bF|ddlZddlZddlmZddlmZddlZddlmZm Z ddl m Z m Z ddl m Z ddlmZddlZddlmZmZmZddlZddlZddlmZmZd d edd Dd zZed Ze deddDe!dzdeddDzdeddDzdeddDzdeddDzdedd Dzd!ed"d#DzZ"hd$Z#d%Z$d&Z%d'Z&ej'Z(ej)*reZ+nd(Z+d)Z,d*Z-Gd+d,e Z.e Gd-d.e.Z/e Gd/d0e.Z0d1Z1e1dS)2N)SamDB)system_session)SubunitOptions TestProgram)TestCaseldb_err)DynamicTestCase)c_REDc_GREEN c_DARK_YELLOW)UF_SERVER_TRUST_ACCOUNTUF_TRUSTED_FOR_DELEGATIONc#4K|]}t|VdSNchr.0xs B/usr/lib/python3/dist-packages/samba/tests/ldap_upn_sam_account.py r(s(66AQ666666 z"/\[]:|<>+=;?,*c,g|]}t|Srrs r r.s8881A888ruªºÿc,g|]}t|Srrrs rrr0:::1A:::rc,g|]}t|Srrrs rrr1r"rc,g|]}t|Srrrs rrr2r"rc,g|]}t|Srrrs rrr3r"rc,g|]}t|Srrrs rrr4r"rc,g|]}t|Srrrs rrr5r"r> 23JKRSfgTFreportc|Srr)rs rr?VsarcdtdttttS)Nzldap://)urllp session_info credentials)rSERVERLPrCREDSrrr get_samdbrHYs3 'v'',.." $ $ $$rct|turN|tttdz}|S)Nz.another.example.net)realmlrealm other_realm)typestrformatREALMupperlower)ss rrOrO`sP Aww#~~ HH5;;==!KKMM"'*@"@  C C HrcZeZdZdZdZedZdZdZdZ dZ dZ fd Z xZ S) LdapUpnSamTestBasez^Make sure we can't add userPrincipalNames or sAMAccountNames that implicitly collide. Fct|ddrdS|jD]2^}}tjdd|}|d|||3dS)N _disabledFz\W+_ test_upn_sam)getattrcasesresubgenerate_dynamic_test)clsdocrowsnames rsetUpDynamicTestCasesz(LdapUpnSamTestBase.setUpDynamicTestCasesnsn 3 U + +  F) G GJC$6&#s++D  % %ndD# F F F F G Grctd|D}|D]Y}d|vr|dd\}}nd}t|d||||j|ZdS)Nc3&K|] }|dV dS)rNr)rrs rrz3LdapUpnSamTestBase.setup_objects..ws&))qad))))))r:useradd_)setsplitrZ addCleanup remove_object)selfraobjectsrbobjtypes r setup_objectsz LdapUpnSamTestBase.setup_objectsvs))D))))) 6 6Dd{{ $ 3 2 2   +GD*** + +D 1 1 1 OOD. 5 5 5 5  6 6rc<||t|}t|D]\}}t|dkr|\}}}} n|\}}}tj} |j|\} } d\} } t|tr+| d} | d} n(t|tr d|vr|} n |} n d|vr|} n|} d| i}| t| |d<| t| |d <tj |j|| }|tur |j|nF#tj$r4}t%d |d zd |d t'|dYd}~ed}~wwxYw|d |d zd |dt+j|d||t.uru |j|#tj$rF}t1d |d zd |dt'|dt+j|d| dd}~wwxYw|t2ur |j|t%d |d zd |dt+j|d|y#tj$rK}t%d |d zd |dt'|dt+j|d| Yd}~d}~wwxYw |j|n#tj$r}t5|dr|jd|vrYd}~&|jd|krYd}~=|d |d zd |dt'|dt'|dt+j|d| Yd}~nd}~wwxYw|d |d zd |dt'|dt+j|d| dS)N)NNsamupn@@dnuserPrincipalNamesAMAccountNamezrow rhz of 'z' failed as expected with  z' should have failed: z on z' failed with z: z ' SUCCEEDED: z' FAILED with __contains__rz' should have failed with z but instead failed with )rrc_doc enumeratelenldbFLAG_MOD_REPLACErp isinstancedictgetrNrOMessage from_dictsamdbbadmodifyLdbErrorprintrfailpprintpformatokAssertionErrorr=hasattrargs)rorar`cdocirowobjdataexpectedoprydnsnamerurvmmsges r_test_upn_sam_with_argsz*LdapUpnSamTestBase._test_upn_sam_with_argss 4   SzzooL ;L ;FAs3xx1}}*-'T8RR&)#T8),s+KB!HC$%% hhuoohhuooD#&& $;;CCCC4<<CCCr A)/%&&,Skk"#+'' Ar::C3J%%c****|,1,,4,,$QZZ,,,---HHHH :1::4::#^A..::47::;;;;RCJ%%c****|CCC(8qs8888WQZZ88!