Move CCAPI sources to krb5 repository

ticket: new
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19564 dc483132-0cff-0310-8789-dd5450dbe970

50 files changed, 4573 insertions, 0 deletions

diff --git a/src/ccapi/test/Makefile b/src/ccapi/test/Makefile
new file mode 100644
index 0000000000..28d487c010
--- /dev/null
+++ b/src/ccapi/test/Makefile
@@ -0,0 +1,60 @@
+# run with "make all" to create CCAPI tests in "/tmp/ccapi_test"
+# run resulting tests with "sh test_ccapi.sh"
+
+CC = gcc
+LIBS = -lkrb5
+
+SRCDIR = src
+DSTROOT = /tmp
+OBJDIR = $(DSTROOT)/ccapi_intermediates
+DSTDIR = $(DSTROOT)/ccapi_test
+TESTDIR = $(DSTDIR)/tests
+
+SCRIPT_NAME = test_ccapi.sh
+
+_OBJECTS = test_ccapi_ccache test_ccapi_check test_ccapi_constants test_ccapi_context test_ccapi_globals test_ccapi_iterators test_ccapi_log test_ccapi_util
+
+OBJECTS = $(patsubst %,$(OBJDIR)/%.o,$(_OBJECTS))
+
+TEST_NAMES = test_constants test_cc_initialize test_cc_context_get_version test_cc_context_release test_cc_context_get_change_time test_cc_context_get_default_ccache_name test_cc_context_open_ccache test_cc_context_open_default_ccache test_cc_context_create_ccache test_cc_context_create_default_ccache test_cc_context_create_new_ccache test_cc_context_new_ccache_iterator test_cc_context_compare test_cc_ccache_release test_cc_ccache_destroy test_cc_ccache_set_default test_cc_ccache_get_credentials_version test_cc_ccache_get_name test_cc_ccache_get_principal test_cc_ccache_set_principal test_cc_ccache_store_credentials test_cc_ccache_remove_credentials test_cc_ccache_new_credentials_iterator test_cc_ccache_get_change_time test_cc_ccache_get_last_default_time test_cc_ccache_move test_cc_ccache_compare test_cc_ccache_get_kdc_time_offset test_cc_ccache_set_kdc_time_offset test_cc_ccache_clear_kdc_time_offset test_cc_ccache_iterator_next test_cc_credentials_iterator_next
+
+TEST_OBJECTS = $(patsubst %,$(OBJDIR)/%.o,$(TEST_NAMES))
+
+all: setup-test-dir build-base build-tests link-tests copy-script success-message
+
+# compile base files used by all tests
+build-base: $(OBJECTS)
+
+# compile each test
+build-tests: $(TEST_OBJECTS)
+
+# rule to compile files in src directory
+$(OBJDIR)/%.o: $(SRCDIR)/%.c
+	$(CC) -c -o $@ $<
+
+# Make a build directory
+setup-test-dir:
+	@echo "Removing old destination directory... $(DSTDIR)"
+	if [ -d "$(DSTDIR)" ]; then chmod -R u+w "$(DSTDIR)" && rm -rf "$(DSTDIR)"; fi
+	mkdir -p "$(TESTDIR)"
+	if [ -d "$(OBJDIR)" ]; then chmod -R u+w "$(OBJDIR)" && rm -rf "$(OBJDIR)"; fi
+	mkdir -p "$(OBJDIR)"
+
+link-tests: $(TEST_NAMES)
+
+$(TEST_NAMES): $(TEST_OBJECTS)
+	$(CC) -o $(TESTDIR)/$@ $(OBJDIR)/$@.o $(OBJECTS) $(LIBS)
+
+copy-script:
+	cp $(SRCDIR)/$(SCRIPT_NAME) $(DSTDIR)/$(SCRIPT_NAME)
+
+success-message:
+	@echo
+	@echo "CCAPI tests created in $(DSTDIR)"
+
+.PHONY: clean
+
+clean:
+	-rm -rf "$(OBJDIR)"
+	
+
diff --git a/src/ccapi/test/main.c b/src/ccapi/test/main.c
new file mode 100644
index 0000000000..94176f5e6d
--- /dev/null
+++ b/src/ccapi/test/main.c
@@ -0,0 +1,69 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+//	cc_ccache_iterator_t cache_iterator = NULL;
+//	cc_credentials_iterator_t cred_iterator = NULL;
+	
+	fprintf(stdout, "Testing CCAPI against CCAPI v3 rev 8 documentation...\n");
+	fprintf(stdout, "Warning: this test suite is woefully incomplete and unpolished.\n");
+	
+	T_CCAPI_INIT;
+	
+	err = check_constants();
+	
+	// *** cc_context ***
+	err = check_cc_initialize();
+	err = check_cc_context_get_version();
+	err = check_cc_context_release();
+	err = check_cc_context_get_change_time();
+	err = check_cc_context_get_default_ccache_name();
+	err = check_cc_context_open_ccache();
+	err = check_cc_context_open_default_ccache();
+	err = check_cc_context_create_ccache();
+	err = check_cc_context_create_default_ccache();
+	err = check_cc_context_create_new_ccache();
+	err = check_cc_context_new_ccache_iterator();
+	// err = check_cc_context_lock();
+	// err = check_cc_context_unlock();
+	err = check_cc_context_compare();
+	
+	// *** cc_ccache ***
+	err = check_cc_ccache_release();
+	err = check_cc_ccache_destroy();
+	err = check_cc_ccache_set_default();
+	err = check_cc_ccache_get_credentials_version();
+	err = check_cc_ccache_get_name();
+	err = check_cc_ccache_get_principal();
+	err = check_cc_ccache_set_principal();
+	err = check_cc_ccache_store_credentials();
+	err = check_cc_ccache_remove_credentials();
+	err = check_cc_ccache_new_credentials_iterator();
+	// err = check_cc_ccache_lock();
+	// err = check_cc_ccache_unlock();
+	err = check_cc_ccache_get_change_time();
+	err = check_cc_ccache_get_last_default_time();
+	err = check_cc_ccache_move();
+	err = check_cc_ccache_compare();
+	err = check_cc_ccache_get_kdc_time_offset();
+	err = check_cc_ccache_set_kdc_time_offset();
+	err = check_cc_ccache_clear_kdc_time_offset();
+	
+	// *** cc_ccache_iterator ***
+	err = check_cc_ccache_iterator_next();
+	
+	// *** cc_credentials_iterator ***
+	err = check_cc_credentials_iterator_next();
+	
+	fprintf(stdout, "\nFinished testing CCAPI. %d failure%s in total.\n", total_failure_count, (total_failure_count == 1) ? "" : "s");
+	
+    return err;
+}
diff --git a/src/ccapi/test/test_cc_ccache_clear_kdc_time_offset.c b/src/ccapi/test/test_cc_ccache_clear_kdc_time_offset.c
new file mode 100644
index 0000000000..ea6300785a
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_clear_kdc_time_offset.c
@@ -0,0 +1,16 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_clear_kdc_time_offset();
+    return err;
+}
diff --git a/src/ccapi/test/test_cc_ccache_compare.c b/src/ccapi/test/test_cc_ccache_compare.c
new file mode 100644
index 0000000000..aec606bb55
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_compare.c
@@ -0,0 +1,16 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_compare();
+    return err;
+}
diff --git a/src/ccapi/test/test_cc_ccache_destroy.c b/src/ccapi/test/test_cc_ccache_destroy.c
new file mode 100644
index 0000000000..ee589e25bd
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_destroy.c
@@ -0,0 +1,16 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_destroy();
+    return err;
+}
diff --git a/src/ccapi/test/test_cc_ccache_get_change_time.c b/src/ccapi/test/test_cc_ccache_get_change_time.c
new file mode 100644
index 0000000000..44d4c2c10b
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_get_change_time.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_get_change_time();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_get_credentials_version.c b/src/ccapi/test/test_cc_ccache_get_credentials_version.c
new file mode 100644
index 0000000000..4f16c9de75
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_get_credentials_version.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_get_credentials_version();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_get_kdc_time_offset.c b/src/ccapi/test/test_cc_ccache_get_kdc_time_offset.c
new file mode 100644
index 0000000000..f3591a3f32
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_get_kdc_time_offset.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_get_kdc_time_offset();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_get_last_default_time.c b/src/ccapi/test/test_cc_ccache_get_last_default_time.c
new file mode 100644
index 0000000000..a2c9e25575
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_get_last_default_time.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_get_last_default_time();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_get_name.c b/src/ccapi/test/test_cc_ccache_get_name.c
new file mode 100644
index 0000000000..749bd9381f
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_get_name.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_get_name();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_get_principal.c b/src/ccapi/test/test_cc_ccache_get_principal.c
new file mode 100644
index 0000000000..8ab935cc9f
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_get_principal.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_get_principal();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_iterator_next.c b/src/ccapi/test/test_cc_ccache_iterator_next.c
new file mode 100644
index 0000000000..8e124e511b
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_iterator_next.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_iterator_next();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_move.c b/src/ccapi/test/test_cc_ccache_move.c
new file mode 100644
index 0000000000..49790e499f
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_move.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_move();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_new_credentials_iterator.c b/src/ccapi/test/test_cc_ccache_new_credentials_iterator.c
new file mode 100644
index 0000000000..fc1acbfb3a
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_new_credentials_iterator.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_new_credentials_iterator();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_release.c b/src/ccapi/test/test_cc_ccache_release.c
new file mode 100644
index 0000000000..1cd2d91f52
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_release.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_release();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_remove_credentials.c b/src/ccapi/test/test_cc_ccache_remove_credentials.c
new file mode 100644
index 0000000000..00fe8c1b1b
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_remove_credentials.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_remove_credentials();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_set_default.c b/src/ccapi/test/test_cc_ccache_set_default.c
new file mode 100644
index 0000000000..40d9bbdc53
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_set_default.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_set_default();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_set_kdc_time_offset.c b/src/ccapi/test/test_cc_ccache_set_kdc_time_offset.c
new file mode 100644
index 0000000000..f8f9a86ccd
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_set_kdc_time_offset.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_set_kdc_time_offset();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_set_principal.c b/src/ccapi/test/test_cc_ccache_set_principal.c
new file mode 100644
index 0000000000..b9b52304b7
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_set_principal.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_set_principal();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_ccache_store_credentials.c b/src/ccapi/test/test_cc_ccache_store_credentials.c
new file mode 100644
index 0000000000..0676d4d077
--- /dev/null
+++ b/src/ccapi/test/test_cc_ccache_store_credentials.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_ccache_store_credentials();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_compare.c b/src/ccapi/test/test_cc_context_compare.c
new file mode 100644
index 0000000000..6155618fbc
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_compare.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_compare();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_create_ccache.c b/src/ccapi/test/test_cc_context_create_ccache.c
new file mode 100644
index 0000000000..dd65a538a4
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_create_ccache.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_create_ccache();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_create_default_ccache.c b/src/ccapi/test/test_cc_context_create_default_ccache.c
new file mode 100644
index 0000000000..b7ef872c9d
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_create_default_ccache.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_create_default_ccache();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_create_new_ccache.c b/src/ccapi/test/test_cc_context_create_new_ccache.c
new file mode 100644
index 0000000000..b460f3a62d
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_create_new_ccache.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_create_new_ccache();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_get_change_time.c b/src/ccapi/test/test_cc_context_get_change_time.c
new file mode 100644
index 0000000000..e6e601885c
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_get_change_time.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_get_change_time();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_get_default_ccache_name.c b/src/ccapi/test/test_cc_context_get_default_ccache_name.c
new file mode 100644
index 0000000000..a0514af5b2
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_get_default_ccache_name.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_get_default_ccache_name();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_get_version.c b/src/ccapi/test/test_cc_context_get_version.c
new file mode 100644
index 0000000000..f3ea8b9f41
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_get_version.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_get_version();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_new_ccache_iterator.c b/src/ccapi/test/test_cc_context_new_ccache_iterator.c
new file mode 100644
index 0000000000..7f89376661
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_new_ccache_iterator.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_new_ccache_iterator();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_open_ccache.c b/src/ccapi/test/test_cc_context_open_ccache.c
new file mode 100644
index 0000000000..7212402c16
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_open_ccache.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_open_ccache();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_open_default_ccache.c b/src/ccapi/test/test_cc_context_open_default_ccache.c
new file mode 100644
index 0000000000..00e0afdef9
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_open_default_ccache.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_open_default_ccache();
+    return err;
+}
+	
\ No newline at end of file
diff --git a/src/ccapi/test/test_cc_context_release.c b/src/ccapi/test/test_cc_context_release.c
new file mode 100644
index 0000000000..5d7d49cb97
--- /dev/null
+++ b/src/ccapi/test/test_cc_context_release.c
@@ -0,0 +1,16 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_context_release();
+    return err;
+}
diff --git a/src/ccapi/test/test_cc_credentials_iterator_next.c b/src/ccapi/test/test_cc_credentials_iterator_next.c
new file mode 100644
index 0000000000..f66a2f77fb
--- /dev/null
+++ b/src/ccapi/test/test_cc_credentials_iterator_next.c
@@ -0,0 +1,16 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_credentials_iterator_next();
+    return err;
+}
diff --git a/src/ccapi/test/test_cc_initialize.c b/src/ccapi/test/test_cc_initialize.c
new file mode 100644
index 0000000000..47eeb3631b
--- /dev/null
+++ b/src/ccapi/test/test_cc_initialize.c
@@ -0,0 +1,16 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_cc_initialize();
+    return err;
+}
diff --git a/src/ccapi/test/test_ccapi_ccache.c b/src/ccapi/test/test_ccapi_ccache.c
new file mode 100644
index 0000000000..cba481c75c
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_ccache.c
@@ -0,0 +1,2025 @@
+#include "test_ccapi_ccache.h"
+
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <limits.h>
+#include "test_ccapi_check.h"
+#include "test_ccapi_util.h"
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_release() {
+	BEGIN_TEST("cc_ccache_release");
+	
+	#ifndef cc_ccache_release
+	log_error("cc_ccache_release is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	
+	
+	
+	if (!err) {
+		check_once_cc_ccache_release(context, ccache, ccNoError, NULL);
+		ccache = NULL;
+	}
+	
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_ccache_release */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_release(cc_context_t context, cc_ccache_t ccache, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_release
