testprogs/blackbox: let test_trust_user_account.sh check the correct …

…kerberos salt This demonstrates the bug we currently have. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539 Signed-off-by: Stefan Metzmacher <[email protected]> Reviewed-by: Andrew Bartlett <[email protected]>
WKu5 · Sep 4, 2018 · 1b31fa6 · 1b31fa6
1 parent 8526feb
commit 1b31fa6
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 0 deletions.
diff --git a/selftest/knownfail.d/trust_user_account b/selftest/knownfail.d/trust_user_account
@@ -0,0 +1 @@
+^samba4.blackbox.trust_user_account.get.virtualKerberosSalt.for.TDA
diff --git a/testprogs/blackbox/test_trust_user_account.sh b/testprogs/blackbox/test_trust_user_account.sh
@@ -37,6 +37,20 @@ export KRB5CCNAME
 
 rm -f $KRB5CCNAME
 
+EXPECTED_SALT="${OUR_REALM}krbtgt${REMOTE_FLAT}"
+#
+# Note the \$ is for the end of line in grep
+#
+# There must be no trailing '$' in the SALT string itself,
+# it's removed from the sAMAccountName value (which includes the trailing '$')
+# before construting the salt!
+#
+# Otherwise this would be:
+# "^virtualKerberosSalt: ${EXPECTED_SALT}\\\$\$"
+#
+EXPECTED_GREP="^virtualKerberosSalt: ${EXPECTED_SALT}\$"
+testit_grep "get virtualKerberosSalt for TDA of $REMOTE_FLAT\$" "$EXPECTED_GREP" $samba_tool user getpassword "$REMOTE_FLAT\$" $CONFIGURATION --attributes=virtualKerberosSalt || failed=`expr $failed + 1`
+
 testit "kinit with keytab for TDA of $REMOTE_REALM" $samba4kinit -t $KEYTAB "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1`
 
 rm -f $KRB5CCNAME $KEYTAB
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		^samba4.blackbox.trust_user_account.get.virtualKerberosSalt.for.TDA