: TESTzUsername: testuserRequest-User-Session-Key: Yes. --passwordZSecREt01r> ntlm-server-1r? rCrDr Authenticated: Yess2User-Session-Key: 3F373EA8E4AF954F14FAA506F8EEBDC4.z"LANMAN-Challenge: A123456789abcdefAuthenticated: NoN) rrFrjoinrGrHrIrJrlenrZ ntlm_cmdsrKZbufrrLlinesrrr&test_ntlm_server_1_with_fixed_passwords>    z;NTLMAuthHelpersTests.test_ntlm_server_1_with_fixed_passwordcCsPd|jd|jd|jddg}t|jd|jddgtttd }d |}|j| d d \}}| |j d | d}| t |d| |d d| |dd| |ddt|jd|jddgtttd }d |}|j| d d \}}| |j d | d}| t |d| |d d| |dd| |dddS)zA ntlm_auth ntlm-server-1 with plaintext password against winbind z Password: %s NT-Domain: %s Username: %srPrQr=r>rSr?rTrCrDrrUr[rWrXrZrYr\r^N)rrr rrFrrr_rGrHrIrJrr`rrarrr)test_ntlm_server_1_with_plaintext_winbindsD    z>NTLMAuthHelpersTests.test_ntlm_server_1_with_plaintext_winbindcCsddd|jd|jddg}t|jddgtttd }d |}|j|d d \}}||j d | d}|t |d||d ddS)zO ntlm_auth ntlm-server-1 with incorrect fixed password against winbind rNrOrdrerPrQr>rSr?rTrCrDrrUr]r^N) rr rrFrr_rGrHrIrJrr`rarrr2test_ntlm_server_1_with_incorrect_password_winbind&s$  zGNTLMAuthHelpersTests.test_ntlm_server_1_with_incorrect_password_winbindcCs,|jd|jd|jd|jdg}||ddS)z ntlm_auth diagnostics z --usernamerRz--domainz --diagnosticsrN)rFr rrr7)rZcmd_linerrrtest_diagnostics>sz%NTLMAuthHelpersTests.test_diagnostics)__name__ __module__ __qualname__r r)r,r2r4r5r8r;r<rMrcrfrgrh __classcell__rrrrrs   +*r) r subprocessrrZsamba.tests.ntlm_auth_baserZ samba.compatrrrrrrs