+	
+	cc_int32 possible_return_values[2] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_string_t name = NULL;
+	
+	err = cc_ccache_get_name(ccache, &name);
+	err = cc_ccache_release(ccache);
+	ccache = NULL;
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err && name) { // try opening released ccache to make sure it still exists
+		err = cc_context_open_ccache(context, name->data, &ccache);
+	}
+	check_if(err == ccErrCCacheNotFound, "released ccache was actually destroyed instead");
+	
+	if (ccache) { cc_ccache_destroy(ccache); }
+	if (name) { cc_string_release(name); }
+	
+	#endif /* cc_ccache_release */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_destroy() {
+	BEGIN_TEST("cc_ccache_destroy");
+	
+	#ifndef cc_ccache_destroy
+	log_error("cc_ccache_destroy is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	
+	
+	
+	if (!err) {
+		check_once_cc_ccache_destroy(context, ccache, ccNoError, NULL);
+		ccache = NULL;
+	}
+		
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_ccache_destroy */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_destroy(cc_context_t context, cc_ccache_t ccache, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_destroy
+	
+	cc_int32 possible_return_values[2] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_string_t name = NULL;
+	
+	err = cc_ccache_get_name(ccache, &name);
+	err = cc_ccache_destroy(ccache);
+	ccache = NULL;
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err && name) { // try opening released ccache to make sure it still exists
+		err = cc_context_open_ccache(context, name->data, &ccache);
+	}
+	check_if(err != ccErrCCacheNotFound, "destroyed ccache was actually released instead");
+	
+	if (ccache) { cc_ccache_destroy(ccache); }
+	if (name) { cc_string_release(name); }
+	
+	#endif /* cc_ccache_destroy */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_set_default() {
+	BEGIN_TEST("cc_ccache_set_default");
+	
+	#ifndef cc_ccache_set_default
+	log_error("cc_ccache_set_default is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	// try when it's the only ccache (already default)
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_set_default(context, ccache, ccNoError, "when it's the only ccache (already default)");
+	}
+	if (ccache) {
+		err = cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	
+	// try when it's not the only ccache (and not default)
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "baz@BAR.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_set_default(context, ccache, ccNoError, "when it's not the only ccache (and not default)");
+	}
+	if (ccache) {
+		err = cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	
+	// try when it's not the only ccache (and already default)	
+	if (!err) {
+		err = cc_context_open_default_ccache(context, &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_set_default(context, ccache, ccNoError, "when it's not the only ccache (and already default)");
+	}
+	if (ccache) {
+		err = cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+			
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_ccache_set_default */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_set_default(cc_context_t context, cc_ccache_t ccache, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_set_default
+	
+	cc_int32 possible_return_values[3] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_ccache_t default_ccache = NULL;
+	cc_string_t name = NULL;
+	cc_string_t default_name = NULL;
+	
+	err = cc_ccache_set_default(ccache);
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		err = cc_ccache_get_name(ccache, &name);
+	}
+	if (!err) {
+		err = cc_context_open_default_ccache(context, &default_ccache);
+	}
+	if (!err) {
+		err = cc_ccache_get_name(default_ccache, &default_name);
+	}
+	if (name && default_name) {
+		check_if(strcmp(name->data, default_name->data), NULL);
+	}
+	else {
+		check_if(1, "cc_ccache_get_name failed");
+	}
+		
+	if (default_ccache) { cc_ccache_release(default_ccache); }
+	//if (ccache) { cc_ccache_destroy(ccache); } // ccache is released by the caller
+	if (default_name) { cc_string_release(default_name); }
+	if (name) { cc_string_release(name); }
+	
+	#endif /* cc_ccache_set_default */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_get_credentials_version() {
+	BEGIN_TEST("cc_ccache_get_credentials_version");
+	
+	#ifndef cc_ccache_get_credentials_version
+	log_error("cc_ccache_get_credentials_version is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	// try one created with v5 creds
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_credentials_version(ccache, cc_credentials_v5, ccNoError, "v5 creds");
+	}
+	else {
+		log_error("cc_context_create_new_ccache failed, can't complete test");
+		failure_count++;
+	}
+	
+	// try it with added v4 creds
+	if (!err) {
+		err = cc_ccache_set_principal(ccache, cc_credentials_v4, "foo@BAR.ORG");
+	}
+	if (!err) {
+		check_once_cc_ccache_get_credentials_version(ccache, cc_credentials_v4_v5, ccNoError, "v5 with v4 creds added");
+	}
+	else {
+		log_error("cc_ccache_set_principal failed, can't complete test");
+		failure_count++;
+	}
+	
+	if (ccache) {
+		cc_ccache_destroy(ccache);
+		ccache = NULL;
+	}
+	
+	err = ccNoError;
+	
+	// try one created with v4 creds
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v4, "foo@BAR.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_credentials_version(ccache, cc_credentials_v4, ccNoError, "v4 creds");
+	}
+	else {
+		log_error("cc_context_create_new_ccache failed, can't complete test");
+		failure_count++;
+	}
+	
+	// try it with added v5 creds
+	if (!err) {
+		err = cc_ccache_set_principal(ccache, cc_credentials_v5, "foo@BAR.ORG");
+	}
+	if (!err) {
+		check_once_cc_ccache_get_credentials_version(ccache, cc_credentials_v4_v5, ccNoError, "v4 with v5 creds added");
+	}	
+	else {
+		log_error("cc_ccache_set_principal failed, can't complete test");
+		failure_count++;
+	}
+	
+	if (ccache) {
+		cc_ccache_destroy(ccache);
+		ccache = NULL;
+	}
+	
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_ccache_get_credentials_version */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_get_credentials_version(cc_ccache_t ccache, cc_uint32 expected_cred_vers, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_get_credentials_version
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+		ccErrBadParam, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_uint32 stored_cred_vers = 0;
+	
+	err = cc_ccache_get_credentials_version(ccache, &stored_cred_vers);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		check_if(stored_cred_vers != expected_cred_vers, NULL);
+	}
+	
+	#endif /* cc_ccache_get_credentials_version */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_get_name() {
+	BEGIN_TEST("cc_ccache_get_name");
+	
+	#ifndef cc_ccache_get_name
+	log_error("cc_ccache_get_name is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	// try with unique ccache (which happens to be default)
+	if (!err) {
+		err = cc_context_create_ccache(context, "0", cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_name(ccache, "0", ccNoError, "unique ccache (which happens to be default)");
+	}
+	else {
+		log_error("cc_context_create_ccache failed, can't complete test");
+		failure_count++;
+	}	
+	if (ccache) {
+		cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	
+	// try with unique ccache (which is not default)
+	if (!err) {
+		err = cc_context_create_ccache(context, "1", cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_name(ccache, "1", ccNoError, "unique ccache (which is not default)");
+	}
+	else {
+		log_error("cc_context_create_ccache failed, can't complete test");
+		failure_count++;
+	}
+	
+	// try with bad param
+	if (!err) {
+		check_once_cc_ccache_get_name(ccache, NULL, ccErrBadParam, "NULL param");
+	}
+	if (ccache) {
+		cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	
+	if (context) { 
+		err = destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_get_name */
+	
+	END_TEST_AND_RETURN	
+}
+
+cc_int32 check_once_cc_ccache_get_name(cc_ccache_t ccache, const char *expected_name, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_get_name
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+		ccErrBadParam, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_string_t stored_name = NULL;
+	
+	if (expected_name == NULL) { // we want to try with a NULL param
+		err = cc_ccache_get_name(ccache, NULL);
+	}
+	else {
+		err = cc_ccache_get_name(ccache, &stored_name);
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		check_if(strcmp(stored_name->data, expected_name), NULL);
+	}
+	
+	if (stored_name) { cc_string_release(stored_name); }
+	
+	#endif /* cc_ccache_get_name */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_get_principal() {
+	BEGIN_TEST("cc_ccache_get_principal");
+	
+	#ifndef cc_ccache_get_principal
+	log_error("cc_ccache_get_principal is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	// try with krb5 principal
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo/BAR@BAZ.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_principal(ccache, cc_credentials_v5, "foo/BAR@BAZ.ORG", ccNoError);
+	}
+	else {
+		log_error("cc_context_create_new_ccache failed, can't complete test");
+		failure_count++;
+	}
+	if (ccache) {
+		cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	
+	// try with krb4 principal
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v4, "foo.BAR@BAZ.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_principal(ccache, cc_credentials_v4, "foo.BAR@BAZ.ORG", ccNoError);
+	}
+	else {
+		log_error("cc_context_create_new_ccache failed, can't complete test");
+		failure_count++;
+	}
+	
+	// try with bad param
+	if (!err) {
+		// cc_ccache_t doesn't have any concept of the difference between a v4 and v5 principal
+		check_once_cc_ccache_get_principal(ccache, cc_credentials_v4_v5, "foo.BAR@BAZ.ORG", 
+			ccErrBadCredentialsVersion,
+			"passing cc_credentials_v4_v5 (shouldn't be allowed)");
+		check_once_cc_ccache_get_principal(ccache, cc_credentials_v5, NULL, ccErrBadParam);
+	}
+	
+	if (ccache) {
+		cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	
+	if (context) { 
+		err = destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_get_principal */
+	
+	END_TEST_AND_RETURN	
+}
+
+cc_int32 check_once_cc_ccache_get_principal(cc_ccache_t ccache, cc_uint32 cred_vers, const char *expected_principal, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_get_principal
+	
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccErrNoMem, 
+		ccErrBadCredentialsVersion, 
+		ccErrBadParam, 
+		ccErrInvalidCCache, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_string_t stored_principal = NULL;
+	
+	if (expected_principal == NULL) { // we want to try with a NULL param
+		err = cc_ccache_get_principal(ccache, cred_vers, NULL);
+	}
+	else {
+		err = cc_ccache_get_principal(ccache, cred_vers, &stored_principal);
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		check_if(strcmp(stored_principal->data, expected_principal), "expected princ == \"%s\" stored princ == \"%s\"", expected_principal, stored_principal->data);
+	}
+	
+	if (stored_principal) { cc_string_release(stored_principal); }
+	
+	#endif /* cc_ccache_get_principal */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_set_principal() {
+	BEGIN_TEST("cc_ccache_set_principal");
+	
+	#ifndef cc_ccache_set_principal
+	log_error("cc_ccache_set_principal is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	// bad params
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAZ.ORG", &ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_set_principal(ccache, cc_credentials_v4_v5, "foo/BAZ@BAR.ORG", ccErrBadCredentialsVersion, "cc_credentials_v4_v5 (not allowed)");
+		check_once_cc_ccache_set_principal(ccache, cc_credentials_v5, NULL, ccErrBadParam, "NULL principal");
+	}
+	else {
+		log_error("cc_context_create_new_ccache failed, can't complete test");
+		failure_count++;
+	}
+	if (ccache) {
+		cc_ccache_destroy(ccache);
+		ccache = NULL;
+	}
+	
+
+	// empty ccache
+
+		// replace v5 only ccache's principal
+		if (!err) {
+			err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAZ.ORG", &ccache);
+		}
+		if (!err) {
+			check_once_cc_ccache_set_principal(ccache, cc_credentials_v5, "foo/BAZ@BAR.ORG", ccNoError, "replace v5 only ccache's principal (empty ccache)");
+		}
+		else {
+			log_error("cc_context_create_new_ccache failed, can't complete test");
+			failure_count++;
+		}
+		if (ccache) {
+			cc_ccache_destroy(ccache);
+			ccache = NULL;
+		}
+		
+		// add v4 principal to v5 only ccache
+		if (!err) {
+			err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAZ.ORG", &ccache);
+		}
+		if (!err) {
+			check_once_cc_ccache_set_principal(ccache, cc_credentials_v4, "foo.BAZ@BAR.ORG", ccNoError, "add v4 principal to v5 only ccache (empty ccache)");
+		}
+		else {
+			log_error("cc_context_create_new_ccache failed, can't complete test");
+			failure_count++;
+		}
+		if (ccache) {
+			cc_ccache_destroy(ccache);
+			ccache = NULL;
+		}
+
+		// replace v4 only ccache's principal
+		if (!err) {
+			err = cc_context_create_new_ccache(context, cc_credentials_v4, "foo@BAZ.ORG", &ccache);
+		}
+		if (!err) {
+			check_once_cc_ccache_set_principal(ccache, cc_credentials_v4, "foo.BAZ@BAR.ORG", ccNoError, "replace v4 only ccache's principal (empty ccache)");
+		}
+		else {
+			log_error("cc_context_create_new_ccache failed, can't complete test");
+			failure_count++;
+		}
+		if (ccache) {
+			cc_ccache_destroy(ccache);
+			ccache = NULL;
+		}
+		
+		// add v5 principal to v4 only ccache
+		if (!err) {
+			err = cc_context_create_new_ccache(context, cc_credentials_v4, "foo@BAZ.ORG", &ccache);
+		}
+		if (!err) {
+			check_once_cc_ccache_set_principal(ccache, cc_credentials_v5, "foo/BAZ@BAR.ORG", ccNoError, "add v5 principal to v4 only ccache (empty ccache)");
+		}
+		else {
+			log_error("cc_context_create_new_ccache failed, can't complete test");
+			failure_count++;
+		}
+		if (ccache) {
+			cc_ccache_destroy(ccache);
+			ccache = NULL;
+		}
+		
+	// with credentials
+	
+		// replace v5 only ccache's principal
+		
+		// add v4 principal to v5 only ccache
+
+		// replace v4 only ccache's principal
+		
+		// add v5 principal to v4 only ccache
+	
+	if (context) { 
+		err = destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_set_principal */
+	
+	END_TEST_AND_RETURN	
+}
+
+cc_int32 check_once_cc_ccache_set_principal(cc_ccache_t ccache, cc_uint32 cred_vers, const char *in_principal, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_set_principal
+	
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccErrNoMem, 
+		ccErrInvalidCCache, 
+		ccErrBadCredentialsVersion, 
+		ccErrBadParam, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_string_t stored_principal = NULL;
+	
+	err = cc_ccache_set_principal(ccache, cred_vers, in_principal);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		err = cc_ccache_get_principal(ccache, cred_vers, &stored_principal);
+	}
+	
+	// compare stored with input
+	if (!err) {
+		check_if(strcmp(stored_principal->data, in_principal), "expected princ == \"%s\" stored princ == \"%s\"", in_principal, stored_principal->data);
+	}
+	
+	if (stored_principal) { cc_string_release(stored_principal); }
+	
+	#endif /* cc_ccache_set_principal */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_store_credentials() {
+	BEGIN_TEST("cc_ccache_store_credentials");
+	
+	#ifndef cc_ccache_store_credentials
+	log_error("cc_ccache_store_credentials is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_ccache_t dup_ccache = NULL;
+	cc_credentials_union creds_union;
+	cc_string_t name = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+
+	// cred with matching version and realm
+	if (!err) {
+		err = new_v5_creds_union(&creds_union, "BAR.ORG");