>!,,88258899>BCCV##;J%%c***:1::4::#^A..::47::;;;;|;;;:1::4::")!**::#^A..::47::;;;;;;;;; ?J%%c****| ? ? ?x88%6!900$HHHHvayH,, II>QqS>>t>>9@9J9J>>9@>>"(!2!2>>9<>>???????? ? :1::4::54 > > > >##E##))++ %"%&=&?'@#A#A"''))      !'] Trcd|d|j}|j||d|d|df|j|<dS)Nr,ri)ryrbrr)ourrrrp)rorbrys radd_userzLdapUpnSamTestBase.add_usersg #4 # #$' # # !''))      !$Z Trct|j|\}}|j|dSr)rppoprdeleters rrnz LdapUpnSamTestBase.remove_objects7l&&t,, G "rctt|_|j|_|ddddd|_i|_ d|jd|j|_ | |jj |j dg|j |j dddS) Nrrh?zOU=rz tree_delete:1organizationalUnit)ryr)supersetUprHrget_default_basednrrrsplitshort_idrprrmrr)ro __class__s rrzLdapUpnSamTestBase.setUps  [[ z4466  ((a003CRC8  :::4<::  )47_4EFFF dg6JKKLLLLLr)__name__ __module__ __qualname____doc__rW classmethodrcrrrrrrnr __classcell__)rs@rrUrUhsIGG[G666P;P;P;d + + +(((MMMMMMMMMrrUc eZdZgdddeffdddefddejfddejffdddefddefddeffddd efdd effd ddefdd effd dd efddeffd dd efdd effddd ddefdd d deffdddefdd effdddefddejffdddefdd ejffddd efddeffddd efdd effddd efddeffdddddefddddeejfffdddddefddddeffddd efdd ejffd!ddefdd"effd#dd$d%iefdd$d%iejfd&d$d'iejffd(dd$d)iefdd$d*iefd&d$d+iefd,d$d-ieffd.dd$d*iefdd$d)iefd,d$d-iefd&d$d+ieffd/dd0efdd1efdd2effd3dd4effd5ddefdd6efdd7efdd8effd9dd:d7iefdd;effddd?efdd?ejfdd@efd&dAefd,dBejfd,dCeejfffdDdd:dEiefdd:dFiefd&d:dEiefd&d:dFiefd&d$dGiefd&d$dHieffdIdd$dEiefdd$dHiefd&d$dEiefd&d:dFieffdJdd:dKiefdd:dLiefd&d:dKiefd&d:dLiefd&d$dMiefd&d$dNieffdOdd$dKiefdd$dPiefd&d$dKiefd&d:dHieffZdQS)RLdapUpnSamTestz add good UPNAz a@{realm}z%add the same upn to different objectsBz a@{lrealm}zreplace UPN with itselfzreplace SAM with itselfazreplace UPN realmza@{other_realm}zmatching SAM and UPNz!matching SAM and UPN, other realmz$matching SAM and UPN, single message)rurvz#different objects, different realmsz+different objects, same UPN, different casez A@{realm}z different objects, SAM after UPNz!different objects, SAM before UPNz$different objects, SAM account clashz4different objects, SAM account clash, different casez two way clashrz y@{realm}yz x@{realm}ztwo way clash, other realmzy@{other_realm}zx@{other_realm}zUPN clash on other realmza@x.xz UPN same but for trailing spacesz a @{realm}z UPN has no atrvnoatCNOATz UPN with non-ascii at vs real atusmallat﹫{realm}zsmallat@{realm}utagat󠁀{realm}Dz tagat@{realm}z-UPN with unicode at vs real at, real at firstUPN username too longzaaaaaaaaaaaaaaaaaaaaaaaaa@b.czEaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@b.caaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@b.czsam account name 20 longaaaaaaaaaaaaaaaaaaaazUPN has two at signsza@{realm}@{realm}za@a.bza@a@a.bz/SAM has at signs clashing upn second, non-realmruz a@a.b@a.bz$SAM has at signs