search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libnet: Fix Coverity ID 1634803 Dereference after null check
[samba4-gss.git] / source3 / script / tests / test_update_keytab_clustered.sh
blob0fc299d041c98dcda372a7daa883ee9df5f4dd3e
1 #!/bin/sh
2
3 if [ $# -lt 1 ]; then
4 cat <<EOF
5 Usage: test_update_keytab.sh DOMAIN CONFIGURATION
6 EOF
7 exit 1
8 fi
9
10 incdir="$(dirname "$0")/../../../testprogs/blackbox"
11 . "${incdir}/subunit.sh"
12 . "${incdir}/common_test_fns.inc"
13
14 DOMAIN="${1}"
15 CONFIGURATION="${2}"
16 shift 2
17
18 samba_wbinfo="$BINDIR/wbinfo"
19 samba_net="$BINDIR/net $CONFIGURATION"
20 samba_rpcclient="$BINDIR/rpcclient $CONFIGURATION"
21 smbclient="${BINDIR}/smbclient"
22 smbcontrol="$BINDIR/smbcontrol"
23
24 keytabs_sync_kvno="keytab0k keytab1k keytab2k keytab3k"
25 keytabs_nosync_kvno="keytab0 keytab1 keytab2 keytab3"
26 keytabs_all="$keytabs_sync_kvno $keytabs_nosync_kvno"
27
28 check_net_ads_testjoin()
29 {
30 UID_WRAPPER_ROOT=1 UID_WRAPPER_INITIAL_RUID=0 UID_WRAPPER_INITIAL_EUID=0 $samba_net ads testjoin
31 return $?
32 }
33
34 # find the biggest vno and store it into global variable vno
35 get_biggest_vno()
36 {
37 keytab="$1"
38 local cmd="UID_WRAPPER_ROOT=1 UID_WRAPPER_INITIAL_RUID=0 UID_WRAPPER_INITIAL_EUID=0 $samba_net ads keytab list $keytab"
39 eval echo "$cmd"
40 out=$(eval "$cmd")
41 ret=$?
42
43 echo "$out"
44
45 if [ $ret != 0 ] ; then
46 echo "command failed"
47 return 1
48 fi
49
50 #global variable vno
51 vno=$(echo "$out" | sort -n | tail -1 | awk '{printf $1}')
52
53 if [ -z "$vno" ] ; then
54 echo "There is no key with vno in the keytab list above."
55 return 1
56 fi
57
58 return 0
59 }
60
61 test_pwd_change()
62 {
63 testname="$1"
64 shift
65 # command to change the password
66 local cmd="$*";
67
68 # get biggest vno before password change
69 get_biggest_vno "$PREFIX_ABS/clusteredmember/node.0/keytab0"
70 old_vno_node0=$vno
71 get_biggest_vno "$PREFIX_ABS/clusteredmember/node.1/keytab0"
72 old_vno_node1=$vno
73 get_biggest_vno "$PREFIX_ABS/clusteredmember/node.2/keytab0"
74 old_vno_node2=$vno
75
76 if [ ! "$old_vno_node0" -gt 0 ] ; then
77 echo "There is no key with vno in the keytab list above."
78 return 1
79 fi
80 if [ "$old_vno_node0" -ne "$old_vno_node1" ] || [ "$old_vno_node0" -ne "$old_vno_node2" ] ; then
81 echo "VNOs differs on nodes!"
82 return 1
83 fi
84
85 # change the password
86 eval echo "$cmd"
87 out=$(eval "$cmd")
88 ret=$?
89
90 if [ $ret != 0 ] ; then
91 echo "$out"
92 echo "command failed"
93 return 1
94 fi
95
96 # test ads join
97 cmd="UID_WRAPPER_ROOT=1 UID_WRAPPER_INITIAL_RUID=0 UID_WRAPPER_INITIAL_EUID=0 $samba_net ads testjoin"
98 eval echo "$cmd"
99 out=$(eval "$cmd")
100 ret=$?
101
102 if [ $ret != 0 ] ; then
103 echo "$out"
104 echo "command failed"
105 return 1
106 fi
107
108 # if keytab was updated the bigest vno should be incremented by one
109 get_biggest_vno "$PREFIX_ABS/clusteredmember/node.0/keytab0"
110 new_vno_node0=$vno
111 get_biggest_vno "$PREFIX_ABS/clusteredmember/node.0/keytab0"
112 new_vno_node1=$vno
113 get_biggest_vno "$PREFIX_ABS/clusteredmember/node.0/keytab0"
114 new_vno_node2=$vno
115
116 if [ ! "$new_vno_node0" -eq $((old_vno_node0 + 1)) ] ; then
117 echo "Old vno=$old_vno_node0, new vno=$new_vno_node0. Increment by one failed."
118 return 1
119 fi
120 if [ "$new_vno_node0" -ne "$new_vno_node1" ] || [ "$new_vno_node0" -ne "$new_vno_node2" ] ; then
121 echo "VNOs differs on nodes!"
122 return 1
123 fi
124
125 return 0
126 }
127
128 test_keytab_create()
129 {
130 UID_WRAPPER_INITIAL_EUID=0 UID_WRAPPER_INITIAL_RUID=0 UID_WRAPPER_ROOT=1 $samba_net ads keytab create || return 1
131 return 0
132 }
133
134 DC_DNSNAME="${DC_SERVER}.${REALM}"
135 SMBCLIENT_UNC="//${DC_DNSNAME}/tmp"
136
137 install source3/script/updatekeytab_test.sh "$PREFIX_ABS/clusteredmember/updatekeytab.sh"
138 global_inject_conf=$(dirname $SMB_CONF_PATH)/global_inject.conf
139 echo "sync machine password script = $PREFIX_ABS/clusteredmember/updatekeytab.sh" >$global_inject_conf
140 UID_WRAPPER_ROOT=1 $smbcontrol winbindd reload-config
141
142 testit "net_ads_testjoin_initial" check_net_ads_testjoin || failed=$((failed + 1))
143
144 # To have both old and older password we do one unnecessary password change:
145 testit "wbinfo_change_secret_initial" \
146 "$samba_wbinfo" --change-secret --domain="${DOMAIN}" \
147 || failed=$((failed + 1))
148
149 testit "wbinfo_check_secret_initial" \
150 "$samba_wbinfo" --check-secret --domain="${DOMAIN}" \
151 || failed=$((failed + 1))
152
153 # Create/sync all keytabs
154 testit "net_ads_keytab_sync" test_keytab_create || failed=$((failed + 1))
155
156 testit "net_ads_testjoin_after_sync" check_net_ads_testjoin || failed=$((failed + 1))
157
158 testit "wbinfo_change_secret_after_sync" \
159 test_pwd_change "wbinfo_changesecret" \
160 "$samba_wbinfo --change-secret --domain=${DOMAIN}" \
161 || failed=$((failed + 1))
162
163 testit "wbinfo_check_secret_after_sync" \
164 "$samba_wbinfo" --check-secret --domain="${DOMAIN}" \
165 || failed=$((failed + 1))
166
167 test_smbclient "Test machine login with the changed secret" \
168 "ls" "${SMBCLIENT_UNC}" \
169 --machine-pass ||
170 failed=$((failed + 1))
171
172 testit "net_ads_testjoin_final" check_net_ads_testjoin || failed=$((failed + 1))
173
174 echo "" >$global_inject_conf
175 UID_WRAPPER_ROOT=1 $smbcontrol winbindd reload-config
176
177 testok "$0" "$failed"
GSS-enabled samba4