+	}
+	
+	if (!err) {
+		check_once_cc_ccache_store_credentials(ccache, &creds_union, ccNoError, "ok creds");
+	}
+	
+	if (&creds_union) { release_v5_creds_union(&creds_union); }
+	
+	// try with bad params
+	check_once_cc_ccache_store_credentials(ccache, NULL, ccErrInvalidCredentials, "NULL creds param");
+	
+	// invalid creds
+	if (!err) {
+		err = new_v5_creds_union(&creds_union, "BAR.ORG");
+	}
+	
+	if (!err) {
+		if (creds_union.credentials.credentials_v5->client) {
+			free(creds_union.credentials.credentials_v5->client);
+			creds_union.credentials.credentials_v5->client = NULL;
+		}
+		check_once_cc_ccache_store_credentials(ccache, &creds_union, ccErrInvalidCredentials, "invalid creds (NULL client string)");
+	}
+	
+	if (&creds_union) { release_v5_creds_union(&creds_union); }
+	
+	// bad creds version
+	if (!err) {
+		err = new_v5_creds_union(&creds_union, "BAR.ORG");
+	}
+	
+	if (!err) {
+		creds_union.version = cc_credentials_v4_v5;
+		check_once_cc_ccache_store_credentials(ccache, &creds_union, ccErrBadCredentialsVersion, "v4_v5 creds (invalid) into a ccache with only v5 princ");
+		creds_union.version = cc_credentials_v4;
+		check_once_cc_ccache_store_credentials(ccache, &creds_union, ccErrBadCredentialsVersion, "v4 creds into a ccache with only v5 princ");
+		creds_union.version = cc_credentials_v5;
+	}
+	
+	if (&creds_union) { release_v5_creds_union(&creds_union); }
+	
+	// non-existent ccache
+	if (ccache) { 
+		err = cc_ccache_get_name(ccache, &name);
+		if (!err) {
+			err = cc_context_open_ccache(context, name->data, &dup_ccache);
+		}
+		if (name) { cc_string_release(name); }
+		if (dup_ccache) { cc_ccache_destroy(dup_ccache); }
+	}
+	
+	if (!err) {
+		err = new_v5_creds_union(&creds_union, "BAR.ORG");
+	}
+	
+	if (!err) {
+		check_once_cc_ccache_store_credentials(ccache, &creds_union, ccErrInvalidCCache, "invalid ccache");
+	}
+	
+	if (&creds_union) { release_v5_creds_union(&creds_union); }
+	if (ccache) { cc_ccache_release(ccache); }
+	if (context) { 
+		destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_store_credentials */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_store_credentials(cc_ccache_t ccache, const cc_credentials_union *credentials, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_store_credentials
+	
+	cc_int32 possible_return_values[5] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+		ccErrInvalidCredentials, 
+		ccErrBadCredentialsVersion, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_credentials_iterator_t creds_iterator = NULL;
+	cc_credentials_t creds = NULL;
+	
+	err = cc_ccache_store_credentials(ccache, credentials);
+		
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	// make sure credentials were truly stored
+	if (!err) {
+		err = cc_ccache_new_credentials_iterator(ccache, &creds_iterator);
+	}
+	while (!err) {
+		err = cc_credentials_iterator_next(creds_iterator, &creds);
+		if (creds) {
+			if (compare_v5_creds_unions(credentials, creds->data) == 0) {
+				break;
+			}
+			cc_credentials_release(creds);
+			creds = NULL;			
+		}
+	}
+	
+	if (err == ccIteratorEnd) { 
+		check_if((creds != NULL), "stored credentials not found in ccache");
+		err = ccNoError;
+	}
+	if (creds) { cc_credentials_release(creds); }
+	
+	#endif /* cc_ccache_store_credentials */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_remove_credentials() {
+	BEGIN_TEST("cc_ccache_remove_credentials");
+	
+	#ifndef cc_ccache_remove_credentials
+	log_error("cc_ccache_remove_credentials is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_ccache_t dup_ccache = NULL;
+	cc_credentials_t creds_array[10];
+	cc_credentials_t creds = NULL;
+	cc_credentials_union creds_union;
+	cc_credentials_iterator_t creds_iterator = NULL;
+	cc_string_t name = NULL;
+	unsigned int i;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	
+	// store 10 creds and retrieve their cc_credentials_t representations
+	for(i = 0; !err && (i < 10); i++) {
+		new_v5_creds_union(&creds_union, "BAR.ORG");
+		err = cc_ccache_store_credentials(ccache, &creds_union);
+		if (&creds_union) { release_v5_creds_union(&creds_union); }
+	}
+	if (err) {
+		log_error("failure to store creds_union in remove_creds test");
+	}
+	if (!err) {
+		err = cc_ccache_new_credentials_iterator(ccache, &creds_iterator);
+	}
+	i = 0;
+	while (!err && i < 10) {
+		err = cc_credentials_iterator_next(creds_iterator, &creds);
+		if (creds) {
+			creds_array[i++] = creds;
+			creds = NULL;
+		}
+	}
+	if (err == ccIteratorEnd) { err = ccNoError; }
+	
+	// remove 10 valid creds
+	for (i = 0; !err && (i < 8); i++) {
+		check_once_cc_ccache_remove_credentials(ccache, creds_array[i], ccNoError, "10 ok creds");
+	}
+
+	// NULL param
+	check_once_cc_ccache_remove_credentials(ccache, NULL, ccErrInvalidCredentials, "NULL creds in param");
+	
+	// non-existent creds (remove same one twice)
+	check_once_cc_ccache_remove_credentials(ccache, creds_array[0], ccErrCredentialsNotFound, "removed same creds twice");
+	
+	// non-existent ccache
+	if (ccache) { 
+		err = cc_ccache_get_name(ccache, &name);
+		if (!err) {
+			err = cc_context_open_ccache(context, name->data, &dup_ccache);
+		}
+		if (name) { cc_string_release(name); }
+		if (dup_ccache) { cc_ccache_destroy(dup_ccache); }
+	}
+	
+	if (!err) {
+		err = new_v5_creds_union(&creds_union, "BAR.ORG");
+	}
+	
+	if (!err) {
+		check_once_cc_ccache_remove_credentials(ccache, creds_array[8], ccErrInvalidCCache, "invalid ccache");
+	}
+
+	for(i = 0; i < 10; i++) {
+		if (creds_array[i]) { cc_credentials_release(creds_array[i]); }
+	}
+
+	if (ccache) { cc_ccache_release(ccache); }
+	if (context) { 
+		destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_remove_credentials */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_remove_credentials(cc_ccache_t ccache, cc_credentials_t in_creds, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_remove_credentials
+	
+	cc_int32 possible_return_values[5] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+		ccErrInvalidCredentials, 
+		ccErrCredentialsNotFound, 
+		ccErrCCacheNotFound,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_credentials_iterator_t creds_iterator = NULL;
+	cc_credentials_t creds = NULL;
+	
+	err = cc_ccache_remove_credentials(ccache, in_creds);
+		
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	// make sure credentials were truly removed
+	if (!err) {
+		err = cc_ccache_new_credentials_iterator(ccache, &creds_iterator);
+	}
+	while (!err) {
+		err = cc_credentials_iterator_next(creds_iterator, &creds);
+		if (creds) {
+			if (compare_v5_creds_unions(in_creds->data, creds->data) == 0) {
+				break;
+			}
+			cc_credentials_release(creds);
+			creds = NULL;			
+		}
+	}
+	
+	if (err == ccIteratorEnd) { 
+		err = ccNoError;
+	}
+	else {
+		check_if((creds != NULL), "credentials not removed from ccache");
+	}
+	if (creds) { cc_credentials_release(creds); }
+	
+	#endif /* cc_ccache_remove_credentials */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_new_credentials_iterator() {
+	BEGIN_TEST("cc_ccache_new_credentials_iterator");
+	
+	#ifndef cc_ccache_new_credentials_iterator
+	log_error("cc_ccache_new_credentials_iterator is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_ccache_t dup_ccache = NULL;
+	cc_credentials_iterator_t creds_iterator = NULL;
+	cc_string_t name = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	
+	// valid params
+	if (!err) {
+		check_once_cc_ccache_new_credentials_iterator(ccache, &creds_iterator, ccNoError, "valid params");
+	}
+	if (creds_iterator) { 
+		cc_credentials_iterator_release(creds_iterator); 
+		creds_iterator = NULL;
+	}
+	
+	// NULL out param
+	if (!err) {
+		check_once_cc_ccache_new_credentials_iterator(ccache, NULL, ccErrBadParam, "NULL out iterator param");
+	}
+	if (creds_iterator) { 
+		cc_credentials_iterator_release(creds_iterator); 
+		creds_iterator = NULL;
+	}
+	
+	// non-existent ccache
+	if (ccache) { 
+		err = cc_ccache_get_name(ccache, &name);
+		if (!err) {
+			err = cc_context_open_ccache(context, name->data, &dup_ccache);
+		}
+		if (name) { cc_string_release(name); }
+		if (dup_ccache) { cc_ccache_destroy(dup_ccache); }
+	}
+	
+	if (!err) {
+		check_once_cc_ccache_new_credentials_iterator(ccache, &creds_iterator, ccErrCCacheNotFound, "invalid ccache");
+	}
+	
+	if (creds_iterator) { 
+		cc_credentials_iterator_release(creds_iterator); 
+		creds_iterator = NULL;
+	}
+	if (ccache) { cc_ccache_release(ccache); }
+	if (context) { 
+		destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_new_credentials_iterator */
+	
+	END_TEST_AND_RETURN
+}
+
+
+cc_int32 check_once_cc_ccache_new_credentials_iterator(cc_ccache_t ccache, cc_credentials_iterator_t *iterator, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_new_credentials_iterator
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrBadParam, 
+		ccErrNoMem, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	err = cc_ccache_new_credentials_iterator(ccache, iterator);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	#endif /* cc_ccache_new_credentials_iterator */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_get_change_time() {
+	BEGIN_TEST("cc_ccache_get_change_time");
+	
+	#ifndef cc_ccache_get_change_time
+	log_error("cc_ccache_get_change_time is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t dummy_ccache = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_credentials_union creds_union;
+	cc_credentials_iterator_t creds_iterator = NULL;
+	cc_credentials_t credentials = NULL;
+	cc_time_t last_time = 0;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	// create some ccaches (so that the one we keep around as 'ccache' is not default)
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (ccache) {
+		cc_ccache_release(ccache);
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAZ.ORG", &ccache);
+	}
+	
+	// change it in all the ways it can change, checking after each
+	
+	// the ccache is created
+	if (!err) {
+		check_once_cc_ccache_get_change_time(ccache, &last_time, ccNoError, "new ccache (change time should be > 0)");
+	}
+	
+	// the ccache is made default
+	if (!err) {
+		err = cc_ccache_set_default(ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_change_time(ccache, &last_time, ccNoError, "non-default ccache became default");
+	}
+	
+	// the ccache is made not-default
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "something@ELSE.COM", &dummy_ccache);
+	}
+	if (!err) {
+		err = cc_ccache_set_default(dummy_ccache);
+	}
+	if (dummy_ccache) {	
+		cc_ccache_release(dummy_ccache);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_change_time(ccache, &last_time, ccNoError, "default ccache became non-default");
+	}
+	
+	// try with bad params
+	
+	// NULL out param
+	if (!err) {
+		check_once_cc_ccache_get_change_time(ccache, NULL, ccErrBadParam, "NULL out param for time");
+	}
+	
+	// store a credential
+	if (!err) {
+		new_v5_creds_union(&creds_union, "BAR.ORG");
+		err = cc_ccache_store_credentials(ccache, &creds_union);
+		release_v5_creds_union(&creds_union);
+	}
+	check_once_cc_ccache_get_change_time(ccache, &last_time, ccNoError, "stored new credential");
+	
+	if (!err) {
+		// change principal (fails with ccErrBadInternalMessage)
+		err = cc_ccache_set_principal(ccache, cc_credentials_v5, "foo@BAR.ORG");
+		if (err) {
+			log_error("failed to change ccache's principal - %s (%d)", translate_ccapi_error(err), err);
+			failure_count++;
+			err = ccNoError;
+		}
+	}
+	check_once_cc_context_get_change_time(context, &last_time, ccNoError, "after changing a principle");
+	
+	// remove a credential
+	if (!err) {
+		err = cc_ccache_new_credentials_iterator(ccache, &creds_iterator);
+	}
+	if (!err) {
+		err = cc_credentials_iterator_next(creds_iterator, &credentials);
+	}
+	if (err == ccIteratorEnd) {
+		err = ccNoError;
+	}
+	if (!err) {
+		err = cc_ccache_remove_credentials(ccache, credentials);
+	}
+	check_once_cc_context_get_change_time(context, &last_time, ccNoError, "after removing a credential");
+	
+	
+	// invalid ccache
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_change_time(ccache, &last_time, ccErrInvalidCCache, "getting change time on destroyed ccache");
+	}
+	
+	if (ccache) { cc_ccache_release(ccache); }
+	if (context) { 
+		destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_get_change_time */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_get_change_time(cc_ccache_t ccache, cc_time_t *last_time, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_get_change_time
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+		ccErrBadParam, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_time_t this_time = 0;
+	
+	if (last_time == NULL) {
+		err = cc_ccache_get_change_time(ccache, NULL); // passed NULL to compare against because intention is actually to pass bad param instead
+	} else {
+		err = cc_ccache_get_change_time(ccache, &this_time);
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if ((!err) && last_time) {
+		check_if(this_time <= *last_time, "change time didn't increase when expected");
+		*last_time = this_time;
+	}
+		
+	#endif /* cc_ccache_get_change_time */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_get_last_default_time() {
+	BEGIN_TEST("cc_ccache_get_last_default_time");
+	
+	#ifndef cc_ccache_get_last_default_time
+	log_error("cc_ccache_get_last_default_time is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache_1 = NULL;
+	cc_ccache_t ccache_2 = NULL;
+	cc_time_t last_time_1 = 0;
+	cc_time_t last_time_2 = 0;
+	cc_string_t name = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	// create 2 ccaches
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@ONE.ORG", &ccache_1);
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@TWO.ORG", &ccache_2);
+	}
+	
+	if (!err) {
+		err = cc_ccache_get_change_time(ccache_1, &last_time_1);
+	}
+	
+	// since we destroyed all ccaches before creating these two, 
+	// ccache_1 should be default and ccache_2 should never have been default
+	if (!err) {
+		check_once_cc_ccache_get_last_default_time(ccache_1, &last_time_1, ccNoError, "ccache_1 default at creation");
+		check_once_cc_ccache_get_last_default_time(ccache_2, &last_time_2, ccErrNeverDefault, "ccache_2 never default");
+	}
+	
+	// make ccache_2 default and check each of their times again
+	if (!err) {
+		err = cc_ccache_set_default(ccache_2);
+	}
+	if (!err) {
+		err = cc_ccache_get_change_time(ccache_2, &last_time_2);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_last_default_time(ccache_1, &last_time_1, ccNoError, "ccache_1 no longer default");
+		check_once_cc_ccache_get_last_default_time(ccache_2, &last_time_2, ccNoError, "ccache_2 newly default");
+	}
+
+	// NULL param
+	if (!err) {
+		check_once_cc_ccache_get_last_default_time(ccache_1, NULL, ccErrBadParam, "NULL out param");
+	}
+	
+	// non-existent ccache
+	if (ccache_2) { 
+		cc_ccache_release(ccache_2); 
+		ccache_2 = NULL;
+	}
+	if (!err) {
+		err = cc_ccache_get_name(ccache_1, &name);
+	}
+	if (!err) {
+		err = cc_context_open_ccache(context, name->data, &ccache_2);
+	}
+	if (!err) {
+		cc_ccache_destroy(ccache_2);
+		ccache_2 = NULL;
+	}
+	
+	if (!err) {
+		check_once_cc_ccache_get_last_default_time(ccache_1, &last_time_1, ccErrCCacheNotFound, "destroyed ccache");
+	}
+	
+	if (ccache_1) { cc_ccache_release(ccache_1); }
+	
+	if (context) { 
+		destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_get_last_default_time */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_get_last_default_time(cc_ccache_t ccache, cc_time_t *last_time, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_get_last_default_time
+	
+	cc_int32 possible_return_values[5] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+		ccErrBadParam, 
+		ccErrNeverDefault, 
+		ccErrCCacheNotFound, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_time_t this_time = 0;
+	
+	if (last_time == NULL) {
