OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	02/03/2022 06:37:41 AM	rwxr-xr-x
📄 __init__.py	14.23 KB	11/15/2017 07:42:13 AM	rw-r--r--
📄 __init__.pyc	17.38 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 auth.py	2.36 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 auth.pyc	2.47 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 auth_log.py	56.47 KB	08/15/2017 07:16:59 AM	rw-r--r--
📄 auth_log.pyc	40.28 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 auth_log_base.py	4.18 KB	08/15/2017 07:16:59 AM	rw-r--r--
📄 auth_log_base.pyc	4.1 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 auth_log_ncalrpc.py	4.07 KB	08/15/2017 07:16:59 AM	rw-r--r--
📄 auth_log_ncalrpc.pyc	3.79 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 auth_log_netlogon.py	5.05 KB	08/15/2017 07:16:59 AM	rw-r--r--
📄 auth_log_netlogon.pyc	4.56 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 auth_log_netlogon_bad_creds.py	7.06 KB	08/15/2017 07:16:59 AM	rw-r--r--
📄 auth_log_netlogon_bad_creds.pyc	6.55 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 auth_log_pass_change.py	12.91 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 auth_log_pass_change.pyc	10.67 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 auth_log_samlogon.py	6.66 KB	08/15/2017 07:16:59 AM	rw-r--r--
📄 auth_log_samlogon.pyc	6.19 KB	02/03/2022 06:37:41 AM	rw-r--r--
📁 blackbox	-	02/03/2022 06:37:41 AM	rwxr-xr-x
📄 common.py	3.04 KB	02/07/2018 08:37:51 AM	rw-r--r--
📄 common.pyc	2.86 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 core.py	2.7 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 core.pyc	3.77 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 credentials.py	19.83 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 credentials.pyc	19.06 KB	02/03/2022 06:37:41 AM	rw-r--r--
📁 dcerpc	-	02/03/2022 06:37:41 AM	rwxr-xr-x
📄 dns.py	51.4 KB	01/25/2022 03:20:03 PM	rw-r--r--
📄 dns.pyc	36.48 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 dns_base.py	13.99 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 dns_base.pyc	13.28 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 dns_forwarder.py	21.23 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 dns_forwarder.pyc	20.21 KB	02/03/2022 06:37:41 AM	rw-r--r--
📁 dns_forwarder_helpers	-	02/03/2022 06:37:41 AM	rwxr-xr-x
📄 dns_packet.py	6.6 KB	01/25/2022 03:20:03 PM	rw-r--r--
📄 dns_packet.pyc	6.97 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 dns_tkey.py	7.24 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 dns_tkey.pyc	6.13 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 dns_wildcard.py	10.9 KB	11/02/2017 11:38:36 AM	rw-r--r--
📄 dns_wildcard.pyc	8.4 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 docs.py	13.95 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 docs.pyc	11.37 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 dsdb.py	18.84 KB	08/15/2017 07:16:59 AM	rw-r--r--
📄 dsdb.pyc	14.93 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 dsdb_schema_attributes.py	7.93 KB	11/02/2017 11:38:36 AM	rw-r--r--
📄 dsdb_schema_attributes.pyc	6.96 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 gensec.py	7.85 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 gensec.pyc	6.61 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 get_opt.py	1.86 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 get_opt.pyc	1.75 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 glue.py	2.59 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 glue.pyc	3.43 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 hostconfig.py	2.15 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 hostconfig.pyc	3.45 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 join.py	6.5 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 join.pyc	5.45 KB	02/03/2022 06:37:41 AM	rw-r--r--
📁 kcc	-	02/03/2022 06:37:41 AM	rwxr-xr-x
📄 libsmb_samba_internal.py	2.38 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 libsmb_samba_internal.pyc	2.71 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 lsa_string.py	2.52 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 lsa_string.pyc	2.21 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 messaging.py	4.97 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 messaging.pyc	5.37 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 net_join.py	2.29 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 net_join.pyc	2.22 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 net_join_no_spnego.py	3.34 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 net_join_no_spnego.pyc	3.15 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 netcmd.py	3 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 netcmd.pyc	3.95 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 netlogonsvc.py	2.43 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 netlogonsvc.pyc	2.14 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 ntacls.py	4.09 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 ntacls.pyc	4.69 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 ntlmauth.py	3 KB	08/29/2017 04:12:36 AM	rw-r--r--
📄 ntlmauth.pyc	2.73 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 pam_winbind.py	1.67 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 pam_winbind.pyc	1.43 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 param.py	3.59 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 param.pyc	4.8 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 password_hash.py	12.44 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 password_hash.pyc	7.84 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 password_hash_fl2003.py	7.38 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 password_hash_fl2003.pyc	5.48 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 password_hash_fl2008.py	7.94 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 password_hash_fl2008.pyc	5.66 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 password_hash_gpgme.py	8.78 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 password_hash_gpgme.pyc	6.41 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 password_hash_ldap.py	4.85 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 password_hash_ldap.pyc	4.63 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 policy.py	1.15 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 policy.pyc	1.03 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 posixacl.py	37.62 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 posixacl.pyc	26.85 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 provision.py	6.22 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 provision.pyc	9.79 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 py_credentials.py	13.71 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 py_credentials.pyc	10.64 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 registry.py	1.73 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 registry.pyc	2.37 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 samba3.py	8.24 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 samba3.pyc	11.54 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 samba3sam.py	48.33 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 samba3sam.pyc	31.65 KB	02/03/2022 06:37:41 AM	rw-r--r--
📁 samba_tool	-	02/03/2022 06:37:41 AM	rwxr-xr-x
📄 samdb.py	3.51 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 samdb.pyc	3.11 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 security.py	5.36 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 security.pyc	7.81 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 source.py	8.06 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 source.pyc	7.48 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 strings.py	4.12 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 strings.pyc	2.96 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 subunitrun.py	2.33 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 subunitrun.pyc	1.84 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 unicodenames.py	1.07 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 unicodenames.pyc	555 bytes	02/03/2022 06:37:41 AM	rw-r--r--
📄 upgrade.py	1.36 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 upgrade.pyc	1.28 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 upgradeprovision.py	6.66 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 upgradeprovision.pyc	6.57 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 upgradeprovisionneeddc.py	7.29 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 upgradeprovisionneeddc.pyc	8.08 KB	02/03/2022 06:37:41 AM	rw-r--r--
📄 xattr.py	4.11 KB	07/04/2017 10:05:25 AM	rw-r--r--
📄 xattr.pyc	4.57 KB	02/03/2022 06:37:41 AM	rw-r--r--

