From c5710bbe2c0e183fd035c6aff8caf938a7db2f57 Mon Sep 17 00:00:00 2001 From: Sachin Prabhu Date: Thu, 30 Jan 2025 12:42:39 +0000 Subject: [PATCH] testcases/smbtorture: update selftest files Head of samba repo when this copy was made 062dc07e9b9 (s3-libnet: avoid using lp_dns_hostname() in join code, 2025-01-14) Signed-off-by: Sachin Prabhu --- testcases/smbtorture/selftest/README | 2 +- .../selftest/expectedfail.d/encrypted_secrets | 2 +- .../expectedfail.d/kdc_test_pw_expired | 2 + .../expectedfail.d/ldap-tlsverifypeer | 10 +++ .../selftest/expectedfail.d/ntlm-auth | 4 ++ .../expectedfail.d/samba4.ldb.simple.ldap-tls | 28 +++++++++ .../expectedfail.d/samba4.rpc.backupkey | 28 +++++++++ .../expectedfail.d/samba4.rpc.pac.krb5 | 5 ++ .../flapping.d/gitlab-setxattr-security | 18 ++++++ .../selftest/flapping.d/kcc_verify_py3 | 2 - .../selftest/flapping.d/samba_tool_visualize | 3 - testcases/smbtorture/selftest/knownfail | 28 +-------- .../selftest/knownfail.d/dns_packet | 0 .../selftest/knownfail.d/encrypted_secrets | 13 ---- .../selftest/knownfail.d/getncchanges | 3 + .../smbtorture/selftest/knownfail.d/gmsa | 3 + .../selftest/knownfail.d/kdc-enterprise | 63 ------------------- .../smbtorture/selftest/knownfail.d/keytab | 0 .../smbtorture/selftest/knownfail.d/labdc | 5 -- .../selftest/knownfail.d/ntlmv1-restrictions | 5 -- .../selftest/knownfail.d/password_settings | 2 - .../{bug-14236 => pyldb-segfaults} | 0 .../smbtorture/selftest/knownfail.d/reparse | 2 + .../samba-tool-user-get-kerberos-ticket | 7 +-- .../knownfail.d/samba.tests.krb5.netlogon | 2 + .../selftest/knownfail.d/sid-strings | 6 +- .../knownfail.d/smb2.durable-v2-open.bug15708 | 7 +++ .../selftest/knownfail.d/smb2_credits | 7 +++ .../smbtorture/selftest/knownfail.d/smbcacls | 0 .../smbtorture/selftest/knownfail.d/symlink | 4 -- .../knownfail.d/user_getpassword_gmsa | 4 +- 31 files changed, 130 insertions(+), 135 deletions(-) create mode 100644 testcases/smbtorture/selftest/expectedfail.d/kdc_test_pw_expired create mode 100644 testcases/smbtorture/selftest/expectedfail.d/ldap-tlsverifypeer create mode 100644 testcases/smbtorture/selftest/expectedfail.d/samba4.ldb.simple.ldap-tls create mode 100644 testcases/smbtorture/selftest/expectedfail.d/samba4.rpc.backupkey create mode 100644 testcases/smbtorture/selftest/expectedfail.d/samba4.rpc.pac.krb5 create mode 100644 testcases/smbtorture/selftest/flapping.d/gitlab-setxattr-security delete mode 100644 testcases/smbtorture/selftest/flapping.d/kcc_verify_py3 delete mode 100644 testcases/smbtorture/selftest/flapping.d/samba_tool_visualize delete mode 100644 testcases/smbtorture/selftest/knownfail.d/dns_packet delete mode 100644 testcases/smbtorture/selftest/knownfail.d/encrypted_secrets create mode 100644 testcases/smbtorture/selftest/knownfail.d/gmsa delete mode 100644 testcases/smbtorture/selftest/knownfail.d/kdc-enterprise delete mode 100644 testcases/smbtorture/selftest/knownfail.d/keytab delete mode 100644 testcases/smbtorture/selftest/knownfail.d/labdc delete mode 100644 testcases/smbtorture/selftest/knownfail.d/ntlmv1-restrictions delete mode 100644 testcases/smbtorture/selftest/knownfail.d/password_settings rename testcases/smbtorture/selftest/knownfail.d/{bug-14236 => pyldb-segfaults} (100%) create mode 100644 testcases/smbtorture/selftest/knownfail.d/reparse create mode 100644 testcases/smbtorture/selftest/knownfail.d/samba.tests.krb5.netlogon create mode 100644 testcases/smbtorture/selftest/knownfail.d/smb2.durable-v2-open.bug15708 create mode 100644 testcases/smbtorture/selftest/knownfail.d/smb2_credits delete mode 100644 testcases/smbtorture/selftest/knownfail.d/smbcacls delete mode 100644 testcases/smbtorture/selftest/knownfail.d/symlink diff --git a/testcases/smbtorture/selftest/README b/testcases/smbtorture/selftest/README index 1322f69..95e8ad0 100644 --- a/testcases/smbtorture/selftest/README +++ b/testcases/smbtorture/selftest/README @@ -1,4 +1,4 @@ Scripts and modules copied over from