+		err = cc_ccache_get_last_default_time(ccache, NULL); // passed NULL to compare against because intention is actually to pass bad param instead
+	} else {
+		err = cc_ccache_get_last_default_time(ccache, &this_time);
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err && last_time) {
+		check_if(this_time > *last_time, "last default time isn't as expected");
+		*last_time = this_time;
+	}
+		
+	#endif /* cc_ccache_get_last_default_time */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+
+int check_cc_ccache_move() {
+	BEGIN_TEST("cc_ccache_move");
+	
+	#ifndef cc_ccache_move
+	log_error("cc_ccache_move is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t source = NULL;
+	cc_ccache_t destination = NULL;
+	
+	cc_credentials_union creds_union;
+	unsigned int i = 0;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	// create 2 ccaches
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@ONE.ORG", &source);
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@TWO.ORG", &destination);
+	}
+	
+	// store credentials in each
+	for (i = 0; !err && (i < 10); i++) {
+		new_v5_creds_union(&creds_union, "ONE.ORG");
+		err = cc_ccache_store_credentials(source, &creds_union);
+	}
+	for (i = 0; !err && (i < 10); i++) {
+		new_v5_creds_union(&creds_union, "TWO.ORG");
+		err = cc_ccache_store_credentials(destination, &creds_union);
+	}
+	
+	// move source into destination
+	if (!err) {
+		check_once_cc_ccache_move(source, destination, ccNoError, "valid params");
+	}
+
+	// NULL param
+	if (!err) {
+		check_once_cc_ccache_move(destination, NULL, ccErrInvalidCCache, "NULL destination param");
+	}
+	
+	// non-existent ccache
+	if (!err) {
+		check_once_cc_ccache_move(destination, source, ccErrInvalidCCache, "recently moved source as destination param");
+	}
+	
+	if (source) { cc_ccache_release(source); }
+	if (destination) { cc_ccache_release(destination); }
+	
+	if (context) { 
+		destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	#endif /* cc_ccache_move */
+	
+	END_TEST_AND_RETURN
+	
+	
+}
+
+cc_int32 check_once_cc_ccache_move(cc_ccache_t source, cc_ccache_t destination, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_ccache_move
+	
+	cc_int32 possible_return_values[3] = {
+		ccNoError, 
+		ccErrInvalidCCache, 
+		ccErrCCacheNotFound,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_credentials_t dst_creds[10] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, };
+	cc_credentials_t creds = NULL;
+	cc_credentials_iterator_t cred_iterator = NULL;
+	unsigned int i = 0;
+	
+	cc_string_t src_principal = NULL;
+	cc_string_t dst_principal = NULL;
+
+	if (destination) {
+		// verify all of destination's credentials are no longer there (save a list and call remove_cred for each, expecting an err in response)	
+		if (!err) {
+			err = cc_ccache_new_credentials_iterator(destination, &cred_iterator);
+		}
+		while (!err && (i < 10)) {
+			err = cc_credentials_iterator_next(cred_iterator, &creds);
+			if (creds) {
+				dst_creds[i++] = creds;
+			}
+		}
+		if (err == ccIteratorEnd) {
+			!err;
+		}
+		if (cred_iterator) { 
+			cc_credentials_iterator_release(cred_iterator); 
+			cred_iterator = NULL;
+		}
+
+		// verify that destination's principal has changed to source's (strcmp)
+		if (!err) {
+			err = cc_ccache_get_principal(source, cc_credentials_v5, &src_principal);
+		}
+	}
+	
+	
+	if (!err) {
+		err = cc_ccache_move(source, destination);
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	
+	if (!err) {
+		// verify all of destination's credentials are no longer there (save a list and call remove_cred for each, expecting an err in response)
+		i = 0;
+		while (dst_creds[i] && (i < 10)) {
+			err = cc_ccache_remove_credentials(destination, dst_creds[i]);
+			check_if(!(!err || err == ccErrCredentialsNotFound || ccErrInvalidCredentials), "credentials in destination not removed as promised");
+			cc_credentials_release(dst_creds[i]);
+			i++;
+		}
+		err = ccNoError;
+	}
+
+		// verify that destination's principal has changed to source's (strcmp)
+		if (!err) {
+			err = cc_ccache_get_principal(destination, cc_credentials_v5, &dst_principal);
+		}
+		if (!err) {
+			check_if(strcmp(src_principal->data, dst_principal->data), "destination principal not overwritten by source");
+		}
+
+		// verify that handles for source are no longer valid (get_change_time)
+		if (src_principal) { 
+			cc_string_release(src_principal);
+			src_principal = NULL;
+		}
+		if (!err) {
+			err = cc_ccache_get_principal(source, cc_credentials_v5, &src_principal);
+			check_if(err != ccErrInvalidCCache, "source ccache was not invalidated after move");
+		}
+	
+	
+	if (cred_iterator) { cc_credentials_iterator_release(cred_iterator); }
+	if (src_principal) { cc_string_release(src_principal); }
+	if (dst_principal) { cc_string_release(dst_principal); }
+		
+	#endif /* cc_ccache_move */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+int check_cc_ccache_compare() {
+	BEGIN_TEST("cc_ccache_compare");
+	
+	#ifndef cc_ccache_compare
+	log_error("cc_ccache_compare is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache_a = NULL;
+	cc_ccache_t ccache_b = NULL;
+	cc_uint32 equal = 0;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache_a);
+	}
+	if (!err) {
+		err = cc_context_open_default_ccache(context, &ccache_b);
+	}
+
+	equal = 1;
+	check_once_cc_ccache_compare(ccache_a, ccache_a, &equal, ccNoError, "compare ccache with same pointer");
+	equal = 1;
+	check_once_cc_ccache_compare(ccache_a, ccache_b, &equal, ccNoError, "compare different handles to same ccache");
+	
+	if (ccache_b) {
+		cc_ccache_release(ccache_b);
+		ccache_b = NULL;
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "baz@BAR.ORG", &ccache_b);
+	}
+	equal = 0;
+	check_once_cc_ccache_compare(ccache_a, ccache_b, &equal, ccNoError, "compare different ccaches");
+	check_once_cc_ccache_compare(ccache_a, NULL, &equal, ccErrInvalidCCache, "NULL compare_to ccache");
+	check_once_cc_ccache_compare(ccache_a, ccache_b, NULL, ccErrBadParam, "NULL out param");
+
+	if (ccache_a) { cc_ccache_release(ccache_a); }
+	if (ccache_b) { cc_ccache_release(ccache_b); }
+	
+	if (context) { 
+		err = destroy_all_ccaches(context);
+		cc_context_release(context); 
+	}
+	
+	#endif /* cc_ccache_compare */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_compare(cc_ccache_t ccache, cc_ccache_t compare_to, cc_uint32 *equal, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+
+	BEGIN_CHECK_ONCE(description);
+
+	#ifdef cc_ccache_compare
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrInvalidContext, 
+		ccErrBadParam, 
+		ccErrServerUnavailable,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_uint32 actually_equal = 0;
+	
+	if (equal) {
+		actually_equal = *equal;
+	} 
+	
+	err = cc_ccache_compare(ccache, compare_to, equal);
+	
+	if (!err && equal) {
+		if (actually_equal) {
+			check_if(actually_equal != *equal, "equal ccaches not considered equal");
+		}
+		else {
+			check_if(actually_equal != *equal, "non-equal ccaches considered equal");
+		}
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	#endif /* cc_ccache_compare */
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+int check_cc_ccache_get_kdc_time_offset() {
+	BEGIN_TEST("cc_ccache_get_kdc_time_offset");
+	
+	#ifndef cc_ccache_get_kdc_time_offset
+	log_error("cc_ccache_get_kdc_time_offset is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_time_t time_offset = 0;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+
+	time_offset = 0;
+	check_once_cc_ccache_get_kdc_time_offset(ccache, cc_credentials_v5, &time_offset, ccErrTimeOffsetNotSet, "brand new ccache (offset not yet set)");
+	
+	time_offset = 10;
+	if (!err) {
+		err = cc_ccache_set_kdc_time_offset(ccache, cc_credentials_v5, time_offset);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_kdc_time_offset(ccache, cc_credentials_v5, &time_offset, ccNoError, "offset set for v5 but not v4");
+	}
+	if (!err) {
+		check_once_cc_ccache_get_kdc_time_offset(ccache, cc_credentials_v4, &time_offset, ccErrTimeOffsetNotSet, "asking for v4 offset when only v5 is set");
+	}
+	if (!err) {
+		err = cc_ccache_set_kdc_time_offset(ccache, cc_credentials_v4, time_offset);
+	}
+	if (!err) {
+		check_once_cc_ccache_get_kdc_time_offset(ccache, cc_credentials_v4, &time_offset, ccNoError, "asking for v4 offset when v4 and v5 are set");
+	}
+	
+
+	check_once_cc_ccache_get_kdc_time_offset(ccache, cc_credentials_v5, NULL, ccErrBadParam, "NULL time_offset out param");
+	check_once_cc_ccache_get_kdc_time_offset(ccache, cc_credentials_v4_v5, &time_offset, ccErrBadCredentialsVersion, "v4_v5 creds_vers in param (invalid)");
+
+	if (ccache) { cc_ccache_release(ccache); }
+	
+	if (context) { 
+		err = destroy_all_ccaches(context);
+		cc_context_release(context); 
+	}
+	
+	#endif /* cc_ccache_get_kdc_time_offset */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_get_kdc_time_offset(cc_ccache_t ccache, cc_int32 credentials_version, cc_time_t *time_offset, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+
+	BEGIN_CHECK_ONCE(description);
+
+	#ifdef cc_ccache_get_kdc_time_offset
+	
+	cc_int32 possible_return_values[7] = {
+		ccNoError, 
+		ccErrTimeOffsetNotSet, 
+		ccErrCCacheNotFound, 
+		ccErrInvalidCCache, 
+		ccErrBadParam, 
+		ccErrServerUnavailable, 
+		ccErrBadCredentialsVersion,	
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_time_t expected_offset;
+	
+	if (time_offset) {
+		expected_offset = *time_offset;
+	}
+	
+	err = cc_ccache_get_kdc_time_offset(ccache, credentials_version, time_offset);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err && time_offset) {
+		check_if(*time_offset != expected_offset, "kdc time offset doesn't match expected value");
+	}
+	
+	#endif /* cc_ccache_get_kdc_time_offset */
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+int check_cc_ccache_set_kdc_time_offset() {
+	BEGIN_TEST("cc_ccache_set_kdc_time_offset");
+	
+	#ifndef cc_ccache_set_kdc_time_offset
+	log_error("cc_ccache_set_kdc_time_offset is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+
+	check_once_cc_ccache_set_kdc_time_offset(ccache, cc_credentials_v5, 0, ccNoError, "first time setting offset (v5)");
+	check_once_cc_ccache_set_kdc_time_offset(ccache, cc_credentials_v4, 0, ccNoError, "first time setting offset (v4)");
+	
+	check_once_cc_ccache_set_kdc_time_offset(ccache, cc_credentials_v4_v5, 0, ccErrBadCredentialsVersion, "invalid creds_vers (v4_v5)");
+
+	if (ccache) { cc_ccache_release(ccache); }
+	
+	if (context) { 
+		err = destroy_all_ccaches(context);
+		cc_context_release(context); 
+	}
+	
+	#endif /* cc_ccache_set_kdc_time_offset */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_set_kdc_time_offset(cc_ccache_t ccache, cc_int32 credentials_version, cc_time_t time_offset, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+
+	BEGIN_CHECK_ONCE(description);
+
+	#ifdef cc_ccache_set_kdc_time_offset
+	
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccErrCCacheNotFound, 
+		ccErrInvalidCCache, 
+		ccErrBadParam, 
+		ccErrServerUnavailable, 
+		ccErrBadCredentialsVersion,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_time_t stored_offset = 0;
+		
+	err = cc_ccache_set_kdc_time_offset(ccache, credentials_version, time_offset);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		err = cc_ccache_get_kdc_time_offset(ccache, credentials_version, &stored_offset);
+	}
+	
+	if (!err) {
+		check_if(time_offset != stored_offset, "kdc time offset doesn't match expected value");
+	}
+	
+	#endif /* cc_ccache_set_kdc_time_offset */
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+int check_cc_ccache_clear_kdc_time_offset() {
+	BEGIN_TEST("cc_ccache_clear_kdc_time_offset");
+	
+	#ifndef cc_ccache_clear_kdc_time_offset
+	log_error("cc_ccache_clear_kdc_time_offset is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+
+	check_once_cc_ccache_clear_kdc_time_offset(ccache, cc_credentials_v5, ccNoError, "clearing an offset that was never set (v5)");
+	check_once_cc_ccache_clear_kdc_time_offset(ccache, cc_credentials_v4, ccNoError, "clearing an offset that was never set (v4)");
+
+	err = cc_ccache_set_kdc_time_offset(ccache, cc_credentials_v5, 0);
+	err = cc_ccache_set_kdc_time_offset(ccache, cc_credentials_v4, 0);
+	
+	check_once_cc_ccache_clear_kdc_time_offset(ccache, cc_credentials_v5, ccNoError, "clearing v5");
+	check_once_cc_ccache_clear_kdc_time_offset(ccache, cc_credentials_v4, ccNoError, "clearing v4");
+	
+	check_once_cc_ccache_clear_kdc_time_offset(ccache, cc_credentials_v4_v5, ccErrBadCredentialsVersion, "bad in param creds vers (v4_v5)");
+	
+	if (ccache) { cc_ccache_release(ccache); }
+	
+	if (context) { 
+		err = destroy_all_ccaches(context);
+		cc_context_release(context); 
+	}
+	
+	#endif /* cc_ccache_clear_kdc_time_offset */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_clear_kdc_time_offset(cc_ccache_t ccache, cc_int32 credentials_version, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+
+	BEGIN_CHECK_ONCE(description);
+
+	#ifdef cc_ccache_clear_kdc_time_offset
+	
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccErrCCacheNotFound, 
+		ccErrInvalidCCache, 
+		ccErrBadParam, 
+		ccErrServerUnavailable, 
+		ccErrBadCredentialsVersion,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+
+	cc_time_t stored_offset = 0;
+	
+	err = cc_ccache_clear_kdc_time_offset(ccache, credentials_version);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		err = cc_ccache_get_kdc_time_offset(ccache, credentials_version, &stored_offset);
+		check_if(err != ccErrTimeOffsetNotSet, "time offset not cleared");
+	}
+	
+	#endif /* cc_ccache_clear_kdc_time_offset */
+	
+	return err;
+}
+
+
diff --git a/src/ccapi/test/test_ccapi_ccache.h b/src/ccapi/test/test_ccapi_ccache.h
new file mode 100644
index 0000000000..31d00832f4
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_ccache.h
@@ -0,0 +1,50 @@
+#ifndef _TEST_CCAPI_CCACHE_H_
+#define _TEST_CCAPI_CCACHE_H_
+
+#include <Kerberos/CredentialsCache.h>
+
+
+int check_cc_ccache_release();
+cc_int32 check_once_cc_ccache_release(cc_context_t context, cc_ccache_t ccache, cc_int32 expected_err, const char *description);
+int check_cc_ccache_destroy();
+cc_int32 check_once_cc_ccache_destroy(cc_context_t context, cc_ccache_t ccache, cc_int32 expected_err, const char *description);
+int check_cc_ccache_set_default();
+cc_int32 check_once_cc_ccache_set_default(cc_context_t context, cc_ccache_t ccache, cc_int32 expected_err, const char *description);
+int check_cc_ccache_get_credentials_version();
+cc_int32 check_once_cc_ccache_get_credentials_version(cc_ccache_t ccache, cc_uint32 expected_cred_vers, cc_int32 expected_err, const char *description);
+int check_cc_ccache_get_name();
+cc_int32 check_once_cc_ccache_get_name(cc_ccache_t ccache, const char *expected_name, cc_int32 expected_err, const char *description);
+int check_cc_ccache_get_principal();
+cc_int32 check_once_ccache_get_principal(cc_ccache_t ccache, cc_uint32 cred_vers, const char *expected_principal, cc_int32 expected_err, const char *description);
+int check_cc_ccache_set_principal();
+cc_int32 check_once_cc_ccache_set_principal(cc_ccache_t ccache, cc_uint32 cred_vers, const char *in_principal, cc_int32 expected_err, const char *description);
+
+int check_cc_ccache_store_credentials();
+cc_int32 check_once_cc_ccache_store_credentials(cc_ccache_t ccache, const cc_credentials_union *credentials, cc_int32 expected_err, const char *description);
+int check_cc_ccache_remove_credentials();
+cc_int32 check_once_cc_ccache_remove_credentials(cc_ccache_t ccache, cc_credentials_t in_creds, cc_int32 expected_err, const char *description);
+
+int check_cc_ccache_new_credentials_iterator();
+cc_int32 check_once_cc_ccache_new_credentials_iterator(cc_ccache_t ccache, cc_credentials_iterator_t *iterator, cc_int32 expected_err, const char *description);
+
+int check_cc_ccache_get_change_time();
