Changeset 988 for vendor/current/source3/script

Timestamp:

Nov 24, 2016, 1:14:11 PM (9 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: update vendor to version 4.4.3

Location:

vendor/current/source3/script

Files:

• build_idl.sh (deleted)
• expand-includes.pl (deleted)
• extract_allparms.sh (deleted)
• gap.awk (deleted)
• gaptab.awk (deleted)
• gen-8bit-gap.awk (deleted)
• gen-8bit-gap.sh.in (deleted)
• installbin.sh.in (deleted)
• installdat.sh (deleted)
• installdirs.sh (deleted)
• installman.sh (deleted)
• installmo.sh (deleted)
• installmodules.sh (deleted)
• installmsg.sh (deleted)
• installscripts.sh (deleted)
• installswat.sh (deleted)
• linkmodules.sh (deleted)
• mkbuildoptions-waf.awk (deleted)
• mkbuildoptions.awk (deleted)
• mkinstalldirs (deleted)
• mkversion.sh (deleted)
• revert.sh (deleted)
• smbaddshare (added)
• smbchangeshare (added)
• smbdeleteshare (added)
• tests/fake_snap.pl (added)
• tests/gdb_backtrace (deleted)
• tests/stream-depot (added)
• tests/stream-depot/run.sh (added)
• tests/stream-depot/vfstest.cmd (added)
• tests/test_async_req.sh (added)
• tests/test_dfree_command.sh (added)
• tests/test_dfree_quota.sh (added)
• tests/test_failure.sh (modified) (1 diff)
• tests/test_forceuser_validusers.sh (added)
• tests/test_local_s3.sh (modified) (1 diff)
• tests/test_net_conf.sh (added)
• tests/test_net_cred_change.sh (added)
• tests/test_net_dom_join_fail_dc.sh (added)
• tests/test_net_misc.sh (modified) (3 diffs)
• tests/test_net_registry.sh (modified) (3 diffs)
• tests/test_net_registry_check.sh (added)
• tests/test_net_registry_roundtrip.sh (modified) (9 diffs)
• tests/test_net_rpc_join.sh (added)
• tests/test_ntlm_auth_diagnostics.sh (added)
• tests/test_ntlm_auth_krb5.sh (added)
• tests/test_ntlm_auth_s3.sh (modified) (2 diffs)
• tests/test_offline.sh (added)
• tests/test_preserve_case.sh (added)
• tests/test_pthreadpool.sh (modified) (1 diff)
• tests/test_registry_upgrade.sh (added)
• tests/test_rpcclient_samlogon.sh (added)
• tests/test_rpcclientsrvsvc.sh (added)
• tests/test_shadow_copy.sh (added)
• tests/test_sharesec.sh (added)
• tests/test_smbclient_auth.sh (modified) (3 diffs)
• tests/test_smbclient_krb5.sh (added)
• tests/test_smbclient_machine_auth.sh (added)
• tests/test_smbclient_ntlm.sh (added)
• tests/test_smbclient_posix_large.sh (added)
• tests/test_smbclient_s3.sh (modified) (12 diffs)
• tests/test_smbclient_tarmode.pl (added)
• tests/test_smbclient_tarmode.sh (added)
• tests/test_smbget.sh (added)
• tests/test_smbtorture_s3.sh (modified) (2 diffs)
• tests/test_success.sh (modified) (1 diff)
• tests/test_testparm_s3.sh (modified) (1 diff)
• tests/test_valid_users.sh (added)
• tests/test_wbinfo_s3.sh (deleted)
• tests/test_wbinfo_sids2xids.sh (modified) (2 diffs)
• tests/test_wbinfo_sids2xids_int.py (modified) (2 diffs)
• tests/vfstest-acl (added)
• tests/vfstest-acl/run.sh (added)
• tests/vfstest-acl/vfstest.cmd (added)
• tests/vfstest-catia (added)
• tests/vfstest-catia/run.sh (added)
• tests/vfstest-catia/vfstest.cmd (added)
• tests/vfstest-catia/vfstest1.cmd (added)
• tests/xattr-tdb-1 (added)
• tests/xattr-tdb-1/run.sh (added)
• tests/xattr-tdb-1/vfstest.cmd (added)
• uninstallbin.sh.in (deleted)
• uninstalldat.sh (deleted)
• uninstallman.sh (deleted)
• uninstallmo.sh (deleted)
• uninstallmodules.sh (deleted)
• uninstallmsg.sh (deleted)
• uninstallscripts.sh (deleted)
• uninstallswat.sh (deleted)
• wscript_build (added)

vendor/current/source3/script/tests/test_failure.sh

@@ -5 +5 @@
 # Copyright (C) 2011 Michael Adam <obnox@samba.org>
 
-# include the blackbox subunit infrastructure
-# if not run from classical s3 test script:
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
-        incdir=`dirname $0`/../../../testprogs/blackbox
-        . $incdir/subunit.sh
-}
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
 
 failed=0

vendor/current/source3/script/tests/test_local_s3.sh

@@ -10 +10 @@
 fi
 
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
-}
 
 failed=0

vendor/current/source3/script/tests/test_net_misc.sh

@@ -5 +5 @@
 if [ $# -lt 3 ]; then
 cat <<EOF
-Usage: test_net_misc.sh SCRIPTDIR SERVERCONFFILE CONFIGURATION
+Usage: test_net_misc.sh SCRIPTDIR SERVERCONFFILE NET CONFIGURATION
 EOF
 exit 1;
@@ -12 +12 @@
 SCRIPTDIR="$1"
 SERVERCONFFILE="$2"
-CONFIGURATION="$3"
+NET="$3"
+CONFIGURATION="$4"
 
 NET="$VALGRIND ${NET:-$BINDIR/net} $CONFIGURATION"
@@ -19 +20 @@
 NETLOOKUP="${NET} lookup"
 
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
-}
 
 failed=0

vendor/current/source3/script/tests/test_net_registry.sh

@@ -10 +10 @@
 if [ $# -lt 3 ]; then
 cat <<EOF
-Usage: test_net_registry.sh SCRIPTDIR SERVERCONFFILE CONFIGURATION RPC
+Usage: test_net_registry.sh SCRIPTDIR SERVERCONFFILE NET CONFIGURATION RPC
 EOF
 exit 1;
@@ -17 +17 @@
 SCRIPTDIR="$1"
 SERVERCONFFILE="$2"
-CONFIGURATION="$3"
-RPC="$4"
+NET="$3"
+CONFIGURATION="$4"
+RPC="$5"
 