the samba source tree. At the time of copy, the samba head is at -0caaa2d1723 (vfs: Remove shadow_copy2_get_real_filename_at(), 2024-01-11) +062dc07e9b9 (s3-libnet: avoid using lp_dns_hostname() in join code, 2025-01-14) diff --git a/testcases/smbtorture/selftest/expectedfail.d/encrypted_secrets b/testcases/smbtorture/selftest/expectedfail.d/encrypted_secrets index e25a68d..5a0f0b5 100644 --- a/testcases/smbtorture/selftest/expectedfail.d/encrypted_secrets +++ b/testcases/smbtorture/selftest/expectedfail.d/encrypted_secrets @@ -1,5 +1,5 @@ # The fl2000dc environment is provisioned with the --plaintext-secrets option -# running the ecnrypted secrets tests on it and expecting them to fail. +# running the encrypted secrets tests on it and expecting them to fail. # verifies that: # * --plaintext-secrets option correctly provisions a domain # * the dsdb operational module correctly handles unencrypted secrets diff --git a/testcases/smbtorture/selftest/expectedfail.d/kdc_test_pw_expired b/testcases/smbtorture/selftest/expectedfail.d/kdc_test_pw_expired new file mode 100644 index 0000000..979330f --- /dev/null +++ b/testcases/smbtorture/selftest/expectedfail.d/kdc_test_pw_expired @@ -0,0 +1,2 @@ +# This tests needs Password Settings Objects to work, so is expected to fail in this environment +^samba.tests.krb5.as_req_tests.samba.tests.krb5.as_req_tests.AsReqKerberosTests.test_pw_expired\(fl2003dc\) diff --git a/testcases/smbtorture/selftest/expectedfail.d/ldap-tlsverifypeer b/testcases/smbtorture/selftest/expectedfail.d/ldap-tlsverifypeer new file mode 100644 index 0000000..d124487 --- /dev/null +++ b/testcases/smbtorture/selftest/expectedfail.d/ldap-tlsverifypeer @@ -0,0 +1,10 @@ +# These are supposed to fail as we want to verify the "tls verify peer" +# restrictions. Note that fl2008r2dc uses a self-signed certificate +# with does not have a crl file. +# +^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=ca_and_name_if_available\( +^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=ca_and_name\( +^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=as_strict_as_possible\( +^samba4.ldb.simple.ldaps.*SERVER_IP.*tlsverifypeer=ca_and_name\( +^samba4.ldb.simple.ldaps.*SERVER_IP.*tlsverifypeer=as_strict_as_possible\( +^samba4.ldb.simple.ldaps.*SERVER.REALM.*tlsverifypeer=as_strict_as_possible.*fl2008r2dc diff --git a/testcases/smbtorture/selftest/expectedfail.d/ntlm-auth b/testcases/smbtorture/selftest/expectedfail.d/ntlm-auth index f4cfd64..46561dc 100644 --- a/testcases/smbtorture/selftest/expectedfail.d/ntlm-auth +++ b/testcases/smbtorture/selftest/expectedfail.d/ntlm-auth @@ -19,3 +19,7 @@ ^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_last_only_requests\(ad_member\) ^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_mix_requests\(ad_member\) ^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_none_only_requests\(ad_member\) +^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_schannel_invalid_alter_no_padding\(ad_member\) +^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_schannel_invalid_alter_tail_padding\(ad_member\) +^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_schannel_invalid_auth3_no_padding\(ad_member\) +^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_schannel_invalid_auth3_tail_padding\(ad_member\) diff --git a/testcases/smbtorture/selftest/expectedfail.d/samba4.ldb.simple.ldap-tls b/testcases/smbtorture/selftest/expectedfail.d/samba4.ldb.simple.ldap-tls new file mode 100644 index 0000000..49f90c9 --- /dev/null +++ b/testcases/smbtorture/selftest/expectedfail.d/samba4.ldb.simple.ldap-tls @@ -0,0 +1,28 @@ +# +## We assert all "ldap server require strong auth" combinations +# +^samba4.ldb.simple.ldap with SIMPLE-BIND.*ad_dc_ntvfs # ldap server require strong auth = allow_sasl_without_tls_channel_bindings +^samba4.ldb.simple.ldap with SIMPLE-BIND.*fl2003dc # ldap server require strong auth = yes +# fl2003dc has ldap server require strong auth = yes +# and correct channel bindings are required for TLS +^samba4.ldb.simple.ldaps.