+cc_int32 check_once_cc_ccache_get_change_time(cc_ccache_t ccache, cc_time_t *last_time, cc_int32 expected_err, const char *description);
+int check_cc_ccache_get_last_default_time();
+cc_int32 check_once_ccache_get_last_default_time(cc_ccache_t ccache, cc_time_t *last_time, cc_int32 expected_err, const char *description);
+
+int check_cc_ccache_move();
+cc_int32 check_once_cc_ccache_move(cc_ccache_t source, cc_ccache_t destination, cc_int32 expected_err, const char *description);
+
+int check_cc_ccache_compare();
+cc_int32 check_once_cc_ccache_compare(cc_ccache_t ccache, cc_ccache_t compare_to, cc_uint32 *equal, cc_int32 expected_err, const char *description);
+
+int check_cc_ccache_get_kdc_time_offset();
+cc_int32 check_once_cc_ccache_get_kdc_time_offset(cc_ccache_t ccache, cc_int32 credentials_version, cc_time_t *time_offset, cc_int32 expected_err, const char *description);
+
+int check_cc_ccache_set_kdc_time_offset();
+cc_int32 check_once_cc_ccache_set_kdc_time_offset(cc_ccache_t ccache, cc_int32 credentials_version, cc_time_t time_offset, cc_int32 expected_err, const char *description);
+
+int check_cc_ccache_clear_kdc_time_offset();
+cc_int32 check_once_cc_ccache_clear_kdc_time_offset(cc_ccache_t ccache, cc_int32 credentials_version, cc_int32 expected_err, const char *description);
+
+#endif /* _TEST_CCAPI_CCACHE_H_ */
diff --git a/src/ccapi/test/test_ccapi_check.c b/src/ccapi/test/test_ccapi_check.c
new file mode 100644
index 0000000000..12192a6572
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_check.c
@@ -0,0 +1,37 @@
+#include "test_ccapi_check.h"
+
+int _check_if(int expression, const char *file, int line, const char *expression_string, const char *format, ...) {
+	if (expression) {
+		failure_count++;
+		// call with NULL format to get a generic error message
+		if (format == NULL) {
+			_log_error(file, line, expression_string);
+		}
+		// call with format and varargs for a more useful error message
+		else {
+			va_list ap;
+			va_start(ap, format);
+			_log_error_v(file, line, format, ap);
+			va_end(ap);
+		}
+		
+		if (current_test_activity) {
+			fprintf(stdout, " (%s)", current_test_activity);
+		}
+	}
+	
+	return (expression != 0);	
+}
+
+int array_contains_int(cc_int32 *array, int size, cc_int32 value) {
+	if (array != NULL && size > 0) {
+		int i = 0;
+		while (i < size && array[i] != value) { 
+			i++; 
+		}
+		if (i < size) {
+			return 1;
+		}
+	}
+	return 0;
+}
\ No newline at end of file
diff --git a/src/ccapi/test/test_ccapi_check.h b/src/ccapi/test/test_ccapi_check.h
new file mode 100644
index 0000000000..c05a5152ef
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_check.h
@@ -0,0 +1,43 @@
+#ifndef _TEST_CCAPI_CHECK_H_
+#define _TEST_CCAPI_CHECK_H_
+
+#include <stdio.h>
+#include <stdarg.h>
+#include "test_ccapi_log.h"
+#include "test_ccapi_globals.h"
+
+int _check_if(int expression, const char *file, int line, const char *expression_string, const char *format, ...);
+		
+#define check_int(a, b) \
+		check_if(a != b, NULL)
+
+/*
+ *	if expression evaluates to true, check_if increments the failure_count and prints:
+ *	
+ *	check_if(a!=a, NULL);
+ *	==> "/path/to/file:line: a!=a" 
+ *	
+ *	check_if(a!=a, "This shouldn't be happening");
+ *	==> "/path/to/file:line: This shouldn't be happening"
+ *	
+ *	check_if(a!=a, "This has happened %d times now", 3);
+ *	==> "/path/to/file:line: This has happened 3 times now"	
+*/
+
+#define check_if(expression, format, ...) \
+		_check_if(expression, __FILE__, __LINE__, #expression, format , ## __VA_ARGS__)
+
+#define check_if_not(expression, format, ...) \
+		check_if(!(expression), format, ## __VA_ARGS__)
+
+// first check if err is what we were expecting to get back
+// then check if err is even in the set of errors documented for the function
+#define check_err(err, expected_err, possible_return_values) \
+		do { \
+			check_if(err != expected_err, "unexpected error %s (%d), expected %s (%d)", translate_ccapi_error(err), err, translate_ccapi_error(expected_err), expected_err); \
+			check_if_not(array_contains_int(possible_return_values, possible_ret_val_count, err), "error not documented as a possible return value: %s (%d)", translate_ccapi_error(err), err); \
+		} while( 0 )
+
+int array_contains_int(cc_int32 *array, int size, cc_int32 value);
+
+#endif /* _TEST_CCAPI_CHECK_H_ */
diff --git a/src/ccapi/test/test_ccapi_constants.c b/src/ccapi/test/test_ccapi_constants.c
new file mode 100644
index 0000000000..5203fff111
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_constants.c
@@ -0,0 +1,66 @@
+#include "test_ccapi_constants.h"
+#include "test_ccapi_globals.h"
+#include "test_ccapi_check.h"
+
+int check_constants() {
+	BEGIN_TEST("constants");
+	/* API versions */
+	
+	check_int(ccapi_version_2, 2);
+	check_int(ccapi_version_3, 3);
+	check_int(ccapi_version_4, 4);
+	check_int(ccapi_version_5, 5);
+	check_int(ccapi_version_6, 6);
+	
+	/* Errors */
+	
+	check_int(ccNoError 					  , 0  );	 //   0               
+	check_int(ccIteratorEnd 				  , 201);    // 201
+	check_int(ccErrBadParam 			      , 202);    // 202
+	check_int(ccErrNoMem 					  , 203);    // 203
+	check_int(ccErrInvalidContext             , 204);    // 204
+	check_int(ccErrInvalidCCache              , 205);    // 205
+	check_int(ccErrInvalidString              , 206);    // 206
+	check_int(ccErrInvalidCredentials         , 207);    // 207
+	check_int(ccErrInvalidCCacheIterator      , 208);    // 208
+	check_int(ccErrInvalidCredentialsIterator , 209);    // 209
+	check_int(ccErrInvalidLock                , 210);    // 210
+	check_int(ccErrBadName                    , 211);    // 211
+	check_int(ccErrBadCredentialsVersion      , 212);    // 212
+	check_int(ccErrBadAPIVersion              , 213);    // 213
+	check_int(ccErrContextLocked              , 214);    // 214
+	check_int(ccErrContextUnlocked            , 215);    // 215
+	check_int(ccErrCCacheLocked               , 216);    // 216
+	check_int(ccErrCCacheUnlocked             , 217);    // 217
+	check_int(ccErrBadLockType                , 218);    // 218
+	check_int(ccErrNeverDefault               , 219);    // 219
+	check_int(ccErrCredentialsNotFound        , 220);    // 220
+	check_int(ccErrCCacheNotFound             , 221);    // 221
+	check_int(ccErrContextNotFound            , 222);    // 222
+	check_int(ccErrServerUnavailable          , 223);    // 223
+	check_int(ccErrServerInsecure             , 224);    // 224
+	check_int(ccErrServerCantBecomeUID        , 225);    // 225
+	check_int(ccErrTimeOffsetNotSet           , 226);    // 226
+	check_int(ccErrBadInternalMessage         , 227);    // 227
+	check_int(ccErrNotImplemented             , 228);    // 228
+
+	/* Credentials versions */
+	
+	check_int(cc_credentials_v4,    1);
+	check_int(cc_credentials_v5,    2);
+	check_int(cc_credentials_v4_v5, (cc_credentials_v4 | cc_credentials_v5));
+
+	/* Lock types */
+
+	check_int(cc_lock_read,      0);
+	check_int(cc_lock_write,     1);
+	check_int(cc_lock_upgrade,   2);
+	check_int(cc_lock_downgrade, 3);
+
+    /* Locking Modes */
+  
+	check_int(cc_lock_noblock, 0);
+	check_int(cc_lock_block,   1);
+	
+	END_TEST_AND_RETURN
+}
\ No newline at end of file
diff --git a/src/ccapi/test/test_ccapi_constants.h b/src/ccapi/test/test_ccapi_constants.h
new file mode 100644
index 0000000000..ff6fd66a15
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_constants.h
@@ -0,0 +1,6 @@
+#ifndef _TEST_CCAPI_CONSTANTS_H_
+#define _TEST_CCAPI_CONSTANTS_H_
+
+int check_constants();
+
+#endif /* _TEST_CCAPI_CONSTANTS_H_ */
diff --git a/src/ccapi/test/test_ccapi_context.c b/src/ccapi/test/test_ccapi_context.c
new file mode 100644
index 0000000000..b9365a619e
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_context.c
@@ -0,0 +1,1065 @@
+#include <string.h>
+#include "test_ccapi_context.h"
+#include <limits.h>
+#include "test_ccapi_check.h"
+#include "test_ccapi_util.h"
+
+int check_cc_initialize() {
+	BEGIN_TEST("cc_initialize");
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	
+	// try every api_version
+	err = check_once_cc_initialize(&context, ccapi_version_2, NULL, NULL, 11, NULL);                 // err == CC_NOT_SUPP, not reflected in documentation rev 8
+	err = check_once_cc_initialize(&context, ccapi_version_3, NULL, NULL, ccNoError, NULL);   	   // !err                                    
+	err = check_once_cc_initialize(&context, ccapi_version_4, NULL, NULL, ccNoError, NULL);   	   //        "                                            
+	err = check_once_cc_initialize(&context, ccapi_version_5, NULL, NULL, ccNoError, NULL);   	   //        "                                            
+	err = check_once_cc_initialize(&context, ccapi_version_6, NULL, NULL, ccNoError, NULL);   	   //        "                                            
+	
+	// try bad api_version
+	err = check_once_cc_initialize(&context, INT_MAX,         NULL, NULL, ccErrBadAPIVersion, NULL); // err == ccErrBadAPIVersion                             
+	
+	// try bad param
+	err = check_once_cc_initialize(NULL,     ccapi_version_3, NULL, NULL, ccErrBadParam, NULL);  	   // err == ccErrBadParam                                
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_initialize(cc_context_t *out_context, cc_int32 in_version, cc_int32 *out_supported_version, char const **out_vendor, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	cc_context_t context;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrNoMem, 
+		ccErrBadAPIVersion, 
+		ccErrBadParam,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	err = cc_initialize(out_context, in_version, out_supported_version, out_vendor);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (out_context) { context = *out_context; }
+	else { context = NULL; }
+	
+	// check output parameters
+	if (!err) {
+		check_if(context == NULL, NULL);
+		if (context) { 
+			cc_context_release(context); 
+			*out_context = NULL;
+		}
+	} else {
+		check_if(context != NULL, NULL);
+	}
+	
+	return err;
+}
+
+
+int check_cc_context_get_version() {
+	BEGIN_TEST("cc_context_get_version");
+	
+	#ifndef cc_context_get_version
+	log_error("cc_context_get_version is not implemented yet");
+	failure_count++;
+	#else
+	// This code is all untested, since there is no cc_context_get_version to test against
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	
+	// try every api_version
+	//err = check_once_cc_context_get_version(&context, ccapi_version_2, NULL, NULL, ccNoError);   	     // err == CC_NOT_SUPP, not reflected in documentation rev 8
+	err = check_once_cc_context_get_version(&context, ccapi_version_3, NULL, NULL, ccNoError);   	     // !err                                    
+	err = check_once_cc_context_get_version(&context, ccapi_version_4, NULL, NULL, ccNoError);   	     //        "                                            
+	err = check_once_cc_context_get_version(&context, ccapi_version_5, NULL, NULL, ccNoError);   	     //        "                                            
+	err = check_once_cc_context_get_version(&context, ccapi_version_6, NULL, NULL, ccNoError);   	     //        "                                            
+	
+	// try bad api_version
+	err = check_once_cc_context_get_version(&context, INT_MAX,         NULL, NULL, ccErrBadAPIVersion);  // err == ccErrBadAPIVersion                             
+	
+	// try bad param
+	err = check_once_cc_context_get_version(NULL,     ccapi_version_3, NULL, NULL, ccErrInvalidContext); // err == ccErrInvalidContext                                 	   
+	
+	
+	#endif /* cc_context_get_version */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_context_get_version(cc_context_t *out_context, cc_int32 in_version, cc_int32 *out_supported_version, char const **out_vendor, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_get_version
+	// This code is all untested, since there is no cc_context_get_version to test against
+	
+	cc_context_t context = NULL;
+	cc_int32 reported_version;
+	
+	cc_int32 possible_return_values[3] = {
+		ccNoError, 
+		ccErrInvalidContext, 
+		ccErrBadParam,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	err = cc_initialize(out_context, in_version, out_supported_version, out_vendor);
+	
+	if (err != ccNoError) {
+		log_error("failure in cc_initialize, unable to perform check");
+		return err;
+	}
+	else {
+		context = *out_context;
+		err = cc_context_get_version(context, &reported_version);
+		
+		// check returned error
+		check_err(err, expected_err, possible_return_values);
+	}
+			
+	// check output parameters and free memory
+	if (!err) {
+		check_if(reported_version != in_version, NULL);
+	} else if (err == ccErrBadParam) {
+		check_if_not((context == NULL || &reported_version == NULL), "given ccErrBadParam but no param was bad");
+	}
+	
+	if (context) { 
+		cc_context_release(context); 
+		*out_context = NULL;
+	}
+	
+	#endif /* cc_context_get_version */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_release() {
+	BEGIN_TEST("cc_context_release");
+	
+	#ifndef cc_context_release
+	log_error("cc_context_release is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	
+	// try with valid context
+	err = check_once_cc_context_release(&context, ccNoError, NULL);
+	
+	// try with NULL
+	//err = check_once_cc_context_release(NULL, ccErrInvalidContext);
+	/* calling with NULL context crashes, because this macro expands to 
+	   ((NULL) -> functions -> release (NULL)) which is dereferencing NULL which is bad. */
+	
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_context_release */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_context_release(cc_context_t *out_context, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_release
+	
+	cc_context_t context = NULL;
+	
+	cc_int32 possible_return_values[2] = {
+		ccNoError, 
+		ccErrInvalidContext, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	if (out_context) {
+		err = cc_initialize(out_context, ccapi_version_3, NULL, NULL);
+		if (!err) { 
+			context = *out_context; 
+		}
+	}
+	
+	if (err != ccNoError) {
+		log_error("failure in cc_initialize, unable to perform check");
+		return err;
+	}
+	else {
+		err = cc_context_release(context);
+		// check returned error
+		check_err(err, expected_err, possible_return_values);
+	}
+	
+	*out_context = NULL;
+	
+	#endif /* cc_context_release */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_get_change_time() {
+	BEGIN_TEST("cc_context_get_change_time");
+	
+	#ifndef cc_context_get_change_time
+	log_error("cc_context_get_change_time is not implemented yet");
+	failure_count++;
+	#else
+	
+	/*
+	 * Make a context
+	 * make sure the change time changes after:
+	 * 	a ccache is created  
+	 * 	a ccache is destroyed  
+	 * 	a credential is stored  
+	 * 	a credential is removed  
+	 * 	a ccache principal is changed  
+	 * 	the default ccache is changed
+	 * clean up memory
+	 */
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_time_t last_change_time = 0;
+	cc_ccache_t ccache = NULL;
+	cc_credentials_union creds_union;
+	cc_credentials_iterator_t creds_iterator = NULL;
+	cc_credentials_t credentials = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	if (!err) {
+		
+		// try bad parameters first
+		err = check_once_cc_context_get_change_time(context, NULL, ccErrBadParam, "NULL param, should fail");
+		
+		// make sure we have a default ccache
+		err = cc_context_open_default_ccache(context, &ccache);
+		if (err == ccErrCCacheNotFound) {
+			err = cc_context_create_default_ccache(context, cc_credentials_v5, "foo/bar@BAZ.ORG", &ccache);
+		}
+		if (!err) {
+			err = cc_ccache_release(ccache);
+		}
+		// either the default ccache already existed or we just created it
+		// either way, the get_change_time should now give something > 0
+		check_once_cc_context_get_change_time(context, &last_change_time, ccNoError, "first-run, should be > 0");
+		
+		// create a ccache