 NET="$VALGRIND ${NET:-$BINDIR/net} $CONFIGURATION"
@@ -28 +29 @@
 fi
 
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
-}
 
 failed=0

vendor/current/source3/script/tests/test_net_registry_roundtrip.sh

@@ -8 +8 @@
 if [ $# -lt 3 ]; then
 cat <<EOF
-Usage: test_net_registry_roundtrip.sh SCRIPTDIR SERVERCONFFILE CONFIGURATION
+Usage: test_net_registry_roundtrip.sh SCRIPTDIR SERVERCONFFILE NET CONFIGURATION RPC
 EOF
 exit 1;
@@ -15 +15 @@
 SCRIPTDIR="$1"
 SERVERCONFFILE="$2"
-CONFIGURATION="$3"
+NET="$3"
+CONFIGURATION="$4"
+RPC="$5"
 
-NET="$VALGRIND ${NET:-$BINDIR/net} $CONFIGURATION"
+NET="$VALGRIND ${NET} $CONFIGURATION"
+
+if test "x${RPC}" = "xrpc" ; then
+        NETCMD="${NET} -U${USERNAME}%${PASSWORD} -I ${SERVER_IP} rpc"
+else
+        NETCMD="${NET}"
+fi
 
 
-if test "x${RPC}" = "xrpc" ; then
-        NETREG="${NET} -U${USERNAME}%${PASSWORD} -I ${SERVER_IP} rpc registry"
-else
-        NETREG="${NET} registry"
-fi
-
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
-}
 
 failed=0
 
+#
+# List of parameters to skip when importing configuration files:
+# They are forbidden in the registry and would lead import to fail.
+#
 SED_INVALID_PARAMS="{
+s/state directory/;&/g
 s/lock directory/;&/g
 s/lock dir/;&/g
-s/modules dir/;&/g
-s/logging/;&/g
-s/status/;&/g
-s/logdir/;&/g
-s/read prediction/;&/g
-s/mkprofile/;&/g
-s/valid chars/;&/g
-s/timesync/;&/g
-s/sambaconf/;&/g
-s/logtype/;&/g
-s/servername/;&/g
-s/postscript/;&/g
+s/config backend/;&/g
+s/include/;&/g
 }"
 
@@ -67 +62 @@
 
 conf_roundtrip()
-{
-    local DIR=$(mktemp -d ${PREFIX}/${LOGDIR_PREFIX}_XXXXXX)
-    local LOG=$DIR/log
+(
+    DIR=$(mktemp -d ${PREFIX}/${LOGDIR_PREFIX}_XXXXXX)
+    LOG=$DIR/log
 
     echo conf_roundtrip $1 > $LOG
@@ -75 +70 @@
     sed -e "$SED_INVALID_PARAMS" $1 >$DIR/conf_in
 
-    conf_roundtrip_step $NET conf drop
+    conf_roundtrip_step $NETCMD conf drop
     test "x$?" = "x0" || {
         return 1
     }
 
-    test -z "$($NET conf list)" 2>>$LOG
+    test -z "$($NETCMD conf list)" 2>>$LOG
     if [ "$?" = "1" ]; then
         echo "ERROR: conf drop failed" | tee -a $LOG
@@ -86 +81 @@
     fi
 
-    conf_roundtrip_step $NET conf import $DIR/conf_in
+    conf_roundtrip_step $NETCMD conf import $DIR/conf_in
     test "x$?" = "x0" || {
         return 1
     }
 
-    conf_roundtrip_step $NET conf list > $DIR/conf_exp
+    conf_roundtrip_step $NETCMD conf list > $DIR/conf_exp
     test "x$?" = "x0" || {
         return 1
@@ -102 +97 @@
     fi
 
-    conf_roundtrip_step $NET -d10 registry export $REGPATH $DIR/conf_exp.reg
+    conf_roundtrip_step $NETCMD -d10 registry export $REGPATH $DIR/conf_exp.reg
     test "x$?" = "x0" || {
         return 1
     }
 
-    conf_roundtrip_step $NET conf drop
+    conf_roundtrip_step $NETCMD conf drop
     test "x$?" = "x0" || {
         return 1
     }
 
-    test -z "$($NET conf list)" 2>>$LOG
+    test -z "$($NETCMD conf list)" 2>>$LOG
     if [ "$?" = "1" ]; then
         echo "ERROR: conf drop failed" | tee -a $LOG
@@ -118 +113 @@
     fi
 
-    conf_roundtrip_step $NET registry import $DIR/conf_exp.reg
+    conf_roundtrip_step $NETCMD registry import $DIR/conf_exp.reg
     test "x$?" = "x0" || {
         return 1
     }
 
-    conf_roundtrip_step $NET conf list >$DIR/conf_out
+    conf_roundtrip_step $NETCMD conf list >$DIR/conf_out
     test "x$?" = "x0"  || {
         return 1
@@ -134 +129 @@
     fi
 
-    conf_roundtrip_step $NET registry export $REGPATH $DIR/conf_out.reg
+    conf_roundtrip_step $NETCMD registry export $REGPATH $DIR/conf_out.reg
     test "x$?" = "x0" || {
         return 1
@@ -145 +140 @@
     fi
     rm -r $DIR
-}
+)
 
-CONF_FILES=${CONF_FILES:-$(find $SRCDIR/ -name '*.conf' | grep -v examples/logon | xargs grep -l "\[global\]")}
+CONF_FILES=$SERVERCONFFILE
 
 # remove old logs:

vendor/current/source3/script/tests/test_ntlm_auth_s3.sh

@@ -3 +3 @@
 if [ $# -lt 2 ]; then
 cat <<EOF
-Usage: test_ntlm_auth_s3.sh PYTHON SRC3DIR
+Usage: test_ntlm_auth_s3.sh PYTHON SRC3DIR NTLM_AUTH
 EOF
 exit 1;
@@ -10 +10 @@
 PYTHON=$1
 SRC3DIR=$2
-shift 2
+NTLM_AUTH=$3
+DOMAIN=$4
+USERNAME=$5
+PASSWORD=$6
+shift 6
 ADDARGS="$*"
 
