search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
docs: Fix typo in man smb.conf.
[Samba.git] / selftest / target / Samba.pm
blobe5c7f93fe039a0fdc44bd29b39014170f166aa21
1 #!/usr/bin/perl
2 # Bootstrap Samba and run a number of tests against it.
3 # Copyright (C) 2005-2007 Jelmer Vernooij <jelmer@samba.org>
4 # Published under the GNU GPL, v3 or later.
5
6 package Samba;
7
8 use strict;
9 use target::Samba3;
10 use target::Samba4;
11 use POSIX;
12 use Cwd qw(abs_path);
13
14 sub new($$$$$) {
15 my ($classname, $bindir, $ldap, $srcdir, $server_maxtime) = @_;
16
17 my $self = {
18 samba3 => new Samba3($bindir, $srcdir, $server_maxtime),
19 samba4 => new Samba4($bindir, $ldap, $srcdir, $server_maxtime),
20 };
21 bless $self;
22 return $self;
23 }
24
25 sub setup_env($$$)
26 {
27 my ($self, $envname, $path) = @_;
28
29 $ENV{ENVNAME} = $envname;
30
31 my $env = $self->{samba4}->setup_env($envname, $path);
32 if (defined($env) and $env ne "UNKNOWN") {
33 if (not defined($env->{target})) {
34 $env->{target} = $self->{samba4};
35 }
36 } elsif (defined($env) and $env eq "UNKNOWN") {
37 $env = $self->{samba3}->setup_env($envname, $path);
38 if (defined($env) and $env ne "UNKNOWN") {
39 if (not defined($env->{target})) {
40 $env->{target} = $self->{samba3};
41 }
42 }
43 }
44 if (defined($env) and ($env eq "UNKNOWN")) {
45 warn("Samba can't provide environment '$envname'");
46 return "UNKNOWN";
47 }
48 if (not defined $env) {
49 warn("failed to start up environment '$envname'");
50 return undef;
51 }
52 return $env;
53 }
54
55 sub bindir_path($$) {
56 my ($object, $path) = @_;
57
58 my $valpath = "$object->{bindir}/$path";
59
60 return $valpath if (-f $valpath or -d $valpath);
61 return $path;
62 }
63
64 sub nss_wrapper_winbind_so_path($) {
65 my ($object) = @_;
66 my $ret = $ENV{NSS_WRAPPER_WINBIND_SO_PATH};
67 if (not defined($ret)) {
68 $ret = bindir_path($object, "shared/libnss_wrapper_winbind.so.2");
69 $ret = abs_path($ret);
70 }
71 return $ret;
72 }
73
74 sub copy_file_content($$)
75 {
76 my ($in, $out) = @_;
77 open(IN, "${in}") or die("failed to open in[${in}] for reading: $!");
78 open(OUT, ">${out}") or die("failed to open out[${out}] for writing: $!");
79 while(<IN>) {
80 print OUT $_;
81 }
82 close(OUT);
83 close(IN);
84 }
85
86 sub prepare_keyblobs($)
87 {
88 my ($ctx) = @_;
89
90 my $cadir = "$ENV{SRCDIR_ABS}/selftest/manage-ca/CA-samba.example.com";
91 my $cacert = "$cadir/Public/CA-samba.example.com-cert.pem";
92 my $cacrl_pem = "$cadir/Public/CA-samba.example.com-crl.pem";
93 my $dcdnsname = "$ctx->{hostname}.$ctx->{dnsname}";
94 my $dcdir = "$cadir/DCs/$dcdnsname";
95 my $dccert = "$dcdir/DC-$dcdnsname-cert.pem";