Editing: auth_log.py

# Unix SMB/CIFS implementation.
# Copyright (C) Andrew Bartlett <abartlet@samba.org> 2017
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

"""Tests for the Auth and AuthZ logging.
"""

from samba import auth
import samba.tests
from samba.messaging import Messaging
from samba.dcerpc.messaging import MSG_AUTH_LOG, AUTH_EVENT_NAME
from samba.dcerpc import srvsvc, dnsserver
import time
import json
import os
from samba import smb
from samba.samdb import SamDB
import samba.tests.auth_log_base
from samba.credentials import Credentials, DONT_USE_KERBEROS, MUST_USE_KERBEROS
from samba import NTSTATUSError
from subprocess import call
from ldb import LdbError

class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):

def setUp(self):
        super(AuthLogTests, self).setUp()
        self.remoteAddress = os.environ["CLIENT_IP"]

def tearDown(self):
        super(AuthLogTests, self).tearDown()

def _test_rpc_ncacn_np(self, authTypes, creds, service,
                           binding, protection, checkFunction):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    (msg["Authorization"]["serviceDescription"] == "DCE/RPC" or
                     msg["Authorization"]["serviceDescription"] == service) and
                    msg["Authorization"]["authType"] == authTypes[0] and
                    msg["Authorization"]["transportProtection"] == protection)

if binding:
            binding = "[%s]" % binding

if service == "dnsserver":
            x = dnsserver.dnsserver("ncacn_np:%s%s" % (self.server, binding),
                                self.get_loadparm(),
                                creds)
        elif service == "srvsvc":
            x = srvsvc.srvsvc("ncacn_np:%s%s" % (self.server, binding),
                              self.get_loadparm(),
                              creds)