*SASL-BIND.*ldap_testing:tls_channel_bindings=no.*fl2003dc +^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:tls_channel_bindings=no.*fl2003dc +# ad_dc_ntvfs and fl2008r2dc have +# ldap server require strong auth = allow_sasl_without_tls_channel_bindings +# it means correct channel bindings are required, if the client indicated +# explicit (even null) channel bindings are provided +# +# The following are in expectedfail_heimdal for now, as MIT +# behaves differently: +#^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs +#^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs +#^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc +#^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc +^samba4.ldb.simple.ldaps.with.SASL-BIND.*ldap_testing:channel_bound=yes.*ldap_testing:forced_channel_binding=wRoNg +^samba4.ldb.simple.ldaps.with.SASL-BIND.*ldap_testing:channel_bound=no.*ldap_testing:forced_channel_binding=wRoNg +^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:channel_bound=yes.*ldap_testing:forced_channel_binding=wRoNg +^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:channel_bound=no.*ldap_testing:forced_channel_binding=wRoNg +^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs +^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc +^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs +^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc diff --git a/testcases/smbtorture/selftest/expectedfail.d/samba4.rpc.backupkey b/testcases/smbtorture/selftest/expectedfail.d/samba4.rpc.backupkey new file mode 100644 index 0000000..86170ee --- /dev/null +++ b/testcases/smbtorture/selftest/expectedfail.d/samba4.rpc.backupkey @@ -0,0 +1,28 @@ +# We require seal and the test also runs differently against Windows 2022 with sign +^samba4.rpc.backupkey.with.sign.backupkey.restore_guid\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.restore_guid.version.3\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.restore_guid_2nd\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.unable_to_decrypt_secret\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.wrong_user_restore_guid\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.wrong_version_restore_guid\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.empty_request_restore_guid\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_empty_request\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\) +^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\) diff --git a/testcases/smbtorture/selftest/expectedfail.d/samba4.rpc.pac.krb5 b/testcases/smbtorture/selftest/expectedfail.d/samba4.rpc.pac.krb5 new file mode 100644 index 0000000..f859f17 --- /dev/null +++ b/testcases/smbtorture/selftest/expectedfail.d/samba4.rpc.pac.krb5 @@ -0,0 +1,5 @@ +# fl2000dc and fl2003dc don't have 'server support krb5 netlogon = yes' +^samba4.rpc.pac.on.ncacn_np.netr-bdc-krb5.verify-sig-krb5\(fl2000dc\) +^samba4.rpc.pac.on.ncacn_np.netr-mem-krb5.verify-sig-krb5\(fl2000dc\) +^samba4.rpc.pac.on.ncacn_np.netr-bdc-krb5.verify-sig-krb5\(fl2003dc\) +^samba4.rpc.pac.on.ncacn_np.netr-mem-krb5.verify-sig-krb5\(fl2003dc\) diff --git a/testcases/smbtorture/selftest/flapping.d/gitlab-setxattr-security b/testcases/smbtorture/selftest/flapping.d/gitlab-setxattr-security new file mode 100644 index 0000000..d7d2403 --- /dev/null +++ b/testcases/smbtorture/selftest/flapping.d/gitlab-setxattr-security @@ -0,0 +1,18 @@ +# gitlab runners with kernel 5.15.109+ +# allow setxattr() on security.NTACL +# +# It's not clear in detail why there's a difference +# between various systems, one reason could be that +# with selinux inode_owner_or_capable() is used to check +# setxattr() permissions: +# it checks for the fileowner too, as well as CAP_FOWNER. +# Otherwise cap_inode_setxattr() is used, which checks for +# CAP_SYS_ADMIN. +# +# But the kernel doesn't have selinux only apparmor... +# +# test_setntacl_forcenative