3 Usage: test_client_etypes.sh DC_SERVER DC_USERNAME DC_PASSWORD PREFIX_ABS ETYPE_CONF EXPECTED
16 . $
(dirname $0)/subunit.sh
18 KRB5CCNAME_PATH
="$PREFIX/test_client_etypes_krb5ccname"
19 rm -f $KRB5CCNAME_PATH
21 KRB5CCNAME
="FILE:$KRB5CCNAME_PATH"
24 #requires tshark and sha1sum
25 if ! which tshark
>/dev
/null
2>&1 ||
! which sha1sum >/dev
/null
2>&1; then
26 subunit_start_test
"client encryption types"
27 subunit_skip_test
"client encryption types" <<EOF
28 Skipping tests - tshark or sha1sum not installed
33 HOSTNAME
=$
(dd if=/dev
/urandom bs
=1 count
=32 2>/dev
/null |
sha1sum | cut
-b 1-10)
37 WORKDIR
=$
(mktemp
-d -p .
)
38 WORKDIR
=$
(basename $WORKDIR)
39 cp -a client
/* $WORKDIR/
40 sed -ri "s@(dir|directory) = (.*)/client/@\1 = \2/$WORKDIR/@" $WORKDIR/client.conf
41 sed -ri "s/netbios name = .*/netbios name = $HOSTNAME/" $WORKDIR/client.conf
42 rm -f $WORKDIR/private
/secrets.tdb
47 net_tool
="$BINDIR/net --configfile=$BASEDIR/$WORKDIR/client.conf --option=security=ads --option=kerberosencryptiontypes=$ETYPE_CONF"
48 pcap_file
=$BASEDIR/$WORKDIR/test.pcap
50 export SOCKET_WRAPPER_PCAP_FILE
=$pcap_file
51 testit
"join" $VALGRIND $net_tool ads
join -U$DC_USERNAME%$DC_PASSWORD --use-kerberos=required || failed
=$
(expr $failed + 1)
53 testit
"testjoin" $VALGRIND $net_tool ads testjoin
-P --use-kerberos=required || failed
=$
(expr $failed + 1)
55 #The leave command does not use the locally-generated
57 export SOCKET_WRAPPER_PCAP_FILE
=
58 testit
"leave" $VALGRIND $net_tool ads leave
-U$DC_USERNAME%$DC_PASSWORD || failed
=$
(expr $failed + 1)
61 # Older versions of tshark do not support -Y option,
62 # They use -R which cannot be used with recent versions...
64 if ! tshark
-r $pcap_file -nVY "kerberos" >/dev
/null
2>&1; then
65 subunit_start_test
"client encryption types"
66 subunit_skip_test
"client encryption types" <<EOF
67 Skipping tests - old version of tshark detected
72 actual_types
="$(tshark -r $pcap_file -nVY "kerberos
" |
73 sed -rn -e 's/[[:space:]]*ENCTYPE:.*\(([^\)]*)\)$/\1/p' \
74 -e 's/[[:space:]]*Encryption type:.*\(([^\)]*)\)$/\1/p' |
75 sort -u | tr '\n' '_' | sed s/_$//)"
77 testit
"verify types" test "x$actual_types" = "x$EXPECTED_ETYPES" || failed
=$
(expr $failed + 1)
79 rm -rf $BASEDIR/$WORKDIR
80 rm -f $KRB5CCNAME_PATH