# The connection is passed to ensure the server
        # messaging context stays up until all the messages have been received.
        messages = self.waitForMessages(isLastExpectedMessage, x)
        checkFunction(messages, authTypes, service, binding, protection)

def rpc_ncacn_np_ntlm_check(self, messages, authTypes, service,
                                binding, protection):

expected_messages = len(authTypes)
        self.assertEquals(expected_messages,
                          len(messages),
                          "Did not receive the expected number of messages")

# Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("SMB",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals(authTypes[1], msg["Authentication"]["authDescription"])

# Check the second message it should be an Authorization
        msg = messages[1]
        self.assertEquals("Authorization", msg["type"])
        self.assertEquals("SMB",
                          msg["Authorization"]["serviceDescription"])
        self.assertEquals(authTypes[2], msg["Authorization"]["authType"])
        self.assertEquals("SMB", msg["Authorization"]["transportProtection"])

# Check the third message it should be an Authentication
        # if we are expecting 4 messages
        if expected_messages == 4:
            def checkServiceDescription(desc):
                return (desc == "DCE/RPC" or desc == service)

msg = messages[2]
            self.assertEquals("Authentication", msg["type"])
            self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
            self.assertTrue(
                checkServiceDescription(msg["Authentication"]["serviceDescription"]))

self.assertEquals(authTypes[3], msg["Authentication"]["authDescription"])

def rpc_ncacn_np_krb5_check(self, messages, authTypes, service, binding, protection):

expected_messages = len(authTypes)
        self.assertEquals(expected_messages,
                          len(messages),
                          "Did not receive the expected number of messages")

# Check the first message it should be an Authentication
        # This is almost certainly Authentication over UDP, and is probably
        # returning message too big,
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("Kerberos KDC",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals(authTypes[1], msg["Authentication"]["authDescription"])

# Check the second message it should be an Authentication
        # This this the TCP Authentication in response to the message too big
        # response to the UDP Authentication
        msg = messages[1]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("Kerberos KDC",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals(authTypes[2], msg["Authentication"]["authDescription"])

# Check the third message it should be an Authorization
        msg = messages[2]
        self.assertEquals("Authorization", msg["type"])
        serviceDescription = "SMB"
        print "binding %s" % binding
        if binding == "[smb2]":
            serviceDescription = "SMB2"

self.assertEquals(serviceDescription,
                          msg["Authorization"]["serviceDescription"])
        self.assertEquals(authTypes[3], msg["Authorization"]["authType"])
        self.assertEquals("SMB", msg["Authorization"]["transportProtection"])

def test_rpc_ncacn_np_ntlm_dns_sign(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        self._test_rpc_ncacn_np(["NTLMSSP",
                                 "NTLMSSP",
                                 "NTLMSSP",
                                 "NTLMSSP"],
                                creds, "dnsserver", "sign", "SIGN",
                                self.rpc_ncacn_np_ntlm_check)

def test_rpc_ncacn_np_ntlm_srv_sign(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        self._test_rpc_ncacn_np(["NTLMSSP",
                                 "NTLMSSP",
                                 "NTLMSSP",
                                 "NTLMSSP"],
                                creds, "srvsvc", "sign", "SIGN",
                                self.rpc_ncacn_np_ntlm_check)

def test_rpc_ncacn_np_ntlm_dns(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        self._test_rpc_ncacn_np(["ncacn_np",
                                 "NTLMSSP",
                                 "NTLMSSP"],
                                creds, "dnsserver", "", "SMB",
                                self.rpc_ncacn_np_ntlm_check)