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
-}
+
+SID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1`
+BADSID=`eval $BINDIR/wbinfo -n $USERNAME | cut -d ' ' -f1 | sed 's/..$//'`
 
 failed=0
 
-testit "ntlm_auth" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $BINDIR/ntlm_auth $ADDARGS || failed=`expr $failed + 1`
+test_plaintext_check_output_stdout()
+{
+        tmpfile=$PREFIX/ntlm_commands
+
+        cat > $tmpfile <<EOF
+$DOMAIN/$USERNAME $PASSWORD
+EOF
+        cmd='$NTLM_AUTH "$@" --require-membership-of=$SID --helper-protocol=squid-2.5-basic < $tmpfile 2>&1'
+        eval echo "$cmd"
+        out=`eval $cmd`
+        ret=$?
+        rm -f $tmpfile
+
+        if [ $ret != 0 ] ; then
+                echo "$out"
+                echo "command failed"
+                false
+                return
+        fi
+
+        echo "$out" | grep "OK" >/dev/null 2>&1
+
+        if [ $? = 0 ] ; then
+                # authenticated .. succeed
+                true
+        else
+                echo failed to get successful authentication
+                false
+        fi
+}
+
+test_plaintext_check_output_fail()
+{
+        tmpfile=$PREFIX/ntlm_commands
+
+        cat > $tmpfile <<EOF
+$DOMAIN\\$USERNAME $PASSWORD
+EOF
+        cmd='$NTLM_AUTH "$@" --require-membership-of=$BADSID --helper-protocol=squid-2.5-basic < $tmpfile 2>&1'
+        eval echo "$cmd"
+        out=`eval $cmd`
+        ret=$?
+        rm -f $tmpfile
+
+        if [ $ret != 0 ] ; then
+                echo "$out"
+                echo "command failed"
+                false
+                return
+        fi
+
+        echo "$out" | grep "ERR" >/dev/null 2>&1
+
+        if [ $? = 0 ] ; then
+                # failed to authenticate .. success
+                true
+        else
+                echo "incorrectly gave a successful authentication"
+                false
+        fi
+}
+
+test_ntlm_server_1_check_output()
+{
+        tmpfile=$PREFIX/ntlm_commands
+
+        cat > $tmpfile <<EOF
+LANMAN-Challenge: 0123456789abcdef
+NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
+NT-Domain: TEST
+Username: testuser
+Request-User-Session-Key: Yes
+.
+EOF
+        cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1  --password=SecREt01< $tmpfile 2>&1'
+        eval echo "$cmd"
+        out=`eval $cmd`
+        ret=$?
+        rm -f $tmpfile
+
+        if [ $ret != 0 ] ; then
+                echo "$out"
+                echo "command failed"
+                false
+                return
+        fi
+
+        echo "$out" | grep "User-Session-Key: 3F373EA8E4AF954F14FAA506F8EEBDC4" >/dev/null 2>&1
+
+        if [ $? = 0 ] ; then
+                # authenticated .. succeed
+                true
+        else
+                echo failed to get successful authentication
+                false
+        fi
+}
+
+test_ntlm_server_1_check_output_fail()
+{
+        tmpfile=$PREFIX/ntlm_commands
+
+        # Break the password with a leading A on the challenge
+        cat > $tmpfile <<EOF
+LANMAN-Challenge: A123456789abcdef
+NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
+NT-Domain: TEST
+Username: testuser
+Request-User-Session-Key: Yes
+.
+EOF
+        cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --password=SecREt01 < $tmpfile 2>&1'
+        eval echo "$cmd"
+        out=`eval $cmd`
+        ret=$?
+        rm -f $tmpfile
+
+        if [ $ret != 0 ] ; then
+                echo "$out"
+                echo "command failed"
+                false
+                return
+        fi
+
+        echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
+
+        if [ $? = 0 ] ; then
+                # failed to authenticate .. success
+                true
+        else
+                echo "incorrectly gave a successful authentication"
+                false
+        fi
+}
+
+test_ntlm_server_1_check_winbind_output()
+{
+        tmpfile=$PREFIX/ntlm_commands
+
+        # This isn't the correct password
+        cat > $tmpfile <<EOF
+Password: $PASSWORD
+NT-Domain: $DOMAIN
+Username: $USERNAME
+Request-User-Session-Key: Yes
+.
+EOF
+        cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$SID < $tmpfile 2>&1'
+        eval echo "$cmd"
+        out=`eval $cmd`
+        ret=$?
+        rm -f $tmpfile
+
+        if [ $ret != 0 ] ; then
+                echo "$out"
+                echo "command failed"
+                false
+                return
+        fi
+
+        echo "$out" | grep "Authenticated: Yes" >/dev/null 2>&1
+
+        if [ $? = 0 ] ; then
+                # authenticated .. success
+                true
+        else
+                echo "Failed to authenticate the user or match with SID $SID"
+                false
+        fi
+}
+
+test_ntlm_server_1_check_winbind_output_wrong_sid()
+{
+        tmpfile=$PREFIX/ntlm_commands
+
+        # This isn't the correct password
+        cat > $tmpfile <<EOF
+Password: $PASSWORD
+NT-Domain: $DOMAIN
+Username: $USERNAME
+Request-User-Session-Key: Yes
+.
+EOF
+        cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 --require-membership-of=$BADSID < $tmpfile 2>&1'
+        eval echo "$cmd"
+        out=`eval $cmd`
+        ret=$?
+        rm -f $tmpfile
+
+        if [ $ret != 0 ] ; then
+                echo "$out"
+                echo "command failed"
+                false
+                return
+        fi
+
+        echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
+
+        if [ $? = 0 ] ; then
+                # failed to authenticate .. success
+                true
+        else
+                echo "incorrectly gave a successful authentication"
+                false
+        fi
+}
+
+test_ntlm_server_1_check_winbind_output_fail()
+{
+        tmpfile=$PREFIX/ntlm_commands
+
+        # This isn't the correct password
+        cat > $tmpfile <<EOF
+LANMAN-Challenge: 0123456789abcdef
+NT-Response: 25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6
+NT-Domain: $DOMAIN
+Username: $USERNAME
+Request-User-Session-Key: Yes
+.
+EOF
+        cmd='$NTLM_AUTH "$@" --helper-protocol=ntlm-server-1 < $tmpfile 2>&1'
+        eval echo "$cmd"
+        out=`eval $cmd`
+        ret=$?
+        rm -f $tmpfile
+
+        if [ $ret != 0 ] ; then
+                echo "$out"
+                echo "command failed"
+                false
+                return
+        fi
+
+        echo "$out" | grep "Authenticated: No" >/dev/null 2>&1
+
+        if [ $? = 0 ] ; then
+                # failed to authenticate .. success
+                true
+        else
+                echo "incorrectly gave a successful authentication"
+                false
+        fi
+}
+
+testit "ntlm_auth" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS || failed=`expr $failed + 1`
 # This should work even with NTLMv2
-testit "ntlm_auth" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $BINDIR/ntlm_auth $ADDARGS --client-domain=fOo --server-domain=fOo || failed=`expr $failed + 1`
-
+testit "ntlm_auth with specified domain" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --client-domain=fOo --server-domain=fOo || failed=`expr $failed + 1`
+testit "ntlm_auth against winbindd" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd $ADDARGS || failed=`expr $failed + 1`
+testit "ntlm_auth with NTLMSSP client and gss-spnego server" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --client-domain=fOo --server-domain=fOo --client-helper=ntlmssp-client-1 --server-helper=gss-spnego || failed=`expr $failed + 1`
+testit "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --client-domain=fOo --server-domain=fOo --client-helper=gss-spnego-client --server-helper=gss-spnego || failed=`expr $failed + 1`
+testit "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS || failed=`expr $failed + 1`
+
+testit "wbinfo store cached credentials" $BINDIR/wbinfo --ccache-save=$DOMAIN/$USERNAME%$PASSWORD || failed=`expr $failed + 1`
+testit "ntlm_auth ccached credentials with NTLMSSP client and gss-spnego server" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --client-username=$USERNAME --client-domain=$DOMAIN --client-use-cached-creds --client-helper=ntlmssp-client-1 --server-helper=gss-spnego --server-use-winbindd || failed=`expr $failed + 1`
+
+testit "ntlm_auth against winbindd with require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd $ADDARGS --require-membership-of=$SID || failed=`expr $failed + 1`
+testit "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS --require-membership-of=$SID || failed=`expr $failed + 1`
+
+testit_expect_failure "ntlm_auth against winbindd with failed require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd $ADDARGS --require-membership-of=$BADSID && failed=`expr $failed + 1`
+testit_expect_failure "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with failed require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS --require-membership-of=$BADSID && failed=`expr $failed + 1`
+
+testit "ntlm_auth plaintext authentication with require-membership-of" test_plaintext_check_output_stdout || failed=`expr $failed + 1`
+testit "ntlm_auth plaintext authentication with failed require-membership-of" test_plaintext_check_output_fail || failed=`expr $failed + 1`
+
+testit "ntlm_auth ntlm-server-1 with fixed password" test_ntlm_server_1_check_output || failed=`expr $failed + 1`
+testit "ntlm_auth ntlm-server-1 with incorrect fixed password" test_ntlm_server_1_check_output_fail || failed=`expr $failed + 1`
+testit "ntlm_auth ntlm-server-1 with plaintext password against winbind" test_ntlm_server_1_check_winbind_output || failed=`expr $failed + 1`
+testit "ntlm_auth ntlm-server-1 with plaintext password against winbind but wrong sid" test_ntlm_server_1_check_winbind_output_wrong_sid || failed=`expr $failed + 1`
+testit "ntlm_auth ntlm-server-1 with incorrect fixed password against winbind" test_ntlm_server_1_check_winbind_output_fail || failed=`expr $failed + 1`
 
