diff options
| author | Stefan Metzmacher <metze@samba.org> | 2014-08-26 13:48:21 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2014-08-27 12:55:06 +0200 |
| commit | 76943bf0ac259fb8855bd123fe4bc85a103ba418 (patch) | |
| tree | 2e9d8358867e5901a11372c3c567da1e8d88ccb0 /source4/torture/dns | |
| parent | 4383ec5b83d12bd19749582217f082cbaa31a128 (diff) | |
| download | samba-76943bf0ac259fb8855bd123fe4bc85a103ba418.tar.gz | |
s4:torture:dlz_bind9: fix spnego tests
The dlz_bind9 module uses the special dns-${NETBIOSNAME} account,
and this is only available under the dns/hostname.domain SPN, not
host/hostname.
Also the dlz_ssumatch() function returns isc_boolean_t instead
of isc_result_t. As ISC_R_SUCCESS and ISC_FALSE have the same value
we didn't notice this problem.
Change-Id: I48539c3f48f5dde9eaa2fff6da0f3be2f9f66311
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/torture/dns')
| -rw-r--r-- | source4/torture/dns/dlz_bind9.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/source4/torture/dns/dlz_bind9.c b/source4/torture/dns/dlz_bind9.c index 0ee2f19aca3..9c023c64ef9 100644 --- a/source4/torture/dns/dlz_bind9.c +++ b/source4/torture/dns/dlz_bind9.c @@ -158,9 +158,19 @@ static bool test_dlz_bind9_gensec(struct torture_context *tctx, const char *mech lpcfg_gensec_settings(tctx, tctx->lp_ctx)); torture_assert_ntstatus_ok(tctx, status, "gensec_client_start (client) failed"); - status = gensec_set_target_hostname(gensec_client_context, torture_setting_string(tctx, "host", NULL)); + /* + * dlz_bind9 use the special dns/host.domain account + */ + status = gensec_set_target_hostname(gensec_client_context, + talloc_asprintf(tctx, + "%s.%s", + torture_setting_string(tctx, "host", NULL), + lpcfg_dnsdomain(tctx->lp_ctx))); torture_assert_ntstatus_ok(tctx, status, "gensec_set_target_hostname (client) failed"); + status = gensec_set_target_service(gensec_client_context, "dns"); + torture_assert_ntstatus_ok(tctx, status, "gensec_set_target_service failed"); + status = gensec_set_credentials(gensec_client_context, cmdline_credentials); torture_assert_ntstatus_ok(tctx, status, "gensec_set_credentials (client) failed"); @@ -181,7 +191,7 @@ static bool test_dlz_bind9_gensec(struct torture_context *tctx, const char *mech client_to_server.length, client_to_server.data, dbdata), - ISC_R_SUCCESS, + ISC_TRUE, "Failed to check key for update rights samba_dlz"); dlz_destroy(dbdata); |