def test_rpc_ncacn_np_ntlm_srv(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        self._test_rpc_ncacn_np(["ncacn_np",
                                 "NTLMSSP",
                                 "NTLMSSP"],
                                creds, "srvsvc", "", "SMB",
                                self.rpc_ncacn_np_ntlm_check)

def test_rpc_ncacn_np_krb_dns_sign(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_np(["krb5",
                                 "ENC-TS Pre-authentication",
                                 "ENC-TS Pre-authentication",
                                 "krb5"],
                                 creds, "dnsserver", "sign", "SIGN",
                                 self.rpc_ncacn_np_krb5_check)

def test_rpc_ncacn_np_krb_srv_sign(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_np(["krb5",
                                 "ENC-TS Pre-authentication",
                                 "ENC-TS Pre-authentication",
                                 "krb5"],
                                 creds, "srvsvc", "sign", "SIGN",
                                 self.rpc_ncacn_np_krb5_check)

def test_rpc_ncacn_np_krb_dns(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_np(["ncacn_np",
                                 "ENC-TS Pre-authentication",
                                 "ENC-TS Pre-authentication",
                                 "krb5"],
                                creds, "dnsserver", "", "SMB",
                                self.rpc_ncacn_np_krb5_check)

def test_rpc_ncacn_np_krb_dns_smb2(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_np(["ncacn_np",
                                 "ENC-TS Pre-authentication",
                                 "ENC-TS Pre-authentication",
                                 "krb5"],
                                creds, "dnsserver", "smb2", "SMB",
                                self.rpc_ncacn_np_krb5_check)

def test_rpc_ncacn_np_krb_srv(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_np(["ncacn_np",
                                "ENC-TS Pre-authentication",
                                "ENC-TS Pre-authentication",
                                "krb5"],
                                creds, "srvsvc", "", "SMB",
                                self.rpc_ncacn_np_krb5_check)

def _test_rpc_ncacn_ip_tcp(self, authTypes, creds, service,
                               binding, protection, checkFunction):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "DCE/RPC" and
                    msg["Authorization"]["authType"] == authTypes[0] and
                    msg["Authorization"]["transportProtection"] == protection)

if binding:
            binding = "[%s]" % binding

if service == "dnsserver":
            conn = dnsserver.dnsserver("ncacn_ip_tcp:%s%s" % (self.server, binding),
                                       self.get_loadparm(),
                                       creds)
        elif service == "srvsvc":
            conn = srvsvc.srvsvc("ncacn_ip_tcp:%s%s" % (self.server, binding),
                                 self.get_loadparm(),
                                 creds)

messages = self.waitForMessages(isLastExpectedMessage, conn)
        checkFunction(messages, authTypes, service, binding, protection)

def rpc_ncacn_ip_tcp_ntlm_check(self, messages, authTypes, service,
                                    binding, protection):

expected_messages = len(authTypes)
        self.assertEquals(expected_messages,
                          len(messages),
                          "Did not receive the expected number of messages")

# Check the first message it should be an Authorization
        msg = messages[0]
        self.assertEquals("Authorization", msg["type"])
        self.assertEquals("DCE/RPC",
                          msg["Authorization"]["serviceDescription"])
        self.assertEquals(authTypes[1], msg["Authorization"]["authType"])
        self.assertEquals("NONE", msg["Authorization"]["transportProtection"])

def rpc_ncacn_ip_tcp_krb5_check(self, messages, authTypes, service,
                                    binding, protection):

expected_messages = len(authTypes)
        self.assertEquals(expected_messages,
                          len(messages),
                          "Did not receive the expected number of messages")