 testok $0 $failed

vendor/current/source3/script/tests/test_pthreadpool.sh

@@ -4 +4 @@
 . $incdir/subunit.sh
 
-TESTPROG=$BINDIR/pthreadpooltest
-
 if [ ! -x $BINDIR/pthreadpooltest ] ; then
-    TESTPROG=/bin/true
+    # Some machines don't have /bin/true, simulate it
+    cat >$BINDIR/pthreadpooltest <<EOF
+#!/bin/sh
+exit 0
+EOF
+    chmod +x $BINDIR/pthreadpooltest
 fi
 
 failed=0
 
-testit "pthreadpool" $VALGRIND $TESTPROG ||
+testit "pthreadpool" $VALGRIND $BINDIR/pthreadpooltest ||
         failed=`expr $failed + 1`
 

vendor/current/source3/script/tests/test_smbclient_auth.sh

@@ -3 +3 @@
 # this runs the file serving tests that are expected to pass with samba3 against shares with various options
 
-if [ $# -lt 4 ]; then
+if [ $# -lt 5 ]; then
 cat <<EOF
-Usage: test_smbclient_s3.sh SERVER SERVER_IP USERNAME PASSWORD <smbclient arguments>
+Usage: test_smbclient_auth.sh SERVER SERVER_IP USERNAME PASSWORD SMBCLIENT <smbclient arguments>
 EOF
 exit 1;
@@ -14 +14 @@
 USERNAME="$3"
 PASSWORD="$4"
-SMBCLIENT="$VALGRIND ${SMBCLIENT:-$BINDIR/smbclient}"
-shift 4
+SMBCLIENT="$5"
+SMBCLIENT="$VALGRIND ${SMBCLIENT}"
+shift 5
 ADDARGS="$*"
 
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
+
+echo "${SERVER_IP}" | grep -q ':.*:' && {
+        # If we have an ipv6 address e.g.
+        # fd00:0000:0000:0000:0000:0000:5357:5f03
+        # we also try
+        # fd00-0000-0000-0000-0000-0000-5357-5f03.ipv6-literal.net
+        IPV6LITERAL=$(echo "${SERVER_IP}.ipv6-literal.net" | sed -e 's!:!-!g' -e 's!%!s!')
+        testit "smbclient //${IPV6LITERAL}/tmpguest" $SMBCLIENT //${IPV6LITERAL}/tmpguest $CONFIGURATION -U$USERNAME%$PASSWORD -c quit $ADDARGS
+        testit "smbclient //${IPV6LITERAL}./tmpguest" $SMBCLIENT //${IPV6LITERAL}./tmpguest $CONFIGURATION -U$USERNAME%$PASSWORD -c quit $ADDARGS
 }
+testit "smbclient //${SERVER_IP}/tmpguest" $SMBCLIENT //${SERVER_IP}/tmpguest $CONFIGURATION -U$USERNAME%$PASSWORD -p 139 -c quit $ADDARGS
 
 testit "smbclient //$SERVER/guestonly" $SMBCLIENT //$SERVER/guestonly $CONFIGURATION -U$USERNAME%$PASSWORD -I $SERVER_IP -p 139 -c quit $ADDARGS
@@ -29 +39 @@
 testit "smbclient //$SERVER/forceuser" $SMBCLIENT //$SERVER/forceuser $CONFIGURATION -U$USERNAME%$PASSWORD -I $SERVER_IP -p 139 -c quit $ADDARGS
 testit "smbclient //$SERVER/forceuser as anon" $SMBCLIENT //$SERVER/forceuser $CONFIGURATION -U% -I $SERVER_IP -p 139 -c quit $ADDARGS
+testit "smbclient //$SERVER/forceuser_unixonly" $SMBCLIENT //$SERVER/forceuser_unixonly $CONFIGURATION -U$USERNAME%$PASSWORD -I $SERVER_IP -p 139 -c quit $ADDARGS
+testit "smbclient //$SERVER/forceuser_wkngroup" $SMBCLIENT //$SERVER/forceuser_wkngroup $CONFIGURATION -U$USERNAME%$PASSWORD -I $SERVER_IP -p 139 -c quit $ADDARGS
 testit "smbclient //$SERVER/forcegroup" $SMBCLIENT //$SERVER/forcegroup $CONFIGURATION -U$USERNAME%$PASSWORD -I $SERVER_IP -p 139 -c quit $ADDARGS
 testit "smbclient //$SERVER/forcegroup as anon" $SMBCLIENT //$SERVER/forcegroup $CONFIGURATION -U% -I $SERVER_IP -p 139 -c quit $ADDARGS

vendor/current/source3/script/tests/test_smbclient_s3.sh

@@ -3 +3 @@
 # this runs the file serving tests that are expected to pass with samba3
 
