b6^ddlZddlmZmZddlmZddlmZddlm Z GddeZ dS)N)PopenPIPE)BlackboxProcessError)NTLMAuthTestCase) get_stringcreZdZfdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZxZS)NTLMAuthHelpersTestsctt|tjd|_tjd|_tjd|_t| d|jz}| dd|_ | |j d|j dd|_dS) N DC_USERNAME DC_PASSWORDDOMAINz wbinfo -n %s rz S-1-5-21-)superr setUposenvironusernamepassworddomainr check_outputsplit group_sid assertTrue startswith bad_group_sid)selfout __class__s 7/usr/lib/python3/dist-packages/samba/tests/ntlm_auth.pyrzNTLMAuthHelpersTests.setUps "D))//111 =1  =1 j* **>DM+IJJKK3* 11+>>???!^CRC0c d}d}d}|||||||d}||d}d}d}|||||||d}||dS)z! ntlm_auth with specified domain foosecretFOOF)client_usernameclient_password client_domainserver_usernameserver_password server_domainserver_use_winbindfOoN run_helperrrrrrrets r test_specified_domainz*NTLMAuthHelpersTests.test_specified_domain%sooh.6,2.6.6,216 88 ooh.6,2.6.6,216 88 r!c||j|j|jd}||dS)z ntlm_auth against winbindd T)r&r'r(r,Nr/rrrrrr1s r test_against_winbindz)NTLMAuthHelpersTests.test_against_winbindBsGoodm.2m,0K1577 r!c xd}d}d}|||||||ddd }||dS) z5 ntlm_auth with NTLMSSP client and gss-spnego server r#r$r-ntlmssp-client-1 gss-spnegoF r&r'r(r)r*r+ client_helper server_helperr,Nr.r0s r test_ntlmssp_gss_spnegoz,NTLMAuthHelpersTests.test_ntlmssp_gss_spnegoKs_ooh.6,2.6.6,2,>,81688 r!c xd}d}d}|||||||ddd }||dS) z@ ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server r#r$r-gss-spnego-clientr9Fr:Nr.r0s r test_gss_spnegoz$NTLMAuthHelpersTests.test_gss_spnego]s_ooh.6,2.6.6,2,?,81688 r!c||j|j|jddd}||dS)zX ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind r?r9T)r&r'r(r;r<r,Nr4r5s r test_gss_spnego_winbindz,NTLMAuthHelpersTests.test_gss_spnego_winbindosMoodm.2m,0K,?,815 77 r!c d|j|j|jd|j}d|g}||d||j|j|jdddd}||d S) ze ntlm_auth with NTLMSSP client and gss-spnego server against winbind with cached credentials z--ccache-save=z%wbinforTr8r9)r&r'r(client_use_cached_credsr;r<r,N)rwinbind_separatorrrcheck_exit_coder/r)rparam cache_cmdr1s r $test_ntlmssp_gss_spnego_cached_credsz9NTLMAuthHelpersTests.test_ntlmssp_gss_spnego_cached_creds{s/3kk.2.D.D.2mmm.2mm=  Y***oodm.2m,0K6:,>,815 77 r!c||j|j|j|jd}||||j|j|j|jd}||dS)z7 ntlm_auth against winbindd with require-membership-of T)r&r'r(require_membershipr,Nr/rrrrrr assertFalser5s r test_require_membershipz,NTLMAuthHelpersTests.test_require_membershipsoodm.2m,0K1515 77 oodm.2m,0K151C15 77 r!c ||j|j|j|jddd}||||j|j|j|jddd}||dS)zs ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with require-membership-of r?r9T)r&r'r(rLr;r<r,NrMr5s r "test_require_membership_gss_spnegoz7NTLMAuthHelpersTests.test_require_membership_gss_spnegosoodm.2m,0K15,?,815 77 oodm.2m,0K151C,?,815 77 r!ct|jd|jddgttt}|j|j|jd|jd}|| d\}}| |j d | | d t|jd|jddgttt}|j|j|jd|jd}|| d\}}| |j d | | d d S) z? ntlm_auth plaintext authentication with require-membership-of --require-membership-of--helper-protocolzsquid-2.5-basicstdoutstdinstderrr utf-8inputrsOK sERR N)rntlm_auth_pathrrrrFrr communicateencode assertEqual returncoderrr)rproccredsrerrs r test_plaintext_with_membershipz3NTLMAuthHelpersTests.test_plaintext_with_membershipsd)/)+<>"d<<<"&d.D.D!