# Check the third message it should be an Authentication
        msg = messages[2]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("Kerberos KDC",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals(authTypes[2], msg["Authentication"]["authDescription"])

def test_rpc_ncacn_ip_tcp_ntlm_dns_sign(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        self._test_rpc_ncacn_ip_tcp(["NTLMSSP",
                                     "ncacn_ip_tcp",
                                     "NTLMSSP"],
                                     creds, "dnsserver", "sign", "SIGN",
                                     self.rpc_ncacn_ip_tcp_ntlm_check)

def test_rpc_ncacn_ip_tcp_krb5_dns_sign(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_ip_tcp(["krb5",
                                     "ncacn_ip_tcp",
                                     "ENC-TS Pre-authentication",
                                     "ENC-TS Pre-authentication"],
                                     creds, "dnsserver", "sign", "SIGN",
                                     self.rpc_ncacn_ip_tcp_krb5_check)

def test_rpc_ncacn_ip_tcp_ntlm_dns(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        self._test_rpc_ncacn_ip_tcp(["NTLMSSP",
                                     "ncacn_ip_tcp",
                                     "NTLMSSP"],
                                     creds, "dnsserver", "", "SIGN",
                                     self.rpc_ncacn_ip_tcp_ntlm_check)

def test_rpc_ncacn_ip_tcp_krb5_dns(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_ip_tcp(["krb5",
                                     "ncacn_ip_tcp",
                                     "ENC-TS Pre-authentication",
                                     "ENC-TS Pre-authentication"],
                                     creds, "dnsserver", "", "SIGN",
                                     self.rpc_ncacn_ip_tcp_krb5_check)

def test_rpc_ncacn_ip_tcp_ntlm_dns_connect(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        self._test_rpc_ncacn_ip_tcp(["NTLMSSP",
                                     "ncacn_ip_tcp",
                                     "NTLMSSP"],
                                     creds, "dnsserver", "connect", "NONE",
                                     self.rpc_ncacn_ip_tcp_ntlm_check)

def test_rpc_ncacn_ip_tcp_krb5_dns_connect(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_ip_tcp(["krb5",
                                     "ncacn_ip_tcp",
                                     "ENC-TS Pre-authentication",
                                     "ENC-TS Pre-authentication"],
                                     creds, "dnsserver", "connect", "NONE",
                                     self.rpc_ncacn_ip_tcp_krb5_check)

def test_rpc_ncacn_ip_tcp_ntlm_dns_seal(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        self._test_rpc_ncacn_ip_tcp(["NTLMSSP",
                                     "ncacn_ip_tcp",
                                     "NTLMSSP"],
                                     creds, "dnsserver", "seal", "SEAL",
                                     self.rpc_ncacn_ip_tcp_ntlm_check)

def test_rpc_ncacn_ip_tcp_krb5_dns_seal(self):
        creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=MUST_USE_KERBEROS)
        self._test_rpc_ncacn_ip_tcp(["krb5",
                                     "ncacn_ip_tcp",
                                     "ENC-TS Pre-authentication",
                                     "ENC-TS Pre-authentication"],
                                     creds, "dnsserver", "seal", "SEAL",
                                     self.rpc_ncacn_ip_tcp_krb5_check)

def test_ldap(self):

def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "LDAP" and
                    msg["Authorization"]["transportProtection"] == "SIGN" and
                    msg["Authorization"]["authType"] == "krb5")

self.samdb = SamDB(url="ldap://%s" % os.environ["SERVER"],
                           lp = self.get_loadparm(),
                           credentials=self.get_credentials())

messages = self.waitForMessages(isLastExpectedMessage)
        self.assertEquals(3,
                          len(messages),
                          "Did not receive the expected number of messages")

# Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("Kerberos KDC",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals("ENC-TS Pre-authentication",
                           msg["Authentication"]["authDescription"])

# Check the first message it should be an Authentication
        msg = messages[1]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("Kerberos KDC",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals("ENC-TS Pre-authentication",
                           msg["Authentication"]["authDescription"])

def test_ldap_ntlm(self):

def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "LDAP" and
                    msg["Authorization"]["transportProtection"] == "SEAL" and
                    msg["Authorization"]["authType"] == "NTLMSSP")

self.samdb = SamDB(url="ldap://%s" % os.environ["SERVER_IP"],
                           lp = self.get_loadparm(),
                           credentials=self.get_credentials())

messages = self.waitForMessages(isLastExpectedMessage)
        self.assertEquals(2,
                          len(messages),
                          "Did not receive the expected number of messages")
        # Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("LDAP",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals("NTLMSSP", msg["Authentication"]["authDescription"])