-if [ $# -lt 7 ]; then
+if [ $# -lt 11 ]; then
 cat <<EOF
-Usage: test_smbclient_s3.sh SERVER SERVER_IP USERNAME PASSWORD USERID LOCAL_PATH PREFIX
+Usage: test_smbclient_s3.sh SERVER SERVER_IP DOMAIN USERNAME PASSWORD USERID LOCAL_PATH PREFIX SMBCLIENT WBINFO NET
 EOF
 exit 1;
 fi
 
-SERVER="$1"
-SERVER_IP="$2"
-USERNAME="$3"
-PASSWORD="$4"
-USERID="$5"
-LOCAL_PATH="$6"
-PREFIX="$7"
-SMBCLIENT="$VALGRIND ${SMBCLIENT:-$BINDIR/smbclient}"
-WBINFO="$VALGRIND ${WBINFO:-$BINDIR/wbinfo}"
-shift 7
+SERVER="${1}"
+SERVER_IP="${2}"
+DOMAIN="${3}"
+USERNAME="${4}"
+PASSWORD="${5}"
+USERID="${6}"
+LOCAL_PATH="${7}"
+PREFIX="${8}"
+SMBCLIENT="${9}"
+WBINFO="${10}"
+NET="${11}"
+SMBCLIENT="$VALGRIND ${SMBCLIENT}"
+WBINFO="$VALGRIND ${WBINFO}"
+shift 11
 ADDARGS="$*"
 
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
-}
 
 failed=0
@@ -134 +136 @@
 test_good_symlink()
 {
-    tmpfile=/tmp/smbclient.in.$$
+    tmpfile=$PREFIX/smbclient.in.$$
     slink_name="$LOCAL_PATH/slink"
     slink_target="$LOCAL_PATH/slink_target"
@@ -184 +186 @@
 {
     prompt="NT_STATUS_ACCESS_DENIED making remote directory"
-    tmpfile=/tmp/smbclient.in.$$
+    tmpfile=$PREFIX/smbclient.in.$$
 
 ##
@@ -211 +213 @@
 EOF
 
-    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U% //$SERVER/ro-tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT -U% "//$SERVER/$1" -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
     eval echo "$cmd"
     out=`eval $cmd`
@@ -220 +222 @@
         echo "$out"
         echo "failed writing into read-only directory with error $ret"
+
         false
         return
@@ -237 +240 @@
 }
 
+
+# Test sending a message
+test_message()
+{
+    tmpfile=$PREFIX/message_in.$$
+
+    cat > $tmpfile <<EOF
+Test message from pid $$
+EOF
+
+    cmd='$SMBCLIENT "$@" -U$USERNAME%$PASSWORD -M $SERVER -p 139 $ADDARGS -n msgtest < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed sending message to $SERVER with error $ret"
+        false
+        rm -f $tmpfile
+        return
+    fi
+
+    # The server writes this into a file message.msgtest, via message.%m to test the % sub code
+    cmd='$SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/tmpguest -p 139 $ADDARGS -c "get message.msgtest $PREFIX/message_out.$$" 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed getting sent message from $SERVER with error $ret"
+        false
+        return
+    fi
+
+    if [ cmp $PREFIX/message_out.$$ $tmpfile != 0 ] ; then
+        echo "failed comparison of message from $SERVER"
+        false
+        return
+    fi
+    true
+}
+
 # Test reading an owner-only file (logon as guest) fails.
 test_owner_only_file()
 {
     prompt="NT_STATUS_ACCESS_DENIED opening remote file"
-    tmpfile=/tmp/smbclient.in.$$
+    tmpfile=$PREFIX/smbclient.in.$$
 
 ##
@@ -297 +344 @@
 test_msdfs_link()
 {
-    tmpfile=/tmp/smbclient.in.$$
+    tmpfile=$PREFIX/smbclient.in.$$
     prompt="  msdfs-target  "
 