expects +# PermissionError: [Errno 1] Operation not permitted +# +# So for now we allow this to fail... +^samba.tests.ntacls.samba.tests.ntacls.NtaclsTests.test_setntacl_forcenative.none diff --git a/testcases/smbtorture/selftest/flapping.d/kcc_verify_py3 b/testcases/smbtorture/selftest/flapping.d/kcc_verify_py3 deleted file mode 100644 index 8cfadab..0000000 --- a/testcases/smbtorture/selftest/flapping.d/kcc_verify_py3 +++ /dev/null @@ -1,2 +0,0 @@ -samba.tests.kcc.python3.samba.tests.kcc.KCCTests -samba.tests.kcc.python2.samba.tests.kcc.KCCTests diff --git a/testcases/smbtorture/selftest/flapping.d/samba_tool_visualize b/testcases/smbtorture/selftest/flapping.d/samba_tool_visualize deleted file mode 100644 index 0054132..0000000 --- a/testcases/smbtorture/selftest/flapping.d/samba_tool_visualize +++ /dev/null @@ -1,3 +0,0 @@ -# Mark this as flapping while I paint a house and think about a solution. -samba.tests.samba_tool.visualize_drs.python3 -samba.tests.samba_tool.visualize_drs.python2 diff --git a/testcases/smbtorture/selftest/knownfail b/testcases/smbtorture/selftest/knownfail index 7469836..51aae99 100644 --- a/testcases/smbtorture/selftest/knownfail +++ b/testcases/smbtorture/selftest/knownfail @@ -105,7 +105,6 @@ ^samba4.rpc.netlogon.*.DatabaseSync2 ^samba4.rpc.netlogon.*.NetrEnumerateTrustedDomains ^samba4.rpc.netlogon.*.NetrEnumerateTrustedDomainsEx -^samba4.rpc.netlogon.*.GetPassword ^samba4.rpc.netlogon.*.DatabaseRedo ^samba4.rpc.netlogon.*.netlogon.lsa_over_netlogon\(ad_dc\) #Broken by split of \\pipe\lsass from \\pipe\netlogon in the IDL ^samba4.rpc.netlogon.*.netlogon.SetupCredentialsDowngrade\(ad_dc_ntvfs\) # Broken by allowing NT4 crypto on this environment @@ -184,7 +183,6 @@ ^samba4.smb2.sharemode.sharemode-access ^samba4.smb2.sharemode.access-sharemode ^samba4.ntvfs.cifs.krb5.base.createx_access.createx_access\(.*\)$ -^samba4.rpc.lsa.forest.trust #Not fully provided by Samba4 ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_full_sd\(none\) # Due to something rewriting the NT ACL on DNS objects ^samba4.blackbox.upgradeprovision.release-4-0-0.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects @@ -216,11 +214,7 @@ ^samba3.smb2.getinfo.fsinfo # quotas don't work yet ^samba3.smb2.setinfo.setinfo ^samba3.smb2.session.*reauth5 # some special anonymous checks? -^samba3.smb2.compound.interim2 # wrong return code (STATUS_CANCELLED) -^samba3.smb2.compound.aio.interim2 # wrong return code (STATUS_CANCELLED) ^samba3.smb2.lock.*replay_broken_windows # This tests the windows behaviour -^samba3.smb2.lease.statopen3 -^samba3.smb2.lease.unlink # we currently do not downgrade RH lease to R after unlink ^samba4.smb2.ioctl.compress_notsup.*\(ad_dc_ntvfs\) ^samba3.raw.session.*reauth2 # maybe fix this? ^samba3.rpc.lsa.secrets.seal # This gives NT_STATUS_LOCAL_USER_SESSION_KEY @@ -312,22 +306,6 @@ # ^samba4.ldap.sort.python.+UnicodeSortTests # -## We assert all "ldap server require strong auth" combinations -# -^samba4.ldb.simple.ldap with SIMPLE-BIND.*ad_dc_ntvfs # ldap server require strong auth = allow_sasl_over_tls -^samba4.ldb.simple.ldap with SIMPLE-BIND.*fl2003dc # ldap server require strong auth = yes -^samba4.ldb.simple.ldaps with SASL-BIND.*fl2003dc # ldap server require strong auth = yes -# These are supposed to fail as we want to verify the "tls verify peer" -# restrictions. Note that fl2008r2dc uses a self-signed certificate -# with does not have a crl file. -# -^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=ca_and_name_if_available\( -^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=ca_and_name\( -^samba4.ldb.simple.ldaps.*SERVER_NAME.*tlsverifypeer=as_strict_as_possible\( -^samba4.ldb.simple.ldaps.*SERVER_IP.*tlsverifypeer=ca_and_name\( -^samba4.ldb.simple.ldaps.*SERVER_IP.*tlsverifypeer=as_strict_as_possible\( -^samba4.ldb.simple.ldaps.*SERVER.REALM.*tlsverifypeer=as_strict_as_possible.*fl2008r2dc -# # we don't allow auth_level_connect anymore... # ^samba3.blackbox.rpcclient.