def test_ldap_simple_bind(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "LDAP" and
                    msg["Authorization"]["transportProtection"] == "TLS" and
                    msg["Authorization"]["authType"] == "simple bind")

creds = self.insta_creds(template=self.get_credentials())
        creds.set_bind_dn("%s\\%s" % (creds.get_domain(),
                                     creds.get_username()))

self.samdb = SamDB(url="ldaps://%s" % os.environ["SERVER"],
                           lp = self.get_loadparm(),
                           credentials=creds)

messages = self.waitForMessages(isLastExpectedMessage)
        self.assertEquals(2,
                          len(messages),
                          "Did not receive the expected number of messages")

# Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("LDAP",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals("simple bind",
                           msg["Authentication"]["authDescription"])

def test_ldap_simple_bind_bad_password(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"] == "LDAP" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_WRONG_PASSWORD" and
                    msg["Authentication"]["authDescription"] == "simple bind")

creds = self.insta_creds(template=self.get_credentials())
        creds.set_password("badPassword")
        creds.set_bind_dn("%s\\%s" % (creds.get_domain(),
                                     creds.get_username()))

thrown = False
        try:
            self.samdb = SamDB(url="ldaps://%s" % os.environ["SERVER"],
                               lp = self.get_loadparm(),
                               credentials=creds)
        except LdbError:
            thrown = True
        self.assertEquals(thrown, True)

messages = self.waitForMessages(isLastExpectedMessage)
        self.assertEquals(1,
                          len(messages),
                          "Did not receive the expected number of messages")

def test_ldap_simple_bind_bad_user(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"] == "LDAP" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_NO_SUCH_USER" and
                    msg["Authentication"]["authDescription"] == "simple bind")

creds = self.insta_creds(template=self.get_credentials())
        creds.set_bind_dn("%s\\%s" % (creds.get_domain(), "badUser"))

def test_ldap_simple_bind_unparseable_user(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"] == "LDAP" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_NO_SUCH_USER" and
                    msg["Authentication"]["authDescription"] == "simple bind")

creds = self.insta_creds(template=self.get_credentials())
        creds.set_bind_dn("%s\\%s" % (creds.get_domain(), "abdcef"))

#
    # Note: as this test does not expect any messages it will
    #       time out in the call to self.waitForMessages.
    #       This is expected, but it will slow this test.
    def test_ldap_anonymous_access_bind_only(self):
        # Should be no logging for anonymous bind
        # so receiving any message indicates a failure.
        def isLastExpectedMessage( msg):
            return True

creds = self.insta_creds(template=self.get_credentials())
        creds.set_anonymous()

self.samdb = SamDB(url="ldaps://%s" % os.environ["SERVER"],
                           lp = self.get_loadparm(),
                           credentials=creds)

messages = self.waitForMessages( isLastExpectedMessage)
        self.assertEquals(0,
                          len(messages),
                          "Did not receive the expected number of messages")

def test_ldap_anonymous_access(self):
        def isLastExpectedMessage( msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"]  == "LDAP" and
                    msg["Authorization"]["transportProtection"] == "TLS" and
                    msg["Authorization"]["account"] == "ANONYMOUS LOGON" and
                    msg["Authorization"]["authType"] == "no bind")

creds = self.insta_creds(template=self.get_credentials())
        creds.set_anonymous()

self.samdb = SamDB(url="ldaps://%s" % os.environ["SERVER"],
                           lp = self.get_loadparm(),
                           credentials=creds)

try:
            res = self.samdb.search(base=self.samdb.domain_dn())
            self.fail( "Expected an LdbError exception")
        except LdbError:
            pass

messages = self.waitForMessages( isLastExpectedMessage)
        self.assertEquals(1,
                          len(messages),
                          "Did not receive the expected number of messages")
    def test_smb(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "SMB" and
                    msg["Authorization"]["authType"] == "krb5" and
                    msg["Authorization"]["transportProtection"] == "SMB")