@@ -363 +410 @@
 }
 
+# Archive bits are correctly set on file/dir creation and rename.
+test_rename_archive_bit()
+{
+    prompt_file="attributes: A (20)"
+    prompt_dir="attributes: D (10)"
+    tmpfile="$PREFIX/smbclient.in.$$"
+    filename="foo.$$"
+    filename_ren="bar.$$"
+    dirname="foodir.$$"
+    dirname_ren="bardir.$$"
+    filename_path="$PREFIX/$filename"
+    local_name1="$LOCAL_PATH/$filename"
+    local_name2="$LOCAL_PATH/$filename_ren"
+    local_dir_name1="$LOCAL_PATH/$dirname"
+    local_dir_name2="$LOCAL_PATH/$dirname_ren"
+
+    rm -f $filename_path
+    rm -f $local_name1
+    rm -f $local_name2
+
+# Create a new file, ensure it has 'A' attributes.
+    touch $filename_path
+
+    cat > $tmpfile <<EOF
+lcd $PREFIX
+put $filename
+allinfo $filename
+quit
+EOF
+
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed creating file $filename with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | grep "$prompt_file" >/dev/null 2>&1
+
+    ret=$?
+
+    rm -f $filename_path
+    rm -f $local_name1
+    rm -f $local_name2
+
+    if [ $ret = 0 ] ; then
+        # got the correct prompt .. succeed
+        true
+    else
+        echo "$out"
+        echo "Attributes incorrect on new file $ret"
+        false
+    fi
+
+# Now check if we remove 'A' and rename, the A comes back.
+    touch $filename_path
+
+    cat > $tmpfile <<EOF
+lcd $PREFIX
+put $filename
+setmode $filename -a
+ren $filename $filename_ren
+allinfo $filename_ren
+quit
+EOF
+
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed creating file and renaming $filename with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | grep "$prompt_file" >/dev/null 2>&1
+
+    ret=$?
+
+    rm -f $filename_path
+    rm -f $local_name1
+    rm -f $local_name2
+
+    if [ $ret = 0 ] ; then
+        # got the correct prompt .. succeed
+        true
+    else
+        echo "$out"
+        echo "Attributes incorrect on renamed file $ret"
+        false
+    fi
+
+    rm -rf $local_dir_name1
+    rm -rf $local_dir_name2
+
+# Create a new directory, ensure it has 'D' but not 'A' attributes.
+
+    cat > $tmpfile <<EOF
+mkdir $dirname
+allinfo $dirname
+quit
+EOF
+
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed creating directory $dirname with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | grep "$prompt_dir" >/dev/null 2>&1
+
+    ret=$?
+
+    rm -rf $local_dir_name1
+    rm -rf $local_dir_name2
+
+    if [ $ret = 0 ] ; then
+        # got the correct prompt .. succeed
+        true
+    else
+        echo "$out"
+        echo "Attributes incorrect on new directory $ret"
+        false
+    fi
+
+# Now check if we rename, we still only have 'D' attributes
+
+    cat > $tmpfile <<EOF
+mkdir $dirname
+ren $dirname $dirname_ren
+allinfo $dirname_ren
+quit
+EOF
+
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed creating directory $dirname and renaming with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | grep "$prompt_dir" >/dev/null 2>&1
+
+    ret=$?
+
+    rm -f $local_name1
+    rm -f $local_name2
+
+    if [ $ret = 0 ] ; then
+        # got the correct prompt .. succeed
+        true
+    else
+        echo "$out"
+        echo "Attributes incorrect on renamed directory $ret"
+        false
+    fi
+}
+
 # Test authenticating using the winbind ccache
 test_ccache_access()
 {
     $WBINFO --ccache-save="${USERNAME}%${PASSWORD}"
-    $SMBCLIENT //$SERVER_IP/tmp -C -U "${USERNAME}%" \
+    ret=$?
+
+    if [ $ret != 0 ] ; then
+        echo "wbinfo failed to store creds in cache (user='${USERNAME}', pass='${PASSWORD}')"
+        false
+        return
+    fi
+
+    $SMBCLIENT //$SERVER_IP/tmp -C -U "${USERNAME}" \
         -c quit 2>&1
     ret=$?
@@ -378 +614 @@
 
     $WBINFO --ccache-save="${USERNAME}%GarBage"
-    $SMBCLIENT //$SERVER_IP/tmp -C -U "${USERNAME}%" \
+    ret=$?
+
+    if [ $ret != 0 ] ; then
+        echo "wbinfo failed to store creds in cache (user='${USERNAME}', pass='GarBage')"
+        false
+        return
+    fi
+
+    $SMBCLIENT //$SERVER_IP/tmp -C -U "${USERNAME}" \
         -c quit 2>&1
     ret=$?
@@ -389 +633 @@
 