96 my $dckey_private = "$dcdir/DC-$dcdnsname-private-key.pem";
97 my $adminprincipalname = "administrator\@$ctx->{dnsname}";
98 my $admindir = "$cadir/Users/$adminprincipalname";
99 my $admincert = "$admindir/USER-$adminprincipalname-cert.pem";
100 my $adminkey_private = "$admindir/USER-$adminprincipalname-private-key.pem";
101 my $pkinitprincipalname = "pkinit\@$ctx->{dnsname}";
102 my $pkinitdir = "$cadir/Users/$pkinitprincipalname";
103 my $pkinitcert = "$pkinitdir/USER-$pkinitprincipalname-cert.pem";
104 my $pkinitkey_private = "$pkinitdir/USER-$pkinitprincipalname-private-key.pem";
105
106 my $tlsdir = "$ctx->{tlsdir}";
107 my $pkinitdir = "$ctx->{prefix_abs}/pkinit";
108 #TLS and PKINIT crypto blobs
109 my $dhfile = "$tlsdir/dhparms.pem";
110 my $cafile = "$tlsdir/ca.pem";
111 my $crlfile = "$tlsdir/crl.pem";
112 my $certfile = "$tlsdir/cert.pem";
113 my $keyfile = "$tlsdir/key.pem";
114 my $admincertfile = "$pkinitdir/USER-$adminprincipalname-cert.pem";
115 my $adminkeyfile = "$pkinitdir/USER-$adminprincipalname-private-key.pem";
116 my $pkinitcertfile = "$pkinitdir/USER-$pkinitprincipalname-cert.pem";
117 my $pkinitkeyfile = "$pkinitdir/USER-$pkinitprincipalname-private-key.pem";
118
119 mkdir($tlsdir, 0700);
120 mkdir($pkinitdir, 0700);
121 my $oldumask = umask;
122 umask 0077;
123
124 # This is specified here to avoid draining entropy on every run
125 # generate by
126 # openssl dhparam -out dhparms.pem -text -2 8192
127 open(DHFILE, ">$dhfile");
128 print DHFILE <<EOF;
129 -----BEGIN DH PARAMETERS-----
130 MIIECAKCBAEAlcpjuJptCzC2bIIApLuyFLw2nODQUztqs/peysY9e3LgWh/xrc87
131 SWJNSUrqFJFh2m357WH0XGcTdTk0b/8aIYIWjbwEhWR/5hZ+1x2TDrX1awkYayAe
132 pr0arycmWHaAmhw+m+dBdj2O2jRMe7gn0ha85JALNl+Z3wv2q2eys8TIiQ2dbHPx
133 XvpMmlAv7QHZnpSpX/XgueQr6T3EYggljppZwk1fe4W2cxBjCv9w/Q83pJXMEVVB
134 WESEQPZC38v6hVIXIlF4J7jXjV3+NtCLL4nvsy0jrLEntyKz5OB8sNPRzJr0Ju2Y
135 yXORCSMMXMygP+dxJtQ6txzQYWyaCYN1HqHDZy3cFL9Qy8kTFqIcW56Lti2GsW/p
136 jSMzEOa1NevhKNFL3dSZJx5m+5ZeMvWXlCqXSptmVdbs5wz5jkMUm/E6pVfM5lyb
137 Ttlcq2iYPqnJz1jcL5xwhoufID8zSJCPJ7C0jb0Ngy5wLIUZfjXJUXxUyxTnNR9i
138 N9Sc+UkDvLxnCW+qzjyPXGlQU1SsJwMLWa2ZecL/uYE4bOdcN3g+5WHkevyDnXqR
139 +yy9x7sGXjBT3bRWK5tVHJWOi6eBu1hp39U6aK8oOJWiUt3vmC2qEdIsT6JaLNNi
140 YKrSfRGBf19IJBaagen1S19bb3dnmwoU1RaWM0EeJQW1oXOBg7zLisB2yuu5azBn
141 tse00+0nc+GbH2y+jP0sE7xil1QeilZl+aQ3tX9vL0cnCa+8602kXxU7P5HaX2+d
142 05pvoHmeZbDV85io36oF976gBYeYN+qAkTUMsIZhuLQDuyn0963XOLyn1Pm6SBrU
143 OkIZXW7WoKEuO/YSfizUIqXwmAMJjnEMJCWG51MZZKx//9Hsdp1RXSm/bRSbvXB7
144 MscjvQYWmfCFnIk8LYnEt3Yey40srEiS9xyZqdrvobxz+sU1XcqR38kpVf4gKASL
145 xURia64s4emuJF+YHIObyydazQ+6/wX/C+m+nyfhuxSO6j1janPwtYbU+Uj3TzeM
146 04K1mpPQpZcaMdZZiNiu7i8VJlOPKAz7aJT8TnMMF5GMyzyLpSMpc+NF9L/BSocV