%!%0%%ELL,A,A%BB c !,,, w//000d)/1C)+<>"d<<<"&!%!7!7!%!%0%%ELL,A,A%BB c !,,, x0011111r!c0gd}t|jddddgttt}d|}||d \}}||jd |d }|t|d ||d d ||dd||dd||ddd|d <t|jddddgttt}d|}||d \}}||jd |d }|t|d||d ddS)z- ntlm_auth ntlm-server-1 with fixed password )"LANMAN-Challenge: 0123456789abcdef=NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6zNT-Domain: TESTzUsername: testuserRequest-User-Session-Key: Yes. --passwordSecREt01rT ntlm-server-1rUrYrZr[r Authenticated: Yess2User-Session-Key: 3F373EA8E4AF954F14FAA506F8EEBDC4.r!z"LANMAN-Challenge: A123456789abcdefAuthenticated: NoN) rr]rjoinr^r_r`rarlenr ntlm_cmdsrbbufrrdliness r &test_ntlm_server_1_with_fixed_passwordz;NTLMAuthHelpersTests.test_ntlm_server_1_with_fixed_passwords d)"J)?<"d<<<ii ""%%CJJw,?,?%@@ c !,,, %   UQ''' q#8999  !HK M M M q4((( q3'''< ! d)"J)?<"d<<<ii ""%%CJJw,?,?%@@ c !,,, %   UQ''' q#788888r!cd|jzd|jzd|jzddg}t|jd|jddgt t t }d |}|| d  \}}| |j d | d}| t|d| |d d| |dd| |ddt|jd|jddgt t t }d |}|| d  \}}| |j d | d}| t|d| |d d| |dd| |dddS)zA ntlm_auth ntlm-server-1 with plaintext password against winbind z Password: %s NT-Domain: %s Username: %srirjrSrTrmrUrYrZr[rrnrtrprqrsrrr!rvN)rrrrr]rrrwr^r_r`rarrxrrys r )test_ntlm_server_1_with_plaintext_winbindz>NTLMAuthHelpersTests.test_ntlm_server_1_with_plaintext_winbinds: T] * dk ) T] * +   d)/)?<"d<<<ii ""%%CJJw,?,?%@@ c !,,, %   UQ''' q#8999 q4((( q3'''d)/1C)?<"d<<<ii ""%%CJJw,?,?%@@ c !,,, %   UQ''' q#7888 q4((( q3'''''r!cddd|jzd|jzddg}t|jddgttt }d |}||d  \}}||j d | d}|t|d||d ddS)zO ntlm_auth ntlm-server-1 with incorrect fixed password against winbind rgrhrrrirjrTrmrUrYrZr[rrnrurvN) rrrr]rrwr^r_r`rarrxrys r 2test_ntlm_server_1_with_incorrect_password_winbindzGNTLMAuthHelpersTests.test_ntlm_server_1_with_incorrect_password_winbind's 1 K dk ) T] * +   d))?<!d<<<ii ""%%CJJw,?,?%@@ c !,,, %   UQ''' q#788888r!c|jd|jd|jd|jdg} ||ddS#t $r }||Yd}~dSd}~wwxYw) ntlm_auth diagnostics --usernamerk--domain --diagnosticsrNr]rrrrGrfailrcmd_linees r test_diagnosticsz%NTLMAuthHelpersTests.test_diagnostics?s' $- $- # %    1 - - - - -#    IIaLLLLLLLLL s8 A"AA"c |jd|jd|jd|jddg } ||ddS#t $r }||Yd}~dSd}~wwxYw)rrrkrrz--request-lm-keyrNrrs r test_diagnostics_lmz(NTLMAuthHelpersTests.test_diagnostics_lmKs' $- $- #& (    1 - - - - -#    IIaLLLLLLLLL s9 A#AA#)__name__ __module__ __qualname__rr2r6r=r@rBrJrOrQrer}rrrr __classcell__)rs@r r r s 11111:$$   *",2226)9)9)9V((((((T9990          r!r ) r subprocessrr samba.testsrsamba.tests.ntlm_auth_baser samba.commonrr r!r rs& """""""",,,,,,777777######}}}}}+}}}}}r!