*ncacn_np.*with.*connect.*rpcclient # we don't allow auth_level_connect anymore @@ -337,9 +315,9 @@ ^samba4.smb.signing.*disabled.*client-protection=off.*\(ad_dc\) # fl2000dc doesn't support AES ^samba4.krb5.kdc.*as-req-aes.fl2000dc -# nt4_member and ad_member don't support ntlmv1 (not even over SMB1) -^samba3.blackbox.smbclient_auth.plain.*option=clientntlmv2auth=no.member.creds.*as.user.*_member -^samba3.blackbox.smbclient_auth.plain.*option=clientntlmv2auth=no.*mNT1.member.creds.*as.user.*_member +# ad_member don't support ntlmv1 (not even over SMB1) +^samba3.blackbox.smbclient_auth.plain.*option=clientntlmv2auth=no.member.creds.*as.user.*ad_member +^samba3.blackbox.smbclient_auth.plain.*option=clientntlmv2auth=no.*mNT1.member.creds.*as.user.*ad_member #nt-vfs server blocks read with execute access ^samba4.smb2.read.access #ntvfs server blocks copychunk with execute access on read handle diff --git a/testcases/smbtorture/selftest/knownfail.d/dns_packet b/testcases/smbtorture/selftest/knownfail.d/dns_packet deleted file mode 100644 index e69de29..0000000 diff --git a/testcases/smbtorture/selftest/knownfail.d/encrypted_secrets b/testcases/smbtorture/selftest/knownfail.d/encrypted_secrets deleted file mode 100644 index e25a68d..0000000 --- a/testcases/smbtorture/selftest/knownfail.d/encrypted_secrets +++ /dev/null @@ -1,13 +0,0 @@ -# The fl2000dc environment is provisioned with the --plaintext-secrets option -# running the ecnrypted secrets tests on it and expecting them to fail. -# verifies that: -# * --plaintext-secrets option correctly provisions a domain -# * the dsdb operational module correctly handles unencrypted secrets -# * secrets are not stored as encrypted text when this option is specified -^samba.tests.encrypted_secrets.samba.tests.encrypted_secrets.EncryptedSecretsTests.test_encrypted_secrets\(fl2000dc:local\) -^samba.tests.encrypted_secrets.samba.tests.encrypted_secrets.EncryptedSecretsTests.test_required_features\(fl2000dc:local\) -# -# The tests for bug 13563 https://bugzilla.samba.org/show_bug.cgi?id=13653 -# should fail in the mdb case, as sam.ldb is currently a tdb file. -# -^samba.tests.blackbox.bug13653.samba.tests.blackbox.bug13653.Bug13653Tests.test_mdb_scheme diff --git a/testcases/smbtorture/selftest/knownfail.d/getncchanges b/testcases/smbtorture/selftest/knownfail.d/getncchanges index bda9b31..7288309 100644 --- a/testcases/smbtorture/selftest/knownfail.d/getncchanges +++ b/testcases/smbtorture/selftest/knownfail.d/getncchanges @@ -6,3 +6,6 @@ samba4.drs.getncchanges.python\(promoted_dc\).getncchanges.DrsReplicaSyncIntegri samba4.drs.getncchanges.python\(promoted_dc\).getncchanges.DrsReplicaSyncIntegrityTestCase.test_repl_get_tgt_multivalued_links\(promoted_dc\) # Samba chooses to always increment the USN for the NC root at the point where it would otherwise show up. samba4.drs.getncchanges.python\(.*\).getncchanges.DrsReplicaSyncIntegrityTestCase.test_repl_nc_is_first_nc_change_only\( + +# test_repl_get_tgt_multivalued_links also fails with DrsReplicaSyncFakeAzureAdTests on promoted_dc +samba4.drs.getncchanges.python\(promoted_dc\).getncchanges.DrsReplicaSyncFakeAzureAdTests.test_repl_get_tgt_multivalued_links\(promoted_dc\) diff --git a/testcases/smbtorture/selftest/knownfail.d/gmsa b/testcases/smbtorture/selftest/knownfail.d/gmsa new file mode 100644 index 0000000..d0a058e --- /dev/null +++ b/testcases/smbtorture/selftest/knownfail.d/gmsa @@ -0,0 +1,3 @@ +# The unencrypted simple bind fails because the ad_dc environment sets ‘ldap +# server require strong auth = yes’. +^samba\.tests\.krb5\.gmsa_tests\.samba\.tests\.krb5\.gmsa_tests\.GmsaTests\.test_retrieving_password_after_unencrypted_simple_bind\(ad_dc:local\)$ diff --git a/testcases/smbtorture/selftest/knownfail.d/kdc-enterprise b/testcases/smbtorture/selftest/knownfail.d/kdc-enterprise deleted file mode 100644 index c9b6c98..0000000 --- a/testcases/smbtorture/selftest/knownfail.d/kdc-enterprise +++ /dev/null @@ -1,63 +0,0 @@ -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_NetbiosRealm\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_NetbiosRealm_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_NetbiosRealm_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_NetbiosRealm_UPN_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UPN_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_NetbiosRealm\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_NetbiosRealm_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_NetbiosRealm_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_NetbiosRealm_UPN_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm_UPN_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_NetbiosRealm\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_NetbiosRealm_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_NetbiosRealm_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_NetbiosRealm_UPN_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_UPN_RemoveDollar\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_NetbiosRealm\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_NetbiosRealm_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UpperRealm_NetbiosRealm\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UpperRealm_NetbiosRealm_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UpperUserName\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UpperUserName_NetbiosRealm\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UpperUserName_NetbiosRealm_UPN\( -samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_UserCredentials_Enterprise_UpperUserName_UPN\( - - - -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_NetbiosRealm_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_NetbiosRealm_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_NetbiosRealm_UPN_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_NetbiosRealm_UPN_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UPN_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UPN_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_NetbiosRealm_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_NetbiosRealm_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_NetbiosRealm_UPN_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_NetbiosRealm_UPN_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm_UPN_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperRealm_UpperUserName_NetbiosRealm_UPN_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_NetbiosRealm_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_NetbiosRealm_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_NetbiosRealm_UPN_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_NetbiosRealm_UPN_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_RemoveDollar_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_UPN_AsReqSelf\( -^samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_tests.KerberosASCanonicalizationTests.test_MachineCredentials_Enterprise_UpperUserName_UPN_RemoveDollar_AsReqSelf\( diff --git a/testcases/smbtorture/selftest/knownfail.d/keytab b/testcases/smbtorture/selftest/knownfail.d/keytab deleted file mode 100644 index e69de29..0000000 diff --git a/testcases/smbtorture/selftest/knownfail.d/labdc b/testcases/smbtorture/selftest/knownfail.d/labdc deleted file mode 100644 index 65eafd5..0000000 --- a/testcases/smbtorture/selftest/knownfail.d/labdc +++ /dev/null @@ -1,5 +0,0 @@ -# Because the lab-DC testenv scrubs all user info (apart from the Admin), -# we expect tests relying on other users' credentials to fail. -# These tests fail because they use testallowed and testdenied users. -^samba4.rpc.echo.testallowed.*labdc.* -^samba4.rpc.echo.testdenied.*labdc.