clashing upn secondz#SAM has at signs clashing upn firstzspaces around atza name @ {realm}za name @{realm}za name@{realm}za nameza name zSAM starts with atz@{realm}z@az@{realm}@{realm}z @a@{realm}zUPN starts with atzSAM ends with atz{realm}@za@z a@@{realm}z{realm}@@{realm}zUPN ends with atz @a@{realm}@N) rrrrrERR_CONSTRAINT_VIOLATIONexistsrr[rrrrrsz 2  {B  3z 8 1 {B  {C8 9 |S9 : 9z B # {B  {B  |R  Cz L # sB sB Mz T  {B   " % Uz \ sB {B  ]z d - sB  " % ez l 0 s;// 4 s#455r : mz t / {B   " % uz | 7 {B  {C8 9 }z D , {B  sC0 1 Ez L - sB {F # Mz T 0 sB sF  Uz \ @ sB sF  ]z d  s;// 4 s;// 3/ 0 2  ez t & s#455r : s#455r : uz ~ $ w  w4 5 z F , {B  |R  Gz P  v # v < = v < = Qz \ , *+R 0 ()2 . /0" 5 ' ,  ]z h 9 ()2 . *+R 0 ' , /0" 5  iz t !  " %  " % !2 &  uz @ $ x  Az H {B  "B ' w  y"   Iz T ; w $ {B  Uz \ 0 {#R ( "C ( ]z d / "B ' {#S ) ez l  !2 & !3#? @  " %  $ x5 6 y63#?@ A  mz |  z"B ' t}b ! z"F + t}f % )*C 0 |$c *  }z L  z"B ' |$b ) z"C ( t}c "  Mz X  z"B ' t}b ! z"F + t}f % |$c * )*C 0  Yz h  z"B ' }%r * z"C ( |$b )  iz EEErrc eZdZdejvZdddefddefddefddefddefdd ejffd dd ejffd dd efddej ffdddej fdd ej fddej fdd ej fddej fdd ej ffddddiefdddieffddddiefdddieffgZ dS)LdapUpnSamSambaOnlyTestSAMBA_SELFTESTzsam account name too longraaaaaaaaaaaaaaaaaaarAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaraaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@b.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cb.cz UPN same but for internal spacesza b@x.xrza b@x.xzSAM contains deletezazabzbz#UPN with unicode wide at vs real atrvuwideat@{realm}zwideat@{realm}zUPN with real at vs wide atN) rrrosenvironrWrrERR_INVALID_ATTRIBUTE_SYNTAXrencoder[rrrrrsq! 2I $ x  x  x  y"  y"  y#: ;  ! , * ,  , y"  z37 8   w4 5 w~~!= > x5 6 x  #"> ? w4 5 w~~!= >  / )*B / '(" -  ' '(" - )*B / C% EEErrctjd}tj|}||tj|}||t |}|||\}}t|dkr(| tj d| a |ta|datat't(|dS)Nz7python3 ldap_upn_sam_account_name.py [options]rhr)moduleopts)optparse OptionParseroptions SambaOptionsadd_option_groupCredentialsOptionsr parse_argsr print_usagesysexit get_loadparmrFget_credentialsrGrE get_realmrPrr)parser sambaoptscredopts subunitoptsrrs rmainrs "ACCF$V,,I I&&&)&11H H%%% ((K K(((""$$JD$ 4yyA~~     ! !B  $ $R ( (E !WF OO  Exk222222r)2rr samba.samdbr samba.authrrsamba.tests.subunitrunrr samba.testsrrr samba.getoptgetoptrr samba.colourr r r r\r samba.dsdbr rjoinrange BAD_SAM_CHARSrALLEGED_BAD_SAM_CHARSrklistLATIN1_BAD_CHARSLATIN_EXTENDED_A_NO_CLASHrrr=ERR_ENTRY_ALREADY_EXISTSrstdoutisattyr~rHrOrUrrrrrrrs& %%%%%% >>>>>>>>))))))))''''''6666666666 66q"66666#$ C388c3888tH~~&::dD(9(9:::;;:dD(9(9:::;;:dD(9(9::: ; ;:dD(9(9::: ; ;:dD(9(9::: ;;:dD(9(9:::;<<JII*    %: EE KE$$$   MMMMMMMMMMMMMMMM`{{{{{'{{{|)))))0)))X3334r