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+		check_once_cc_context_get_change_time(context, &last_change_time, ccNoError, "after creating a new ccache");
+		
+		// store a credential
+		if (!err) {
+			new_v5_creds_union(&creds_union, "BAR.ORG");
+			err = cc_ccache_store_credentials(ccache, &creds_union);
+			release_v5_creds_union(&creds_union);
+		}
+		check_once_cc_context_get_change_time(context, &last_change_time, ccNoError, "after storing a credential");
+		
+		if (!err) {
+			// change principal (fails with ccErrBadInternalMessage)
+			err = cc_ccache_set_principal(ccache, cc_credentials_v5, "foo@BAR.ORG");
+			if (err) {
+				log_error("failed to change ccache's principal - %s (%d)", translate_ccapi_error(err), err);
+				failure_count++;
+				err = ccNoError;
+			}
+		}
+		check_once_cc_context_get_change_time(context, &last_change_time, ccNoError, "after changing a principle");
+		
+		// remove a credential
+		if (!err) {
+			err = cc_ccache_new_credentials_iterator(ccache, &creds_iterator);
+		}
+		if (!err) {
+			err = cc_credentials_iterator_next(creds_iterator, &credentials);
+		}
+		if (err == ccIteratorEnd) {
+			err = ccNoError;
+		}
+		if (!err) {
+			err = cc_ccache_remove_credentials(ccache, credentials);
+		}
+		check_once_cc_context_get_change_time(context, &last_change_time, ccNoError, "after removing a credential");		
+		
+		if (!err) {
+			// change default ccache
+			err = cc_ccache_set_default(ccache);
+			check_once_cc_context_get_change_time(context, &last_change_time, ccNoError, "after changing default ccache");
+		}
+		
+		if (ccache) {
+			// destroy a ccache
+			err = cc_ccache_destroy(ccache);
+			check_once_cc_context_get_change_time(context, &last_change_time, ccNoError, "after destroying a ccache");
+		}
+	}
+	
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_get_change_time */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_context_get_change_time(cc_context_t context, cc_time_t *time, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_get_change_time
+	
+	cc_int32 possible_return_values[3] = {
+		ccNoError, 
+		ccErrInvalidContext, 
+		ccErrBadParam,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	cc_time_t last_change_time;
+	cc_time_t current_change_time = 0;
+	
+	if (time != NULL) { // if we were passed NULL, then we're looking to pass a bad param
+		err = cc_context_get_change_time(context, &current_change_time);
+	} else {
+		err = cc_context_get_change_time(context, NULL);
+	}
+	
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		last_change_time = *time;
+		check_if(current_change_time <= last_change_time, "context change time did not increase when it was supposed to (%d <= %d)", current_change_time, last_change_time);
+		*time = current_change_time;
+	}
+	
+	#endif /* cc_context_get_change_time */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_get_default_ccache_name() {
+	BEGIN_TEST("cc_context_get_default_ccache_name");
+	
+	#ifndef cc_context_get_default_ccache_name
+	log_error("cc_context_get_default_ccache_name is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_string_t name = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	if (!err) {	
+		// try bad parameters first
+		err = check_once_cc_context_get_default_ccache_name(context, NULL, ccErrBadParam, NULL);
+		
+		// try with no default
+		err = destroy_all_ccaches(context);
+		err = cc_context_open_default_ccache(context, &ccache);
+		if (err != ccErrCCacheNotFound) {
+			log_error("didn't remove all ccaches");
+		}
+		err = check_once_cc_context_get_default_ccache_name(context, &name, ccNoError, NULL);
+		
+		// try normally
+		err = cc_context_create_default_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+		if (ccache) { cc_ccache_release(ccache); }
+		err = check_once_cc_context_get_default_ccache_name(context, &name, ccNoError, NULL);
+		
+	}
+	
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_context_get_default_ccache_name */
+	
+	END_TEST_AND_RETURN	
+}
+
+cc_int32 check_once_cc_context_get_default_ccache_name(cc_context_t context, cc_string_t *name, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_get_default_ccache_name
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrInvalidContext, 
+		ccErrBadParam, 
+		ccErrNoMem, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+		
+	if (name != NULL) { // if we were passed NULL, then we're looking to pass a bad param
+		err = cc_context_get_default_ccache_name(context, name);
+	} else {
+		err = cc_context_get_default_ccache_name(context, NULL);
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	// not really anything else to check
+	
+	if (name && *name) { cc_string_release(*name); }
+	
+	#endif /* cc_context_get_default_ccache_name */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_open_ccache() {
+	BEGIN_TEST("cc_context_open_ccache");
+	
+	#ifndef cc_context_open_ccache
+	log_error("cc_context_open_ccache is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_string_t name = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	if (!err) {	
+		// make sure we have a default ccache
+		err = cc_context_open_default_ccache(context, &ccache);
+		if (err == ccErrCCacheNotFound) {
+			err = cc_context_create_default_ccache(context, cc_credentials_v5, "foo/bar@BAZ.ORG", &ccache);
+		}
+		if (!err) {
+			err = cc_ccache_release(ccache);
+			ccache = NULL;
+		}
+		
+		// try default ccache
+		err = cc_context_get_default_ccache_name(context, &name);
+		if (!err) {
+			err = check_once_cc_context_open_ccache(context, name->data, &ccache, ccNoError, NULL);
+		}
+
+		// try bad parameters
+		err = check_once_cc_context_open_ccache(context, NULL, &ccache, ccErrBadParam, NULL);
+		err = check_once_cc_context_open_ccache(context, name->data, NULL, ccErrBadParam, NULL);
+		
+		// try a ccache that doesn't exist (create one and then destroy it)
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+		if (!err) {
+			err = cc_ccache_get_name(ccache, &name);
+		}
+		if (!err) {
+			err = cc_ccache_destroy(ccache);
+			ccache = NULL;
+		}
+		
+		err = check_once_cc_context_open_ccache(context, name->data, &ccache, ccErrCCacheNotFound, NULL);
+	}
+	
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_context_open_ccache */
+	
+	END_TEST_AND_RETURN	
+}
+
+cc_int32 check_once_cc_context_open_ccache(cc_context_t context, const char *name, cc_ccache_t *ccache, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	cc_string_t stored_name = NULL;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_open_ccache
+	
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccErrBadName, 
+		ccErrInvalidContext, 
+		ccErrNoMem, 
+		ccErrCCacheNotFound, 
+		ccErrBadParam, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+		
+	if (ccache != NULL) { // if we were passed NULL, then we're looking to pass a bad param
+		err = cc_context_open_ccache(context, name, ccache);
+	} else {
+		err = cc_context_open_ccache(context, name, NULL);
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		check_if(*ccache == NULL, NULL);
+		
+		if (!err) {
+			err = cc_ccache_get_name(*ccache, &stored_name);
+		}
+		if (!err) { 
+			check_if(strcmp(stored_name->data, name), NULL); 
+		}
+		if (stored_name) { cc_string_release(stored_name); }
+		
+		
+		if (ccache && *ccache) {
+			cc_ccache_release(*ccache);
+			*ccache = NULL;
+		}
+	}
+	
+	#endif /* cc_context_open_ccache */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_open_default_ccache() {
+	BEGIN_TEST("cc_context_open_default_ccache");
+	
+	#ifndef cc_context_open_default_ccache
+	log_error("cc_context_open_default_ccache is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	if (!err) {	
+		// make sure we have a default ccache
+		err = cc_context_create_default_ccache(context, cc_credentials_v5, "foo/bar@BAZ.ORG", &ccache);
+		if (ccache) { cc_ccache_release(ccache); }
+		
+		// try default ccache
+		if (!err) {
+			err = check_once_cc_context_open_default_ccache(context, &ccache, ccNoError, NULL);
+		}
+		
+		// try bad parameters
+		err = check_once_cc_context_open_default_ccache(context, NULL, ccErrBadParam, NULL);
+		
+		// try with no default ccache (destroy all ccaches first)
+		err = destroy_all_ccaches(context);
+		
+		err = check_once_cc_context_open_default_ccache(context, &ccache, ccErrCCacheNotFound, NULL);
+	}
+	
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_context_open_default_ccache */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_context_open_default_ccache(cc_context_t context, cc_ccache_t *ccache, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	cc_string_t given_name = NULL;
+	cc_string_t default_name = NULL;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_open_default_ccache
+	
+	cc_int32 possible_return_values[5] = {
+		ccNoError, 
+		ccErrInvalidContext, 
+		ccErrNoMem, 
+		ccErrCCacheNotFound, 
+		ccErrBadParam, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+		
+	if (ccache != NULL) { // if we were passed NULL, then we're looking to pass a bad param
+		err = cc_context_open_default_ccache(context, ccache);
+	} else {
+		err = cc_context_open_default_ccache(context, NULL);
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		check_if(*ccache == NULL, NULL);
+		
+		// make sure this ccache is the one we were looking to get back (compare name with cc_context_get_default_ccache_name)
+		err = cc_ccache_get_name(*ccache, &given_name);
+		err = cc_context_get_default_ccache_name(context, &default_name);
+		if (given_name && default_name) {
+			check_if(strcmp(given_name->data, default_name->data), "name of ccache returned by cc_context_open_default_ccache doesn't match name returned by cc_context_get_default_ccache_name");
+		}
+		if (given_name) { cc_string_release(given_name); }
+		if (default_name) { cc_string_release(default_name); }
+		
+		if (ccache && *ccache) {
+			cc_ccache_release(*ccache);
+			*ccache = NULL;
+		}
+	}
+	
+	#endif /* cc_context_open_default_ccache */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_create_ccache() {
+	BEGIN_TEST("cc_context_create_ccache");
+	
+	#ifndef cc_context_create_ccache
+	log_error("cc_context_create_ccache is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_string_t name = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	if (!err) {	
+		// try making a ccache with a non-unique name (the existing default's name)
+		if (!err) {
+			err = cc_context_create_default_ccache(context, cc_credentials_v5, "foo/bar@BAZ.ORG", &ccache);
+		}
+		if (!err) {
+			err = cc_ccache_get_name(ccache, &name);
+		}
+		if (ccache) { cc_ccache_release(ccache); }
+		if (!err) {
+			err = check_once_cc_context_create_ccache(context, name->data, cc_credentials_v5, "foo@BAR.ORG", &ccache, ccNoError, NULL);
+		}
+		
+		// try making a ccache with a unique name (the now destroyed default's name)
+		if (ccache) { cc_ccache_destroy(ccache); }
+		if (!err) {
+			err = check_once_cc_context_create_ccache(context, name->data, cc_credentials_v5, "foo/baz@BAR.ORG", &ccache, ccNoError, NULL);
+		}
+				
+		// try bad parameters
+		err = check_once_cc_context_create_ccache(context, NULL, cc_credentials_v5, "foo@BAR.ORG", &ccache, ccErrBadName, "NULL name");                    // NULL name
+		err = check_once_cc_context_create_ccache(context, "name", cc_credentials_v4_v5, "foo@BAR.ORG", &ccache, ccErrBadCredentialsVersion, "invalid creds_vers"); // invalid creds_vers
+		err = check_once_cc_context_create_ccache(context, "name", cc_credentials_v5, NULL, &ccache, ccErrBadParam, "NULL principal");                          // NULL principal
+		err = check_once_cc_context_create_ccache(context, "name", cc_credentials_v5, "foo@BAR.ORG", NULL, ccErrBadParam, "NULL ccache");                    // NULL ccache
+	}
+	
+	if (name) { cc_string_release(name); }
+	if (ccache) { cc_ccache_destroy(ccache); }
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_context_create_ccache */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_context_create_ccache(cc_context_t context, const char *name, cc_uint32 cred_vers, const char *principal, cc_ccache_t *ccache, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	cc_string_t stored_name = NULL;
+	cc_string_t stored_principal = NULL;
+	cc_uint32 stored_creds_vers = 0;
+
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_create_ccache
+	
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccErrBadName, 
+		ccErrBadParam, 
+		ccErrInvalidContext, 
+		ccErrNoMem, 
+		ccErrBadCredentialsVersion, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+		
+	err = cc_context_create_ccache(context, name, cred_vers, principal, ccache);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		check_if(*ccache == NULL, NULL);
+		
+		// make sure all of the ccache's info matches what we gave it
+		// name
+		err = cc_ccache_get_name(*ccache, &stored_name);
+		if (!err) { check_if(strcmp(stored_name->data, name), NULL); }
+		if (stored_name) { cc_string_release(stored_name); }
+		// cred_vers
+		// FIXME Documented function name of cc_ccache_get_credentials_version is a typo.
+		// FIXME Documented type of creds param the wrong signedness (should be unsigned) for cc_ccache_get_credentials_version, cc_context_create_ccache, cc_context_create_default_ccache, cc_context_create_new_ccache
+		err = cc_ccache_get_credentials_version(*ccache, &stored_creds_vers);
+		if (!err) { check_if(stored_creds_vers != cred_vers, NULL); }
+		// principal
+		err = cc_ccache_get_principal(*ccache, cc_credentials_v5, &stored_principal);
+		if (!err) { check_if(strcmp(stored_principal->data, principal), NULL); }
+		if (stored_principal) { cc_string_release(stored_principal); }
+				
+		if (ccache && *ccache) {
+			cc_ccache_destroy(*ccache);
+			*ccache = NULL;
+		}
+	}
+	
+	#endif /* cc_context_create_ccache */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_create_default_ccache() {
+	BEGIN_TEST("cc_context_create_default_ccache");
+	
+	#ifndef cc_context_create_default_ccache
+	log_error("cc_context_create_default_ccache is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_string_t name = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	if (!err) {	
+		// try making the default when there are no existing ccaches
+		err = destroy_all_ccaches(context);
+		if (!err) {
+			err = check_once_cc_context_create_default_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache, ccNoError, NULL);
+		}
+		if (ccache) { cc_ccache_release(ccache); }
+		
+		// try making a new default when one already exists
+		if (!err) {
+			err = check_once_cc_context_create_default_ccache(context, cc_credentials_v5, "foo/baz@BAR.ORG", &ccache, ccNoError, NULL);
+		}
+		
+		// try bad parameters
+		err = check_once_cc_context_create_default_ccache(context, cc_credentials_v4_v5, "foo@BAR.ORG", &ccache, ccErrBadCredentialsVersion, "invalid creds_vers"); // invalid creds_vers
+		err = check_once_cc_context_create_default_ccache(context, cc_credentials_v5, NULL, &ccache, ccErrBadParam, "NULL principal");                          // NULL principal
+		err = check_once_cc_context_create_default_ccache(context, cc_credentials_v5, "foo@BAR.ORG", NULL, ccErrBadParam, "NULL ccache");                    // NULL ccache
+	}
+	
+	if (name) { cc_string_release(name); }
+	if (ccache) { cc_ccache_destroy(ccache); }
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_context_create_default_ccache */
+	
+	END_TEST_AND_RETURN	
+}
+
+cc_int32 check_once_cc_context_create_default_ccache(cc_context_t context, cc_uint32 cred_vers, const char *principal, cc_ccache_t *ccache, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	cc_string_t stored_principal = NULL;
+	cc_uint32 stored_creds_vers = 0;
+
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_create_default_ccache
+	
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccErrBadName, // how can this be possible when the name isn't a parameter?