creds = self.insta_creds(template=self.get_credentials())
        smb.SMB(self.server,
                "sysvol",
                lp=self.get_loadparm(),
                creds=creds)

messages = self.waitForMessages(isLastExpectedMessage)
        self.assertEquals(3,
                          len(messages),
                          "Did not receive the expected number of messages")
        # Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("Kerberos KDC",
                           msg["Authentication"]["serviceDescription"])
        self.assertEquals("ENC-TS Pre-authentication",
                           msg["Authentication"]["authDescription"])

def test_smb_bad_password(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"]
                        == "Kerberos KDC" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_WRONG_PASSWORD" and
                    msg["Authentication"]["authDescription"]
                        == "ENC-TS Pre-authentication")

creds = self.insta_creds(template=self.get_credentials())
        creds.set_password("badPassword")

thrown = False
        try:
            smb.SMB(self.server,
                    "sysvol",
                    lp=self.get_loadparm(),
                    creds=creds)
        except NTSTATUSError:
            thrown = True
        self.assertEquals(thrown, True)

def test_smb_bad_user(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"]
                        == "Kerberos KDC" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_NO_SUCH_USER" and
                    msg["Authentication"]["authDescription"]
                        == "ENC-TS Pre-authentication")

creds = self.insta_creds(template=self.get_credentials())
        creds.set_username("badUser")

def test_smb1_anonymous(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "SMB" and
                    msg["Authorization"]["authType"] == "NTLMSSP" and
                    msg["Authorization"]["account"] == "ANONYMOUS LOGON" and
                    msg["Authorization"]["transportProtection"] == "SMB")

server   = os.environ["SERVER"]

path = "//%s/IPC$" % server
        auth = "-N"
        call(["bin/smbclient", path, auth, "-mNT1", "-c quit"])

# Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_NO_SUCH_USER",
                          msg["Authentication"]["status"])
        self.assertEquals("SMB",
                          msg["Authentication"]["serviceDescription"])
        self.assertEquals("NTLMSSP",
                          msg["Authentication"]["authDescription"])
        self.assertEquals("No-Password",
                          msg["Authentication"]["passwordType"])

# Check the second message it should be an Authentication
        msg = messages[1]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK",
                          msg["Authentication"]["status"])
        self.assertEquals("SMB",
                          msg["Authentication"]["serviceDescription"])
        self.assertEquals("NTLMSSP",
                          msg["Authentication"]["authDescription"])
        self.assertEquals("No-Password",
                          msg["Authentication"]["passwordType"])
        self.assertEquals("ANONYMOUS LOGON",
                          msg["Authentication"]["becameAccount"])

def test_smb2_anonymous(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "SMB2" and
                    msg["Authorization"]["authType"] == "NTLMSSP" and
                    msg["Authorization"]["account"] == "ANONYMOUS LOGON" and
                    msg["Authorization"]["transportProtection"] == "SMB")

server   = os.environ["SERVER"]

path = "//%s/IPC$" % server
        auth = "-N"
        call(["bin/smbclient", path, auth, "-mSMB3", "-c quit"])

# Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_NO_SUCH_USER",
                          msg["Authentication"]["status"])
        self.assertEquals("SMB2",
                          msg["Authentication"]["serviceDescription"])
        self.assertEquals("NTLMSSP",
                          msg["Authentication"]["authDescription"])
        self.assertEquals("No-Password",
                          msg["Authentication"]["passwordType"])