* diff --git a/testcases/smbtorture/selftest/knownfail.d/ntlmv1-restrictions b/testcases/smbtorture/selftest/knownfail.d/ntlmv1-restrictions deleted file mode 100644 index c5e915a..0000000 --- a/testcases/smbtorture/selftest/knownfail.d/ntlmv1-restrictions +++ /dev/null @@ -1,5 +0,0 @@ -# These tests should fail in these environments, as we restrict NTLMv1 -# in both of these, with vampire_dc however allowing MSCHAPv2 -samba.tests.py_credentials.samba.tests.py_credentials.PyCredentialsTests.test_SamLogonExNTLM\(vampire_dc\) -samba.tests.py_credentials.samba.tests.py_credentials.PyCredentialsTests.test_SamLogonExMSCHAPv2\(promoted_dc\) -samba.tests.py_credentials.samba.tests.py_credentials.PyCredentialsTests.test_SamLogonExNTLM\(promoted_dc\) diff --git a/testcases/smbtorture/selftest/knownfail.d/password_settings b/testcases/smbtorture/selftest/knownfail.d/password_settings deleted file mode 100644 index 6e52189..0000000 --- a/testcases/smbtorture/selftest/knownfail.d/password_settings +++ /dev/null @@ -1,2 +0,0 @@ -# highlights a minor corner-case discrepancy between Windows and Samba -samba4.ldap.passwordsettings.python.password_settings.PasswordSettingsTestCase.test_domain_pwd_history_zero\(ad_dc_default_smb1\) diff --git a/testcases/smbtorture/selftest/knownfail.d/bug-14236 b/testcases/smbtorture/selftest/knownfail.d/pyldb-segfaults similarity index 100% rename from testcases/smbtorture/selftest/knownfail.d/bug-14236 rename to testcases/smbtorture/selftest/knownfail.d/pyldb-segfaults diff --git a/testcases/smbtorture/selftest/knownfail.d/reparse b/testcases/smbtorture/selftest/knownfail.d/reparse new file mode 100644 index 0000000..11d094a --- /dev/null +++ b/testcases/smbtorture/selftest/knownfail.d/reparse @@ -0,0 +1,2 @@ +^samba.tests.reparsepoints.samba.tests.reparsepoints.ReparsePoints.test_create_reparse_directory +^samba.tests.reparsepoints.samba.tests.reparsepoints.ReparsePoints.test_create_reparse_nonempty_directory diff --git a/testcases/smbtorture/selftest/knownfail.d/samba-tool-user-get-kerberos-ticket b/testcases/smbtorture/selftest/knownfail.d/samba-tool-user-get-kerberos-ticket index db59a9a..9005d17 100644 --- a/testcases/smbtorture/selftest/knownfail.d/samba-tool-user-get-kerberos-ticket +++ b/testcases/smbtorture/selftest/knownfail.d/samba-tool-user-get-kerberos-ticket @@ -1,5 +1,2 @@ -# These tests will pass once gMSA support appears -^samba.tests.samba_tool.user_get_kerberos_ticket.samba.tests.samba_tool.user_get_kerberos_ticket.GetKerberosTiketTest.test_gmsa_ticket.ad_dc:local -^samba.tests.samba_tool.user_get_kerberos_ticket.samba.tests.samba_tool.user_get_kerberos_ticket.GetKerberosTiketTest.test_gmsa_ticket.ad_dc_no_ntlm:local -# This test could be fixed by reading the AES keys in supplementalCrednetials, not just the unicodePwd -^samba.tests.samba_tool.user_get_kerberos_ticket.samba.tests.samba_tool.user_get_kerberos_ticket.GetKerberosTiketTest.test_user_ticket.ad_dc_no_ntlm:local +# This test could be fixed by reading the AES keys in supplementalCredentials, not just the unicodePwd +^samba.tests.samba_tool.user_get_kerberos_ticket.samba.tests.samba_tool.user_get_kerberos_ticket.GetKerberosTicketTest.test_user_ticket.ad_dc_no_ntlm:local diff --git a/testcases/smbtorture/selftest/knownfail.d/samba.tests.krb5.netlogon b/testcases/smbtorture/selftest/knownfail.d/samba.tests.krb5.netlogon new file mode 100644 index 0000000..dc2304c --- /dev/null +++ b/testcases/smbtorture/selftest/knownfail.d/samba.tests.krb5.netlogon @@ -0,0 +1,2 @@ +# This is not implemented yet +^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_ticket_samlogon diff --git a/testcases/smbtorture/selftest/knownfail.d/sid-strings b/testcases/smbtorture/selftest/knownfail.d/sid-strings index c64510e..5218b93 100644 --- a/testcases/smbtorture/selftest/knownfail.d/sid-strings +++ b/testcases/smbtorture/selftest/knownfail.d/sid-strings @@ -49,17 +49,13 @@ ^samba.tests.sid_strings.+.SidStringTests.test_sid_string_internal_Aa.ad_dc ^samba.tests.sid_strings.+.SidStringTests.test_sid_string_internal_aA.ad_dc ^samba.tests.sid_strings.