147 /cUM4wQT2PTHrcyYzmTVH7c9bzBkuxqrwVB1BY1jitDV9LIYIVBglKcX88qrfHIM
148 XiXPAIwGclD59qm2cG8OdM9NA5pNMI119KuUAIJsUdgPbR1LkT2XTT15YVoHmFSQ
149 DlaWOXn4td031jr0EisX8QtFR7+/0Nfoni6ydFGs5fNH/L1ckq6FEO4OhgucJw9H
150 YRmiFlsQBQNny78vNchwZne3ZixkShtGW0hWDdi2n+h7St1peNJCNJjMbEhRsPRx
151 RmNGWh4AL8rho4RO9OBao0MnUdjbbffD+wIBAg==
152 -----END DH PARAMETERS-----
153 EOF
154 close(DHFILE);
155
156 if (! -e ${dckey_private}) {
157 umask $oldumask;
158 return;
159 }
160
161 copy_file_content(${cacert}, ${cafile});
162 copy_file_content(${cacrl_pem}, ${crlfile});
163 copy_file_content(${dccert}, ${certfile});
164 copy_file_content(${dckey_private}, ${keyfile});
165 if (-e ${adminkey_private}) {
166 copy_file_content(${admincert}, ${admincertfile});
167 copy_file_content(${adminkey_private}, ${adminkeyfile});
168 }
169 if (-e ${pkinitkey_private}) {
170 copy_file_content(${pkinitcert}, ${pkinitcertfile});
171 copy_file_content(${pkinitkey_private}, ${pkinitkeyfile});
172 }
173
174 # COMPAT stuff to be removed in a later commit
175 my $kdccertfile = "$tlsdir/kdc.pem";
176 copy_file_content(${dccert}, ${kdccertfile});
177
178 umask $oldumask;
179 }
180
181 sub mk_krb5_conf($$)
182 {
183 my ($ctx) = @_;
184
185 unless (open(KRB5CONF, ">$ctx->{krb5_conf}")) {
186 warn("can't open $ctx->{krb5_conf}$?");
187 return undef;
188 }
189
190 my $our_realms_stanza = mk_realms_stanza($ctx->{realm},
191 $ctx->{dnsname},
192 $ctx->{domain},
193 $ctx->{kdc_ipv4});
194 print KRB5CONF "
195 #Generated krb5.conf for $ctx->{realm}
196
197 [libdefaults]
198 default_realm = $ctx->{realm}
199 dns_lookup_realm = false
200 dns_lookup_kdc = true
201 ticket_lifetime = 24h
202 forwardable = yes
203 allow_weak_crypto = yes
204
205 ";
206
207 if (defined($ctx->{krb5_ccname})) {
208 print KRB5CONF "
209 default_ccache_name = $ctx->{krb5_ccname}
210 ";
211 }
212
213
214 if (defined($ctx->{supported_enctypes})) {
215 print KRB5CONF "
216 default_etypes = $ctx->{supported_enctypes}
217 default_as_etypes = $ctx->{supported_enctypes}
218 default_tgs_enctypes = $ctx->{supported_enctypes}
219 default_tkt_enctypes = $ctx->{supported_enctypes}
220 permitted_enctypes = $ctx->{supported_enctypes}
221 ";
222 }
223
224 print KRB5CONF "
225 [realms]
226 $our_realms_stanza
227 ";
228
229
230 if (defined($ctx->{tlsdir})) {
231 print KRB5CONF "
232
233 [appdefaults]
234 pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem
235
236 [kdc]
237 enable-pkinit = true
238 pkinit_identity = FILE:$ctx->{tlsdir}/kdc.pem,$ctx->{tlsdir}/key.pem
239 pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem
240
241 ";
242 }
243 close(KRB5CONF);
244 }
245
246 sub mk_realms_stanza($$$$)