     $WBINFO --logoff
+}
+
+# Test authenticating using the winbind ccache
+test_auth_file()
+{
+    tmpfile=$PREFIX/smbclient.in.$$
+    cat > $tmpfile <<EOF
+username=${USERNAME}
+password=${PASSWORD}
+domain=${DOMAIN}
+EOF
+    $SMBCLIENT //$SERVER_IP/tmp --authentication-file=$tmpfile \
+        -c quit 2>&1
+    ret=$?
+    rm $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "smbclient failed to use auth file"
+        false
+        return
+    fi
+
+    cat > $tmpfile <<EOF
+username=${USERNAME}
+password=xxxx
+domain=${DOMAIN}
+EOF
+    $SMBCLIENT //$SERVER_IP/tmp --authentication-file=$tmpfile\
+        -c quit 2>&1
+    ret=$?
+    rm $tmpfile
+
+    if [ $ret -eq 0 ] ; then
+        echo "smbclient succeeded with wrong auth file credentials"
+        false
+        return
+    fi
+}
+
+# Test doing a directory listing with backup privilege.
+test_backup_privilege_list()
+{
+    tmpfile=$PREFIX/smbclient_backup_privilege_list
+
+    # If we don't have a DOMAIN component to the username, add it.
+    echo "$USERNAME" | grep '\\' 2>&1
+    ret=$?
+    if [ $ret != 0 ] ; then
+        priv_username="$DOMAIN\\$USERNAME"
+    else
+        priv_username=$USERNAME
+    fi
+
+    $NET sam rights grant $priv_username SeBackupPrivilege 2>&1
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "Failed to add SeBackupPrivilege to user $priv_username - $ret"
+        false
+        return
+    fi
+
+    cat > $tmpfile <<EOF
+backup
+ls
+quit
+EOF
+
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed backup privilege list $ret"
+        false
+        return
+    fi
+
+# Now remove all privileges from this SID.
+    $NET sam rights revoke $priv_username SeBackupPrivilege 2>&1
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "failed to remove SeBackupPrivilege from user $priv_username - $ret"
+        false
+        return
+    fi
+}
+
+# Test accessing an share with bad names (won't convert).
+test_bad_names()
+{
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/badname-tmp -I $SERVER_IP $ADDARGS -c ls 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed accessing badname-tmp (SMB1) with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | wc -l 2>&1 | grep 6
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - grep of number of lines (1) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep 'Domain=.*OS=.*Server='
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - grep (1) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep '^  \. *D'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - grep (2) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep '^  \.\. *D'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - grep (3) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep '^  blank.txt *N'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - grep (4) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep '^ *$'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - grep (5) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep 'blocks of size.*blocks available'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - grep (6) failed with $ret"
+        false
+    fi
+
+    # Now check again with -mSMB3
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/badname-tmp -I $SERVER_IP -mSMB3 $ADDARGS -c ls 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed accessing badname-tmp (SMB3) with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | wc -l 2>&1 | grep 6
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - SMB3 grep of number of lines (1) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep 'Domain=.*OS=.*Server='
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - SMB3 grep (1) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep '^  \. *D'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - SMB3 grep (2) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep '^  \.\. *D'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - SMB3 grep (3) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep '^  blank.txt *N'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - SMB3 grep (4) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep '^ *$'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - SMB3 grep (5) failed with $ret"
+        false
+    fi
+
+    echo "$out" | grep 'blocks of size.*blocks available'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed listing \\badname-tmp - SMB3 grep (6) failed with $ret"
+        false
+    fi
+}
+
+# Test accessing an share with a name that must be mangled - with acl_xattrs.
+# We know foo:bar gets mangled to FF4GBY~Q with the default name-mangling algorithm (hash2).
+test_mangled_names()
+{
+    tmpfile=$PREFIX/smbclient_interactive_prompt_commands
+    cat > $tmpfile <<EOF
+ls
+cd FF4GBY~Q
+ls
+quit
+EOF
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/manglenames_share -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed accessing manglenames_share with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | grep 'NT_STATUS'
+    ret=$?
+    if [ $ret == 0 ] ; then
+        echo "$out"
+        echo "failed - NT_STATUS_XXXX listing \\manglenames_share\\FF4GBY~Q"
+        false
+    fi
+}
+
+# Test using scopy to copy a file on the server.
+test_scopy()
+{
+    tmpfile=$PREFIX/smbclient_interactive_prompt_commands
+    scopy_file=$PREFIX/scopy_file
+
+    rm -f $scopy_file
+    cat > $tmpfile <<EOF
+put ${SMBCLIENT}
+scopy smbclient scopy_file
+lcd ${PREFIX}
+get scopy_file
+del smbclient
+del scopy_file
+quit
+EOF
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -mSMB3 -U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    out1=`md5sum ${SMBCLIENT} | sed -e 's/ .*//'`
+    out2=`md5sum ${scopy_file} | sed -e 's/ .*//'`
+    rm -f $tmpfile
+    rm -f $scopy_file
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed scopy test (1) with output $ret"
+        false
+        return
+    fi
+
+    if [ $out1 != $out2 ] ; then
+        echo "$out1 $out2"
+        echo "failed md5sum (1)"
+        false
+    fi
+
+#
+# Now do again using SMB1
+# to force client-side fallback.
+#
+
+    cat > $tmpfile <<EOF
+put ${SMBCLIENT}
+scopy smbclient scopy_file
+lcd ${PREFIX}
+get scopy_file
+del smbclient
+del scopy_file
+quit
+EOF
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -mNT1 -U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    out1=`md5sum ${SMBCLIENT} | sed -e 's/ .*//'`
+    out2=`md5sum ${scopy_file} | sed -e 's/ .*//'`
+    rm -f $tmpfile
+    rm -f $scopy_file
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed scopy test (2) with output $ret"
+        false
+        return
+    fi
+
+    if [ $out1 != $out2 ] ; then
+        echo "$out1 $out2"
+        echo "failed md5sum (2)"
+        false
+    fi
+}
+
+# Test creating a stream on the root of the share directory filname - :foobar
+test_toplevel_stream()
+{
+    tmpfile=$PREFIX/smbclient_interactive_prompt_commands
+    cat > $tmpfile <<EOF
+put ${PREFIX}/smbclient_interactive_prompt_commands :foobar
+allinfo \\
+setmode \\ -a
+quit
+EOF
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP -mSMB3 $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed creating toplevel stream :foobar with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | grep '^stream:.*:foobar'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed creating toplevel stream :foobar"
+        false
+    fi
+}
+
+# Test wide links are restricted.
+test_widelinks()
+{
+    tmpfile=$PREFIX/smbclient_interactive_prompt_commands
+    cat > $tmpfile <<EOF
+cd dot
+ls
+quit
+EOF
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/widelinks_share -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed accessing widelinks_share with error $ret"
+        false
+        return
+    fi
+
+    echo "$out" | grep 'NT_STATUS'
+    ret=$?
+    if [ $ret == 0 ] ; then
+        echo "$out"
+        echo "failed - NT_STATUS_XXXX listing \\widelinks_share\\dot"
+        false
+    fi
+
+    cat > $tmpfile <<EOF
+allinfo source
+quit
+EOF
+    cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/widelinks_share -I $SERVER_IP $ADDARGS < $tmpfile 2>&1'
+    eval echo "$cmd"
+    out=`eval $cmd`
+    ret=$?
+    rm -f $tmpfile
+
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed accessing widelinks_share with error $ret"
+        false
+        return
+    fi
+
+# This should fail with NT_STATUS_ACCESS_DENIED
+    echo "$out" | grep 'NT_STATUS_ACCESS_DENIED'
+    ret=$?
+    if [ $ret != 0 ] ; then
+        echo "$out"
+        echo "failed - should get NT_STATUS_ACCESS_DENIED listing \\widelinks_share\\source"
+        false
+    fi
 }
 
@@ -431 +1101 @@
 
 testit "writing into a read-only directory fails" \
-   test_read_only_dir || \
+   test_read_only_dir ro-tmp || \
+   failed=`expr $failed + 1`
+
+testit "writing into a read-only share fails" \
+   test_read_only_dir valid-users-tmp || \
    failed=`expr $failed + 1`
 
@@ -442 +1116 @@
    failed=`expr $failed + 1`
 
+testit "Ensure archive bit is set correctly on file/dir rename" \
+    test_rename_archive_bit || \
+    failed=`expr $failed + 1`
+
 testit "ccache access works for smbclient" \
     test_ccache_access || \
     failed=`expr $failed + 1`
 
+testit "sending a message to the remote server" \
+    test_message || \
+    failed=`expr $failed + 1`
+
+testit "using an authentication file" \
+    test_auth_file || \
+    failed=`expr $failed + 1`
+
+testit "list with backup privilege" \
+    test_backup_privilege_list || \
+    failed=`expr $failed + 1`
+
+testit "list a share with bad names (won't convert)" \
+    test_bad_names || \
+    failed=`expr $failed + 1`
+
+testit "list a share with a mangled name + acl_xattr object" \
+    test_mangled_names || \
+    failed=`expr $failed + 1`
+
+testit "server-side file copy" \
+    test_scopy || \
+    failed=`expr $failed + 1`
+
+testit "creating a :stream at root of share" \
+    test_toplevel_stream || \
+    failed=`expr $failed + 1`
+
+testit "Ensure widelinks are restricted" \
+    test_widelinks || \
+    failed=`expr $failed + 1`
+
 testit "rm -rf $LOGDIR" \
     rm -rf $LOGDIR || \

vendor/current/source3/script/tests/test_smbtorture_s3.sh

@@ -5 +5 @@
 if [ $# -lt 4 ]; then
 cat <<EOF
-Usage: test_smbtorture_s3.sh TEST UNC USERNAME PASSWORD <smbtorture args>
+Usage: test_smbtorture_s3.sh TEST UNC USERNAME PASSWORD SMBTORTURE <smbtorture args>
 EOF
 exit 1;
@@ -14 +14 @@
 username="$3"
 password="$4"
-shift 4
+SMBTORTURE="$5"
+shift 5
 ADDARGS="$*"
 