+.SidStringTests.test_sid_string_internal_aa.ad_dc -^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-0-5-32-579.ad_dc -^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-1-0x500000000-0x500000000-579.ad_dc -^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-1-0xABcDef123-0xABCDef123-579.ad_dc +^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-0-5-32-545.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-1-3-0.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-1-5-3.2-579.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-10-5-32-579.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-2-5-32-579.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-0-5-32-579.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-0x05-32-579.ad_dc -^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-0x500000000-0x500000000-579.ad_dc -^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-0xABcDef123-0xABCDef123-579.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-3-0.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-5-3.2-579.ad_dc ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-10-5-32-579.ad_dc diff --git a/testcases/smbtorture/selftest/knownfail.d/smb2.durable-v2-open.bug15708 b/testcases/smbtorture/selftest/knownfail.d/smb2.durable-v2-open.bug15708 new file mode 100644 index 0000000..3a6380c --- /dev/null +++ b/testcases/smbtorture/selftest/knownfail.d/smb2.durable-v2-open.bug15708 @@ -0,0 +1,7 @@ +# +# https://bugzilla.samba.org/show_bug.cgi?id=15708 is not fixed +# yet, it requires some complex changes within handle_share_mode_lease() +# merging logic of open_mode_check() and delay_for_oplock()... +# +^samba3.smb2.durable-v2-open.keep-disconnected-rh-with-rh-open +^samba3.smb2.durable-v2-open.keep-disconnected-rh-with-rwh-open diff --git a/testcases/smbtorture/selftest/knownfail.d/smb2_credits b/testcases/smbtorture/selftest/knownfail.d/smb2_credits new file mode 100644 index 0000000..79c9038 --- /dev/null +++ b/testcases/smbtorture/selftest/knownfail.d/smb2_credits @@ -0,0 +1,7 @@ +samba3.smb2.credits.*1conn_ipc_max_async_credits +samba3.smb2.credits.*2conn_ipc_max_async_credits +samba3.smb2.credits.*multichannel_ipc_max_async_credits +samba3.smb2.credits.*1conn_notify_max_async_credits +samba3.smb2.credits.*2conn_notify_max_async_credits +samba3.smb2.credits.*multichannel_max_async_credits +samba3.smb2.credits.*ipc_max_data_zero diff --git a/testcases/smbtorture/selftest/knownfail.d/smbcacls b/testcases/smbtorture/selftest/knownfail.d/smbcacls deleted file mode 100644 index e69de29..0000000 diff --git a/testcases/smbtorture/selftest/knownfail.d/symlink b/testcases/smbtorture/selftest/knownfail.d/symlink deleted file mode 100644 index 6413566..0000000 --- a/testcases/smbtorture/selftest/knownfail.d/symlink +++ /dev/null @@ -1,4 +0,0 @@ -^samba.tests.smb2symlink.samba.tests.smb2symlink.Smb2SymlinkTests.test_symlinkerror_directory -^samba.tests.smb2symlink.samba.tests.smb2symlink.Smb2SymlinkTests.test_symlinkerror_file -^samba.tests.smb2symlink.samba.tests.smb2symlink.Smb2SymlinkTests.test_symlinkerror_absolute_outside_share -^samba.tests.smb2symlink.samba.tests.smb2symlink.Smb2SymlinkTests.test_symlinkerror_absolute_inshare diff --git a/testcases/smbtorture/selftest/knownfail.d/user_getpassword_gmsa b/testcases/smbtorture/selftest/knownfail.d/user_getpassword_gmsa index 4a4fec9..a9d4afe 100644 --- a/testcases/smbtorture/selftest/knownfail.d/user_getpassword_gmsa +++ b/testcases/smbtorture/selftest/knownfail.d/user_getpassword_gmsa @@ -1 +1,3 @@ -^samba.tests.samba_tool.user_getpassword_gmsa.samba.tests.samba_tool.user_getpassword_gmsa.GMSAPasswordTest +^samba.tests.samba_tool.user_getpassword_gmsa.samba.tests.samba_tool.user_getpassword_gmsa.GMSAPasswordTest.test_unicode_pwd\(ad_dc_default\) +^samba.tests.samba_tool.user_getpassword_gmsa.samba.tests.samba_tool.user_getpassword_gmsa.GMSAPasswordTest.test_utf16_password\(ad_dc_default\) +^samba.tests.samba_tool.user_getpassword_gmsa.samba.tests.samba_tool.user_getpassword_gmsa.GMSAPasswordTest.test_utf8_password\(ad_dc_default\)