247 {
248 my ($realm, $dnsname, $domain, $kdc_ipv4) = @_;
249 my $lc_domain = lc($domain);
250
251 my $realms_stanza = "
252 $realm = {
253 kdc = $kdc_ipv4:88
254 admin_server = $kdc_ipv4:88
255 default_domain = $dnsname
256 }
257 $dnsname = {
258 kdc = $kdc_ipv4:88
259 admin_server = $kdc_ipv4:88
260 default_domain = $dnsname
261 }
262 $domain = {
263 kdc = $kdc_ipv4:88
264 admin_server = $kdc_ipv4:88
265 default_domain = $dnsname
266 }
267 $lc_domain = {
268 kdc = $kdc_ipv4:88
269 admin_server = $kdc_ipv4:88
270 default_domain = $dnsname
271 }
272
273 ";
274 return $realms_stanza;
275 }
276
277 sub get_interface($)
278 {
279 my ($netbiosname) = @_;
280 $netbiosname = lc($netbiosname);
281
282 my %interfaces = ();
283 $interfaces{"localnt4dc2"} = 3;
284 $interfaces{"localnt4member3"} = 4;
285 $interfaces{"localshare4"} = 5;
286
287 $interfaces{"localktest6"} = 7;
288 $interfaces{"maptoguest"} = 8;
289 $interfaces{"localnt4dc9"} = 9;
290
291 # 11-16 used by selftest.pl for client interfaces
292
293 $interfaces{"localdc"} = 21;
294 $interfaces{"localvampiredc"} = 22;
295 $interfaces{"s4member"} = 23;
296 $interfaces{"localrpcproxy"} = 24;
297 $interfaces{"dc5"} = 25;
298 $interfaces{"dc6"} = 26;
299 $interfaces{"dc7"} = 27;
300 $interfaces{"rodc"} = 28;
301 $interfaces{"localadmember"} = 29;
302 $interfaces{"addc"} = 30;
303 $interfaces{"localsubdc"} = 31;
304 $interfaces{"chgdcpass"} = 32;
305 $interfaces{"promotedvdc"} = 33;
306 $interfaces{"rfc2307member"} = 34;
307 $interfaces{"fileserver"} = 35;
308 $interfaces{"fakednsforwarder1"} = 36;
309 $interfaces{"fakednsforwarder2"} = 37;
310 $interfaces{"s4member_dflt"} = 38;
311 $interfaces{"vampire2000dc"} = 39;
312
313 # update lib/socket_wrapper/socket_wrapper.c
314 # #define MAX_WRAPPED_INTERFACES 40
315 # if you wish to have more than 40 interfaces
316
317 if (not defined($interfaces{$netbiosname})) {
318 die();
319 }
320
321 return $interfaces{$netbiosname};
322 }
323
324 sub cleanup_child($$)
325 {
326 my ($pid, $name) = @_;
327
328 if (!defined($pid)) {
329 print STDERR "cleanup_child: pid not defined ... not calling waitpid\n";
330 return -1;
331 }
332
333 my $childpid = waitpid($pid, WNOHANG);
334
335 if ($childpid == 0) {
336 } elsif ($childpid < 0) {
337 printf STDERR "%s child process %d isn't here any more\n", $name, $pid;
338 return $childpid;
339 } elsif ($? & 127) {
340 printf STDERR "%s child process %d, died with signal %d, %s coredump\n",
341 $name, $childpid, ($? & 127), ($? & 128) ? 'with' : 'without';
342 } else {
343 printf STDERR "%s child process %d exited with value %d\n", $name, $childpid, $? >> 8;
344 }
345 return $childpid;
346 }
347
348 1;
Samba GIT mirror