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
-}
 
 
 
 failed=0
-testit "smbtorture" $VALGRIND $BINDIR/smbtorture $unc -U"$username"%"$password" $ADDARGS $t || failed=`expr $failed + 1`
+testit "smbtorture" $VALGRIND $SMBTORTURE $unc -U"$username"%"$password" $ADDARGS $t || failed=`expr $failed + 1`
 
 testok $0 $failed

vendor/current/source3/script/tests/test_success.sh

@@ -5 +5 @@
 # Copyright (C) 2011 Michael Adam <obnox@samba.org>
 
-# include the blackbox subunit infrastructure
-# if not run from classical s3 test script:
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
-        incdir=`dirname $0`/../../../testprogs/blackbox
-        . $incdir/subunit.sh
-}
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
 
 failed=0

vendor/current/source3/script/tests/test_testparm_s3.sh

@@ -18 +18 @@
 TESTPARM="$VALGRIND ${TESTPARM:-$BINDIR/testparm} --suppress-prompt --skip-logic-checks"
 
-test x"$TEST_FUNCTIONS_SH" != x"INCLUDED" && {
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
-}
 
 failed=0

vendor/current/source3/script/tests/test_wbinfo_sids2xids.sh

@@ -1 +1 @@
 #!/bin/sh
 
-WBINFO="$VALGRIND ${NET:-$BINDIR/wbinfo} $CONFIGURATION"
+WBINFO="$VALGRIND ${WBINFO:-$BINDIR/wbinfo} $CONFIGURATION"
+NET="$VALGRIND ${NET:-$BINDIR/net} $CONFIGURATION"
 TEST_INT=`dirname $0`/test_wbinfo_sids2xids_int.py
 
@@ -7 +8 @@
 . $incdir/subunit.sh
 
-testit "sids2xids" ${TEST_INT} ${WBINFO} || failed=`expr $failed + 1`
+testit "sids2xids" ${TEST_INT} ${WBINFO} ${NET} || failed=`expr $failed + 1`
 
 testok $0 $failed

vendor/current/source3/script/tests/test_wbinfo_sids2xids_int.py

@@ -3 +3 @@
 import sys,os,subprocess
 
-if len(sys.argv) != 2:
-    print "Usage: test_wbinfo_sids2xids_int.py wbinfo"
+
+if len(sys.argv) != 3:
+    print "Usage: test_wbinfo_sids2xids_int.py wbinfo net"
     sys.exit(1)
 
 wbinfo = sys.argv[1]
+netcmd = sys.argv[2]
+
+def flush_cache():
+    os.system(netcmd + " cache flush")
+
+def fill_cache(inids, idtype='gid'):
+    for inid in inids:
+        if inid is None:
+            continue
+        subprocess.Popen([wbinfo, '--%s-to-sid=%s' % (idtype, inid)],
+                         stdout=subprocess.PIPE).communicate()
+
 domain = subprocess.Popen([wbinfo, "--own-domain"],
                           stdout=subprocess.PIPE).communicate()[0].strip()
-domsid = subprocess.Popen([wbinfo, "-n", domain + "\\"],
+domsid = subprocess.Popen([wbinfo, "-n", domain + "/"],
                           stdout=subprocess.PIPE).communicate()[0]
 domsid = domsid.split(' ')[0]
@@ -19 +32 @@
 sids=[ domsid + '-512', 'S-1-5-32-545', domsid + '-513' ]
 
+flush_cache()
+
 sids2xids = subprocess.Popen([wbinfo, '--sids-to-unix-ids=' +  ','.join(sids)],
                              stdout=subprocess.PIPE).communicate()[0].strip()
 
 gids=[]
+uids=[]
+idtypes = []
 
 for line in sids2xids.split('\n'):
     result = line.split(' ')[2:]
+    idtypes.append(result[0])
 
+    gid = None
+    uid = None
     if result[0] == 'gid':
         gid = result[1]
-    else:
-        gid = ''
+    elif result[0] == 'uid':
+        uid = result[1]
+    elif result[0] == 'uid/gid':
+        gid = result[1]
+        uid = result[1]
+
     if gid == '-1':
         gid = ''
     gids.append(gid)
 
-i=0
+    if uid == '-1':
+        uid = ''
+    uids.append(uid)
 
-for sid in sids:
-    gid = subprocess.Popen([wbinfo, '--sid-to-gid', sid],
-                           stdout=subprocess.PIPE).communicate()[0].strip()
-    if gid != gids[i]:
-        print "Expected %s, got %s\n", gid, gids[i]
-        sys.exit(1)
-    i+=1
+# Check the list produced by the sids-to-xids call with the
+# singular variant (sid-to-xid) for each sid in turn.
+def check_singular(sids, ids, idtype='gid'):
+    i = 0
+    for sid in sids:
+        if ids[i] is None:
+            continue
+
+        outid = subprocess.Popen([wbinfo, '--sid-to-%s' % idtype, sid],
+                                 stdout=subprocess.PIPE).communicate()[0].strip()
+        if outid != ids[i]:
+            print "Expected %s, got %s\n" % (outid, ids[i])
+            flush_cache()
+            sys.exit(1)
+        i += 1
+
+# Check the list produced by the sids-to-xids call with the
+# multiple variant (sid-to-xid) for each sid in turn.
+def check_multiple(sids, idtypes):
+    sids2xids = subprocess.Popen([wbinfo, '--sids-to-unix-ids=' +  ','.join(sids)],
+                                 stdout=subprocess.PIPE).communicate()[0].strip()
+    # print sids2xids
+    i = 0
+    for line in sids2xids.split('\n'):
+        result = line.split(' ')[2:]
+
+        if result[0] != idtypes[i]:
+            print "Expected %s, got %s\n" % (idtypes[i], result[0])
+            flush_cache()
+            sys.exit(1)
+        i += 1
+
+# first round: with filled cache via sid-to-id
+check_singular(sids, gids, 'gid')
+check_singular(sids, uids, 'uid')
+
+# second round: with empty cache
+flush_cache()
+check_singular(sids, gids, 'gid')
+flush_cache()
+check_singular(sids, uids, 'uid')
+
+# third round: with filled cache via uid-to-sid
+flush_cache()
+fill_cache(uids, 'uid')
+check_multiple(sids, idtypes)
+
+# fourth round: with filled cache via gid-to-sid
+flush_cache()
+fill_cache(gids, 'gid')
+check_multiple(sids, idtypes)
+
+# flush the cache so any incorrect mappings don't break other tests
+flush_cache()
 
 sys.exit(0)