+		ccErrBadParam, 
+		ccErrInvalidContext, 
+		ccErrNoMem, 
+		ccErrBadCredentialsVersion, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+		
+	err = cc_context_create_default_ccache(context, cred_vers, principal, ccache);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		if (ccache) { check_if(*ccache == NULL, NULL); }
+		// make sure all of the ccache's info matches what we gave it
+		// cred_vers
+		err = cc_ccache_get_credentials_version(*ccache, &stored_creds_vers);
+		if (!err) { check_if(stored_creds_vers != cred_vers, NULL); }
+		// principal
+		err = cc_ccache_get_principal(*ccache, cc_credentials_v5, &stored_principal);
+		if (!err) { check_if(strcmp(stored_principal->data, principal), NULL); }
+		if (stored_principal) { cc_string_release(stored_principal); }
+				
+		if (ccache && *ccache) {
+			cc_ccache_release(*ccache);
+			*ccache = NULL;
+		}
+	}
+	
+	#endif /* cc_context_create_default_ccache */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_create_new_ccache() {
+	BEGIN_TEST("cc_context_create_new_ccache");
+	
+	#ifndef cc_context_create_new_ccache
+	log_error("cc_context_create_new_ccache is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_string_t name = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	if (!err) {	
+		// try making when there are no existing ccaches (should have name of default)
+		err = destroy_all_ccaches(context);
+		if (!err) {
+			err = check_once_cc_context_create_new_ccache(context, 1, cc_credentials_v5, "foo@BAR.ORG", &ccache, ccNoError, NULL);
+		}
+		if (ccache) { cc_ccache_release(ccache); }
+		
+		// try making a new ccache when one already exists (should not have name of default)
+		if (!err) {
+			err = check_once_cc_context_create_new_ccache(context, 0, cc_credentials_v5, "foo/baz@BAR.ORG", &ccache, ccNoError, NULL);
+		}
+		if (ccache) { cc_ccache_release(ccache); }
+		
+		// try bad parameters
+		err = check_once_cc_context_create_new_ccache(context, 1, cc_credentials_v4_v5, "foo@BAR.ORG", &ccache, ccErrBadCredentialsVersion, "invalid creds_vers"); // invalid creds_vers
+		err = check_once_cc_context_create_new_ccache(context, 1, cc_credentials_v5, NULL, &ccache, ccErrBadParam, "NULL principal");                          // NULL principal
+		err = check_once_cc_context_create_new_ccache(context, 1, cc_credentials_v5, "foo@BAR.ORG", NULL, ccErrBadParam, "NULL ccache");                    // NULL ccache
+	}
+	
+	if (name) { cc_string_release(name); }
+	if (ccache) { cc_ccache_destroy(ccache); }
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_context_create_new_ccache */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_context_create_new_ccache(cc_context_t context, cc_int32 should_be_default, cc_uint32 cred_vers, const char *principal, cc_ccache_t *ccache, cc_int32 expected_err, const char *description) {
+	cc_int32 err = 0;
+	cc_string_t name = NULL;
+	cc_string_t stored_name = NULL;
+	cc_string_t stored_principal = NULL;
+	cc_uint32 stored_creds_vers = 0;
+	
+	BEGIN_CHECK_ONCE(description);
+	
+	#ifdef cc_context_create_new_ccache
+	
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccErrBadName, // how can this be possible when the name isn't a parameter?
+		ccErrBadParam, 
+		ccErrInvalidContext, 
+		ccErrNoMem, 
+		ccErrBadCredentialsVersion, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+		
+	err = cc_context_create_new_ccache(context, cred_vers, principal, ccache);
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	if (!err) {
+		if (ccache) { check_if(*ccache == NULL, NULL); }
+		// make sure all of the ccache's info matches what we gave it
+		if (!err) {
+			err = cc_context_get_default_ccache_name(context, &name);
+		}
+		if (!err) {
+			err = cc_ccache_get_name(*ccache, &stored_name);
+		}
+		if (!err) { 
+			if (should_be_default) {
+				check_if(strcmp(stored_name->data, name->data), "new ccache does not have name of default"); 
+			}
+			else {
+				check_if((strcmp(stored_name->data, name->data) == 0), "new cache has name of default"); 
+			}	
+		}
+		if (name) { cc_string_release(name); }
+		if (stored_name) { cc_string_release(stored_name); }
+		
+		// cred_vers
+		err = cc_ccache_get_credentials_version(*ccache, &stored_creds_vers);
+		if (!err) { check_if(stored_creds_vers != cred_vers, NULL); }
+		// principal
+		err = cc_ccache_get_principal(*ccache, cc_credentials_v5, &stored_principal);
+		if (!err) { check_if(strcmp(stored_principal->data, principal), NULL); }
+		if (stored_principal) { cc_string_release(stored_principal); }
+				
+		if (ccache && *ccache) {
+			cc_ccache_release(*ccache);
+			*ccache = NULL;
+		}
+	}
+	
+	#endif /* cc_context_create_new_ccache */
+	
+	END_CHECK_ONCE;
+	
+	return err;
+}
+
+int check_cc_context_new_ccache_iterator() {
+	BEGIN_TEST("cc_context_new_ccache_iterator");
+	
+	#ifndef cc_context_new_ccache_iterator
+	log_error("cc_context_new_ccache_iterator is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_string_t name = NULL;
+	cc_ccache_iterator_t iterator = NULL;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	if (!err) {	
+		err = destroy_all_ccaches(context);
+	}
+	if (!err) {	
+		// try making when there are no existing ccaches (shouldn't make a difference, but just in case)
+		check_once_cc_context_new_ccache_iterator(context, &iterator, ccNoError, "when there are no existing ccaches");
+	
+		err = cc_context_create_default_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (!err) {	
+		// try making when at least one ccache already exists (just to cover all our bases)
+		check_once_cc_context_new_ccache_iterator(context, &iterator, ccNoError, "when at least one ccache already exists");
+		
+		// try bad parameters
+		check_once_cc_context_new_ccache_iterator(context, NULL, ccErrBadParam, "NULL param"); // NULL iterator
+	}
+		// we'll do a comprehensive test of cc_ccache_iterator related functions later in the test suite
+	
+	if (name) { cc_string_release(name); }
+	if (ccache) { cc_ccache_destroy(ccache); }
+	if (context) { cc_context_release(context); }
+	
+	#endif /* cc_context_new_ccache_iterator */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_context_new_ccache_iterator(cc_context_t context, cc_ccache_iterator_t *iterator, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+
+	BEGIN_CHECK_ONCE(description);
+
+	#ifdef cc_context_create_new_ccache
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrBadParam, 
+		ccErrNoMem, 
+		ccErrInvalidContext, 
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	err = cc_context_new_ccache_iterator(context, iterator);
+		
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	// we'll do a comprehensive test of cc_ccache_iterator related functions later
+	
+	#endif /* cc_context_create_new_ccache */
+	
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+int check_cc_context_compare(){
+	BEGIN_TEST("cc_context_compare");
+	
+	#ifndef cc_context_compare
+	log_error("cc_context_compare is not implemented yet");
+	failure_count++;
+	#else
+	
+	cc_int32 err = 0;
+	cc_context_t context_a = NULL;
+	cc_context_t context_b = NULL;
+	cc_uint32 equal = 0;
+	
+	err = cc_initialize(&context_a, ccapi_version_3, NULL, NULL);
+	if (!err) {
+		err = cc_initialize(&context_b, ccapi_version_3, NULL, NULL);
+	}
+
+	check_once_cc_context_compare(context_a, context_a, &equal, ccNoError, "valid params, same contexts");
+	check_once_cc_context_compare(context_a, context_b, &equal, ccNoError, "valid params, different contexts");
+	check_once_cc_context_compare(context_a, NULL, &equal, ccErrInvalidContext, "NULL compare_to context");
+	check_once_cc_context_compare(context_a, context_b, NULL, ccErrBadParam, "NULL out param");
+
+	if (context_a) { cc_context_release(context_a); }
+	if (context_b) { cc_context_release(context_b); }
+	
+	#endif /* cc_context_compare */
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_context_compare(cc_context_t context, cc_context_t compare_to, cc_uint32 *equal, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+
+	BEGIN_CHECK_ONCE(description);
+
+	#ifdef cc_context_compare
+	
+	cc_int32 possible_return_values[4] = {
+		ccNoError, 
+		ccErrInvalidContext, 
+		ccErrBadParam, 
+		ccErrServerUnavailable,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+	
+	err = cc_context_compare(context, compare_to, equal);
+	
+	if (!err) {
+		*equal = 0;
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	#endif /* cc_context_compare */
+	
+	return err;
+}
diff --git a/src/ccapi/test/test_ccapi_context.h b/src/ccapi/test/test_ccapi_context.h
new file mode 100644
index 0000000000..e347692ea5
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_context.h
@@ -0,0 +1,34 @@
+#ifndef _TEST_CCAPI_CONTEXT_H_
+#define _TEST_CCAPI_CONTEXT_H_
+
+#include <Kerberos/CredentialsCache.h>
+
+int check_cc_initialize();
+cc_int32 check_once_cc_initialize(cc_context_t *out_context, cc_int32 in_version, cc_int32 *out_supported_version, char const **out_vendor, cc_int32 expected_err, const char *description);
+int check_cc_context_get_version();
+cc_int32 check_once_cc_context_get_version(cc_context_t *out_context, cc_int32 in_version, cc_int32 *out_supported_version, char const **out_vendor, cc_int32 expected_err, const char *description);
+int check_get_version();
+cc_int32 check_once_get_version(cc_context_t *out_context, cc_int32 in_version, cc_int32 *out_supported_version, char const **out_vendor, cc_int32 expected_err, const char *description);
+int check_cc_context_release();
+cc_int32 check_once_cc_context_release(cc_context_t *out_context, cc_int32 expected_err, const char *description);
+int check_cc_context_get_change_time();
+cc_int32 check_once_cc_context_get_change_time(cc_context_t context, cc_time_t *time, cc_int32 expected_err, const char *description);
+int check_cc_context_get_default_ccache_name();
+cc_int32 check_once_cc_context_get_default_ccache_name(cc_context_t context, cc_string_t *name, cc_int32 expected_err, const char *description);
+int check_cc_context_open_ccache();
+cc_int32 check_once_cc_context_open_ccache(cc_context_t context, const char *name, cc_ccache_t *ccache, cc_int32 expected_err, const char *description);
+int check_cc_context_open_default_ccache();
+cc_int32 check_once_cc_context_open_default_ccache(cc_context_t context, cc_ccache_t *ccache, cc_int32 expected_err, const char *description);
+int check_cc_context_create_ccache();
+cc_int32 check_once_cc_context_create_ccache(cc_context_t context, const char *name, cc_uint32 cred_vers, const char *principal, cc_ccache_t *ccache, cc_int32 expected_err, const char *description);
+int check_cc_context_create_default_ccache();
+cc_int32 check_once_cc_context_create_default_ccache(cc_context_t context, cc_uint32 cred_vers, const char *principal, cc_ccache_t *ccache, cc_int32 expected_err, const char *description);
+int check_cc_context_create_new_ccache();
+cc_int32 check_once_cc_context_create_new_ccache(cc_context_t context, cc_int32 should_be_default, cc_uint32 cred_vers, const char *principal, cc_ccache_t *ccache, cc_int32 expected_err, const char *description);
+int check_cc_context_new_ccache_iterator();
+cc_int32 check_once_cc_context_new_ccache_iterator(cc_context_t context, cc_ccache_iterator_t *iterator, cc_int32 expected_err, const char *description);
+
+int check_cc_context_compare();
+cc_int32 check_once_cc_context_compare(cc_context_t context, cc_context_t compare_to, cc_uint32 *equal, cc_int32 expected_err, const char *description);
+
+#endif /* _TEST_CCAPI_CONTEXT_H_ */
diff --git a/src/ccapi/test/test_ccapi_globals.c b/src/ccapi/test/test_ccapi_globals.c
new file mode 100644
index 0000000000..c508c188c1
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_globals.c
@@ -0,0 +1,62 @@
+#include "test_ccapi_globals.h"
+
+/* GLOBALS */
+unsigned int total_failure_count = 0;
+unsigned int failure_count = 0;
+
+const char *current_test_name;
+const char *current_test_activity;
+
+const char * ccapi_error_strings[30] = {
+	
+	"ccNoError",						/* 0 */
+	"ccIteratorEnd",					/* 201 */
+    "ccErrBadParam",
+    "ccErrNoMem",
+    "ccErrInvalidContext",
+    "ccErrInvalidCCache",
+
+    "ccErrInvalidString",				/* 206 */
+    "ccErrInvalidCredentials",
+    "ccErrInvalidCCacheIterator",
+    "ccErrInvalidCredentialsIterator",
+    "ccErrInvalidLock",
+
+    "ccErrBadName",						/* 211 */
+    "ccErrBadCredentialsVersion",
+    "ccErrBadAPIVersion",
+    "ccErrContextLocked",
+    "ccErrContextUnlocked",
+
+    "ccErrCCacheLocked",				/* 216 */
+    "ccErrCCacheUnlocked",
+    "ccErrBadLockType",
+    "ccErrNeverDefault",
+    "ccErrCredentialsNotFound",
+
+    "ccErrCCacheNotFound",				/* 221 */
+    "ccErrContextNotFound",
+    "ccErrServerUnavailable",
+    "ccErrServerInsecure",
+    "ccErrServerCantBecomeUID",
+    
+    "ccErrTimeOffsetNotSet",			/* 226 */
+    "ccErrBadInternalMessage",
+    "ccErrNotImplemented",
+	
+};
+
+const char *translate_ccapi_error(cc_int32 err) {
+	
+	if (err == 0) {
+		return ccapi_error_strings[0];
+	}
+	else if (err >= 201 && err <= 228){
+		return ccapi_error_strings[err - 200];
+	}
+	else {
+		return "\"Invalid or private CCAPI error\"";
+	}
+	
+	return "";
+}
\ No newline at end of file
diff --git a/src/ccapi/test/test_ccapi_globals.h b/src/ccapi/test/test_ccapi_globals.h
new file mode 100644
index 0000000000..cebfb63d87
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_globals.h
@@ -0,0 +1,47 @@
+#ifndef _TEST_CCAPI_GLOBALS_H_
+#define _TEST_CCAPI_GLOBALS_H_
+
+#include <Kerberos/CredentialsCache.h>
+
+/* GLOBALS */
+extern unsigned int total_failure_count;
+extern unsigned int failure_count;
+
+extern const char *current_test_name;
+extern const char *current_test_activity;
+
+extern const char * ccapi_error_strings[30];
+
+const char *translate_ccapi_error(cc_int32 err);