# Check the second message it should be an Authentication
        msg = messages[1]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK",
                          msg["Authentication"]["status"])
        self.assertEquals("SMB2",
                          msg["Authentication"]["serviceDescription"])
        self.assertEquals("NTLMSSP",
                          msg["Authentication"]["authDescription"])
        self.assertEquals("No-Password",
                          msg["Authentication"]["passwordType"])
        self.assertEquals("ANONYMOUS LOGON",
                          msg["Authentication"]["becameAccount"])

def test_smb_no_krb_spnego(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "SMB" and
                    msg["Authorization"]["authType"] == "NTLMSSP" and
                    msg["Authorization"]["transportProtection"] == "SMB")

creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        smb.SMB(self.server,
                "sysvol",
                lp=self.get_loadparm(),
                creds=creds)

messages = self.waitForMessages(isLastExpectedMessage)
        self.assertEquals(2,
                          len(messages),
                          "Did not receive the expected number of messages")
        # Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("SMB",
                          msg["Authentication"]["serviceDescription"])
        self.assertEquals("NTLMSSP",
                          msg["Authentication"]["authDescription"])
        self.assertEquals("NTLMv2",
                          msg["Authentication"]["passwordType"])

def test_smb_no_krb_spnego_bad_password(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"] == "SMB" and
                    msg["Authentication"]["authDescription"] == "NTLMSSP" and
                    msg["Authentication"]["passwordType"] == "NTLMv2" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_WRONG_PASSWORD")

creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        creds.set_password("badPassword")

def test_smb_no_krb_spnego_bad_user(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"] == "SMB" and
                    msg["Authentication"]["authDescription"] == "NTLMSSP" and
                    msg["Authentication"]["passwordType"] == "NTLMv2" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_NO_SUCH_USER")

creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        creds.set_username("badUser")

def test_smb_no_krb_no_spnego_no_ntlmv2(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authorization" and
                    msg["Authorization"]["serviceDescription"] == "SMB" and
                    msg["Authorization"]["authType"] == "bare-NTLM" and
                    msg["Authorization"]["transportProtection"] == "SMB")

messages = self.waitForMessages(isLastExpectedMessage)
        self.assertEquals(2,
                          len(messages),
                          "Did not receive the expected number of messages")
        # Check the first message it should be an Authentication
        msg = messages[0]
        self.assertEquals("Authentication", msg["type"])
        self.assertEquals("NT_STATUS_OK", msg["Authentication"]["status"])
        self.assertEquals("SMB",
                          msg["Authentication"]["serviceDescription"])
        self.assertEquals("bare-NTLM",
                          msg["Authentication"]["authDescription"])
        self.assertEquals("NTLMv1",
                          msg["Authentication"]["passwordType"])

def test_smb_no_krb_no_spnego_no_ntlmv2_bad_password(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"] == "SMB" and
                    msg["Authentication"]["authDescription"] == "bare-NTLM" and
                    msg["Authentication"]["passwordType"] == "NTLMv1" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_WRONG_PASSWORD")

creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        creds.set_password("badPassword")

thrown = False
        try:
            smb.SMB(self.server,
                    "sysvol",
                    lp=self.get_loadparm(),
                    creds=creds,
                    ntlmv2_auth=False,
                    use_spnego=False)
        except NTSTATUSError:
            thrown = True
        self.assertEquals(thrown, True)

def test_smb_no_krb_no_spnego_no_ntlmv2_bad_user(self):
        def isLastExpectedMessage(msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"] == "SMB" and
                    msg["Authentication"]["authDescription"] == "bare-NTLM" and
                    msg["Authentication"]["passwordType"] == "NTLMv1" and
                    msg["Authentication"]["status"]
                        == "NT_STATUS_NO_SUCH_USER")

creds = self.insta_creds(template=self.get_credentials(),
                                 kerberos_state=DONT_USE_KERBEROS)
        creds.set_username("badUser")

def test_samlogon_interactive(self):

workstation = "AuthLogTests"

def isLastExpectedMessage( msg):
            return (msg["type"] == "Authentication" and
                    msg["Authentication"]["serviceDescription"]
                        == "SamLogon" and
                    msg["Authentication"]["authDescription"]
                        == "interactive" and
                    msg["Authentication"]["status"] == "NT_STATUS_OK" and
                    msg["Authentication"]["workstation"]
                        == r"\\%s" % workstation)

server   = os.environ["SERVER"]
        user     = os.environ["USERNAME"]
        password = os.environ["PASSWORD"]
        samlogon = "samlogon %s %s %s %d" % (user, password, workstation, 1)