diff options
author | Andrew Bartlett <abartlet@samba.org> | 2017-07-06 14:48:39 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-07-28 00:25:13 +0200 |
commit | a5f62958cccdef7f4938f64c1033cd263b1f2e0e (patch) | |
tree | c68750982cc2569aa128f867dd5aef4653e38a20 /python/samba/tests/krb5_credentials.py | |
parent | 9dd89361c2bca656ee113b25f41c8a9fb3bbabeb (diff) | |
download | samba-a5f62958cccdef7f4938f64c1033cd263b1f2e0e.tar.gz |
selftest: Add tests for credentials.get_named_ccache()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Diffstat (limited to 'python/samba/tests/krb5_credentials.py')
-rw-r--r-- | python/samba/tests/krb5_credentials.py | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/python/samba/tests/krb5_credentials.py b/python/samba/tests/krb5_credentials.py new file mode 100644 index 00000000000..a3eb034e2c7 --- /dev/null +++ b/python/samba/tests/krb5_credentials.py @@ -0,0 +1,103 @@ +# Integration tests for pycredentials +# +# Copyright (C) Catalyst IT Ltd. 2017 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# +from samba.tests import TestCase, delete_force +import os + +import samba +from samba.auth import system_session +from samba.credentials import ( + Credentials, +) +from samba.dsdb import ( + UF_WORKSTATION_TRUST_ACCOUNT, + UF_PASSWD_NOTREQD, + UF_NORMAL_ACCOUNT) +from samba.samdb import SamDB + +"""KRB5 Integration tests for pycredentials. + +Seperated from py_credentials so as to allow running against just one +environment so we know the server that we add the user on will be our +KDC + +""" + +MACHINE_NAME = "krb5credstest" + +class PyKrb5CredentialsTests(TestCase): + + def setUp(self): + super(PyKrb5CredentialsTests, self).setUp() + + self.server = os.environ["SERVER"] + self.domain = os.environ["DOMAIN"] + self.host = os.environ["SERVER_IP"] + self.lp = self.get_loadparm() + + self.credentials = self.get_credentials() + + self.session = system_session() + self.ldb = SamDB(url="ldap://%s" % self.host, + session_info=self.session, + credentials=self.credentials, + lp=self.lp) + + self.create_machine_account() + + + def tearDown(self): + super(PyKrb5CredentialsTests, self).tearDown() + delete_force(self.ldb, self.machine_dn) + + def test_get_named_ccache(self): + name = "MEMORY:py_creds_machine" + ccache = self.machine_creds.get_named_ccache(self.lp, + name) + self.assertEqual(ccache.get_name(), name) + + def test_get_unnamed_ccache(self): + ccache = self.machine_creds.get_named_ccache(self.lp) + self.assertIsNotNone(ccache.get_name()) + + # + # Create the machine account + def create_machine_account(self): + self.machine_pass = samba.generate_random_password(32, 32) + self.machine_name = MACHINE_NAME + self.machine_dn = "cn=%s,%s" % (self.machine_name, self.ldb.domain_dn()) + + # remove the account if it exists, this will happen if a previous test + # run failed + delete_force(self.ldb, self.machine_dn) + + utf16pw = unicode( + '"' + self.machine_pass.encode('utf-8') + '"', 'utf-8' + ).encode('utf-16-le') + self.ldb.add({ + "dn": self.machine_dn, + "objectclass": "computer", + "sAMAccountName": "%s$" % self.machine_name, + "userAccountControl": + str(UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD), + "unicodePwd": utf16pw}) + + self.machine_creds = Credentials() + self.machine_creds.guess(self.get_loadparm()) + self.machine_creds.set_password(self.machine_pass) + self.machine_creds.set_username(self.machine_name + "$") + self.machine_creds.set_workstation(self.machine_name) |