+
+#define T_CCAPI_INIT \
+		do { \
+			current_test_name = NULL; \
+			current_test_activity = NULL; \
+		} while( 0 )
+
+#define BEGIN_TEST(name) \
+		do { \
+			current_test_name = name; \
+			failure_count = 0; \
+			test_header(current_test_name);	\
+		} while( 0 )
+
+#define BEGIN_CHECK_ONCE(x) \
+		do { \
+			if (x) { \
+				current_test_activity = x; \
+			} \
+		} while( 0 )
+
+#define END_CHECK_ONCE \
+		do { \
+			current_test_activity = NULL; \
+		} while( 0 )
+
+#define END_TEST_AND_RETURN \
+		test_footer(current_test_name, failure_count); \
+		total_failure_count += failure_count; \
+		return failure_count;
+
+#endif /* _TEST_CCAPI_GLOBALS_H_ */
diff --git a/src/ccapi/test/test_ccapi_iterators.c b/src/ccapi/test/test_ccapi_iterators.c
new file mode 100644
index 0000000000..afc855687e
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_iterators.c
@@ -0,0 +1,244 @@
+#include "test_ccapi_iterators.h"
+#include "test_ccapi_check.h"
+#include "test_ccapi_util.h"
+
+
+// ---------------------------------------------------------------------------
+
+int check_cc_ccache_iterator_next() {
+	BEGIN_TEST("cc_ccache_iterator_next");
+		
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_ccache_iterator_t iterator = NULL;
+	unsigned int i;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	// iterate with no ccaches
+	if (!err) {
+		err = cc_context_new_ccache_iterator(context, &iterator);
+	}
+	check_once_cc_ccache_iterator_next(iterator, 0, ccNoError, "iterating over an empty collection");
+	if (iterator) {
+		cc_ccache_iterator_release(iterator);
+		iterator = NULL;
+	}
+	
+	// iterate with one ccache
+	if (!err) {
+		destroy_all_ccaches(context);
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (ccache) {
+		cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	if (!err) {
+		err = cc_context_new_ccache_iterator(context, &iterator);
+	}
+	check_once_cc_ccache_iterator_next(iterator, 1, ccNoError, "iterating over a collection of 1 ccache");
+	if (iterator) {
+		cc_ccache_iterator_release(iterator);
+		iterator = NULL;
+	}
+	
+	// iterate with several ccaches
+	if (!err) {
+		destroy_all_ccaches(context);
+	}
+	for(i = 0; !err && (i < 1000); i++)
+	{
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+		if (ccache) {
+			cc_ccache_release(ccache);
+			ccache = NULL;
+		}
+	}
+	if (!err) {
+		err = cc_context_new_ccache_iterator(context, &iterator);
+	}
+	check_once_cc_ccache_iterator_next(iterator, 1000, ccNoError, "iterating over a collection of 1000 ccache");
+	if (iterator) {
+		cc_ccache_iterator_release(iterator);
+		iterator = NULL;
+	}
+	
+
+	if (ccache) { cc_ccache_release(ccache); }
+	if (iterator) { cc_ccache_iterator_release(iterator); }
+	if (context) { 
+		destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_ccache_iterator_next(cc_ccache_iterator_t iterator, cc_uint32 expected_count, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+
+	BEGIN_CHECK_ONCE(description);
+
+	cc_int32 possible_return_values[6] = {
+		ccNoError, 
+		ccIteratorEnd, 
+		ccErrBadParam, 
+		ccErrNoMem, 
+		ccErrInvalidCCacheIterator, 
+		ccErrCCacheNotFound,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+
+	cc_ccache_t ccache = NULL;
+	cc_uint32 actual_count = 0;
+
+	while (!err) {
+		err = cc_ccache_iterator_next(iterator, &ccache);
+		if (ccache) {
+			actual_count++;
+			cc_ccache_release(ccache);
+			ccache = NULL;
+		}
+	}
+	if (err == ccIteratorEnd) {
+		err = ccNoError;
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	check_if(actual_count != expected_count, "iterator didn't iterate over all ccaches");
+
+	END_CHECK_ONCE;
+
+	return err;	
+}
+
+
+// ---------------------------------------------------------------------------
+
+int check_cc_credentials_iterator_next() {
+	BEGIN_TEST("cc_credentials_iterator_next");
+		
+	cc_int32 err = 0;
+	cc_context_t context = NULL;
+	cc_ccache_t ccache = NULL;
+	cc_credentials_union creds_union;
+	cc_credentials_iterator_t iterator = NULL;
+	unsigned int i;
+	
+	err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
+	
+	if (!err) {
+		err = destroy_all_ccaches(context);
+	}
+	
+	// iterate with no creds
+	if (!err) {
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (!err) {
+		err = cc_ccache_new_credentials_iterator(ccache, &iterator);
+	}
+	check_once_cc_credentials_iterator_next(iterator, 0, ccNoError, "iterating over an empty ccache");
+	if (iterator) {
+		cc_ccache_iterator_release(iterator);
+		iterator = NULL;
+	}
+	if (ccache) {
+		cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	
+	// iterate with one cred
+	if (!err) {
+		destroy_all_ccaches(context);
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	if (!err) {
+		new_v5_creds_union(&creds_union, "BAR.ORG");
+		err = cc_ccache_store_credentials(ccache, &creds_union);
+		release_v5_creds_union(&creds_union);
+	}
+	if (!err) {
+		err = cc_ccache_new_credentials_iterator(ccache, &iterator);
+	}
+	check_once_cc_credentials_iterator_next(iterator, 1, ccNoError, "iterating over a ccache with 1 cred");
+	if (iterator) {
+		cc_credentials_iterator_release(iterator);
+		iterator = NULL;
+	}
+	if (ccache) {
+		cc_ccache_release(ccache);
+		ccache = NULL;
+	}
+	
+	// iterate with several creds
+	if (!err) {
+		destroy_all_ccaches(context);
+		err = cc_context_create_new_ccache(context, cc_credentials_v5, "foo@BAR.ORG", &ccache);
+	}
+	for(i = 0; !err && (i < 1000); i++) {
+		new_v5_creds_union(&creds_union, "BAR.ORG");
+		err = cc_ccache_store_credentials(ccache, &creds_union);
+		release_v5_creds_union(&creds_union);
+	}
+	if (!err) {
+		err = cc_ccache_new_credentials_iterator(ccache, &iterator);
+	}
+	check_once_cc_credentials_iterator_next(iterator, 1000, ccNoError, "iterating over a ccache with 1000 creds");	
+
+	if (ccache) { cc_ccache_release(ccache); }
+	if (iterator) { cc_credentials_iterator_release(iterator); }
+	if (context) { 
+		destroy_all_ccaches(context);
+		cc_context_release(context);
+	}
+	
+	END_TEST_AND_RETURN
+}
+
+cc_int32 check_once_cc_credentials_iterator_next(cc_credentials_iterator_t iterator, cc_uint32 expected_count, cc_int32 expected_err, const char *description) {
+	cc_int32 err = ccNoError;
+
+	BEGIN_CHECK_ONCE(description);
+
+	cc_int32 possible_return_values[5] = {
+		ccNoError, 
+		ccIteratorEnd, 
+		ccErrBadParam, 
+		ccErrNoMem, 
+		ccErrInvalidCredentialsIterator,
+	};
+	#define possible_ret_val_count sizeof(possible_return_values)/sizeof(possible_return_values[0])
+
+	cc_credentials_t creds = NULL;
+	cc_uint32 actual_count = 0;
+
+	while (!err) {
+		err = cc_credentials_iterator_next(iterator, &creds);
+		if (creds) {
+			actual_count++;
+			cc_credentials_release(creds);
+			creds = NULL;
+		}
+	}
+	if (err == ccIteratorEnd) {
+		err = ccNoError;
+	}
+	
+	// check returned error
+	check_err(err, expected_err, possible_return_values);
+	
+	check_if(actual_count != expected_count, "iterator didn't iterate over all ccaches");
+
+	END_CHECK_ONCE;
+
+	return err;	
+}
\ No newline at end of file
diff --git a/src/ccapi/test/test_ccapi_iterators.h b/src/ccapi/test/test_ccapi_iterators.h
new file mode 100644
index 0000000000..4ce81982d4
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_iterators.h
@@ -0,0 +1,12 @@
+#ifndef _TEST_CCAPI_ITERATORS_H_
+#define _TEST_CCAPI_ITERATORS_H_
+
+#include <Kerberos/CredentialsCache.h>
+
+int check_cc_ccache_iterator_next();
+cc_int32 check_once_cc_ccache_iterator_next(cc_ccache_iterator_t iterator, cc_uint32 expected_count, cc_int32 expected_err, const char *description);
+
+int check_cc_credentials_iterator_next();
+cc_int32 check_once_cc_credentials_iterator_next(cc_credentials_iterator_t iterator, cc_uint32 expected_count, cc_int32 expected_err, const char *description);
+
+#endif /* _TEST_CCAPI_ITERATORS_H_ */
diff --git a/src/ccapi/test/test_ccapi_log.c b/src/ccapi/test/test_ccapi_log.c
new file mode 100644
index 0000000000..95a467ad6f
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_log.c
@@ -0,0 +1,45 @@
+#ifndef _TEST_CCAPI_LOG_C_
+#define _TEST_CCAPI_LOG_C_
+
+#include "test_ccapi_log.h"
+
+void _log_error_v(const char *file, int line, const char *format, va_list ap)
+{
+	fprintf(stdout, "\n\t%s:%d: ", file, line);
+	if (!format) {
+		fprintf(stdout, "An unknown error occurred", file, line);
+	} else {
+		vfprintf(stdout, format, ap);
+	}
+	fflush(stdout);
+}
+
+void _log_error(const char *file, int line, const char *format, ...)
+{	
+	va_list ap;
+	va_start(ap, format);
+	_log_error_v(file, line, format, ap);
+	va_end(ap);
+}
+
+void test_header(const char *msg) {
+	if (msg != NULL) {
+		fprintf(stdout, "\nChecking %s... ", msg);
+		fflush(stdout);
+	}
+}
+
+void test_footer(const char *msg, int err) {
+	if (msg != NULL) {
+		if (!err) {
+			fprintf(stdout, "OK\n");
+		}
+		else {
+			fprintf(stdout, "\n*** %d failure%s in %s ***\n", err, (err == 1) ? "" : "s", msg);
+		}		
+	}
+}
+
+
+
+#endif /* _TEST_CCAPI_LOG_C_ */
diff --git a/src/ccapi/test/test_ccapi_log.h b/src/ccapi/test/test_ccapi_log.h
new file mode 100644
index 0000000000..abb79d593a
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_log.h
@@ -0,0 +1,17 @@
+#ifndef _TEST_CCAPI_LOG_H_
+#define _TEST_CCAPI_LOG_H_
+
+#include <stdio.h>
+#include <stdarg.h>
+#include "test_ccapi_globals.h"
+
+#define log_error(format, ...) \
+		_log_error(__FILE__, __LINE__, format , ## __VA_ARGS__)
+
+void _log_error_v(const char *file, int line, const char *format, va_list ap);
+void _log_error(const char *file, int line, const char *format, ...) __attribute__ ((format (printf, 3, 4)));
+
+void test_header(const char *msg);
+void test_footer(const char *msg, int err);
+
+#endif /* _TEST_CCAPI_LOG_H_ */
diff --git a/src/ccapi/test/test_ccapi_util.c b/src/ccapi/test/test_ccapi_util.c
new file mode 100644
index 0000000000..d7dc3e1051
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_util.c
@@ -0,0 +1,140 @@
+#include <string.h>
+#include <time.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <krb5.h>
+#include "test_ccapi_util.h"
+
+
+// ---------------------------------------------------------------------------
+
+cc_int32 destroy_all_ccaches(cc_context_t context) {
+	cc_int32 err = ccNoError;
+	cc_ccache_t ccache = NULL;
+	
+	while (!err) {
+		err = cc_context_open_default_ccache(context, &ccache);
+		if (!err) {
+			err = cc_ccache_destroy(ccache);
+		}
+	}
+	if (err == ccErrCCacheNotFound) {
+		err = ccNoError;
+	}
+	else {
+		log_error("cc_context_open_default_ccache or cc_ccache_destroy failed with %s (%d)", translate_ccapi_error(err), err);
+	}
+
+	return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+cc_int32 new_v5_creds_union (cc_credentials_union *out_union, const char *realm)
+{
+    cc_int32 err = ccNoError;
+    cc_credentials_union *cred_union = NULL;
+	cc_credentials_v5_t *v5creds = NULL;
+    static num_runs = 1;
+	char *client = NULL;
+	char *server = NULL;
+	
+    if (!out_union) { err = ccErrBadParam; }
+    
+	if (!err) {
+		v5creds = malloc (sizeof (*v5creds));
+		if (!v5creds) {
+			err = ccErrNoMem;
+		}
+	}
+
+	if (!err) {
+		asprintf(&client, "client@%s", realm);
+		asprintf(&server, "host/%d%s@%s", num_runs++, realm, realm);
+		if (!client || !server) {
+			err = ccErrNoMem;
+		}
+	}
+
+	if (!err) {
+		v5creds->client = client;
+		v5creds->server = server;
+		v5creds->keyblock.type = 1;
+		v5creds->keyblock.length = 0;
+		v5creds->keyblock.data = NULL;
+		v5creds->authtime = time (NULL);
+		v5creds->starttime = time (NULL);
+		v5creds->endtime = time(NULL) + 1000;
+		v5creds->renew_till = time(NULL) + 10000;
+		v5creds->is_skey = 0;
+		v5creds->ticket_flags = TKT_FLG_FORWARDABLE | TKT_FLG_PROXIABLE | TKT_FLG_RENEWABLE | TKT_FLG_INITIAL;
+		v5creds->addresses = NULL;
+		v5creds->ticket.type = 0;
+		v5creds->ticket.length = 0;
+		v5creds->ticket.data = NULL;
+		v5creds->second_ticket.type = 0;
+		v5creds->second_ticket.length = 0;
+		v5creds->second_ticket.data = NULL;
+		v5creds->authdata = NULL;
+	}
+	
+	
+    if (!err) {
+        cred_union = malloc (sizeof (*cred_union));
+        if (cred_union) { 
+			cred_union->version = cc_credentials_v5;
+			cred_union->credentials.credentials_v5 = v5creds;
+        } else { 
+            err = ccErrNoMem; 
+        }
+    }
+	if (!err) {
+		*out_union = *cred_union;
+		cred_union = NULL;
+	}
+    
+    return err;
+}
+
+
+// ---------------------------------------------------------------------------
+
+void release_v5_creds_union(cc_credentials_union *creds_union) {
+	cc_credentials_v5_t *v5creds = NULL;
+	
+	if (creds_union) {
+		if (creds_union->credentials.credentials_v5) {
+			v5creds = creds_union->credentials.credentials_v5;
+			if (v5creds->client) { free(v5creds->client); }
+			if (v5creds->server) { free(v5creds->server); }
+			if (v5creds->keyblock.data) { free(v5creds->keyblock.data); }
+			if (v5creds->ticket.data) { free(v5creds->ticket.data); }
+			if (v5creds->second_ticket.data) { free(v5creds->second_ticket.data); }
+			free(v5creds);
+		}		
+		//free(creds_union);
+	}
+}
+
+
+// ---------------------------------------------------------------------------
+
+// return zero when both unions are considered equal, non-zero when not
+
+int compare_v5_creds_unions(const cc_credentials_union *a, const cc_credentials_union *b) {
+	int retval = -1;
+	
+	if (a && 
+		b &&
+		(a->version == cc_credentials_v5) &&
+		(a->version == b->version) && 
+		(strcmp(a->credentials.credentials_v5->client, b->credentials.credentials_v5->client) == 0) && 
+		(strcmp(a->credentials.credentials_v5->server, b->credentials.credentials_v5->server) == 0)) 
+	{
+		retval = 0;
+	}
+	
+	return retval;
+}
\ No newline at end of file
diff --git a/src/ccapi/test/test_ccapi_util.h b/src/ccapi/test/test_ccapi_util.h
new file mode 100644
index 0000000000..8c9e51e515
--- /dev/null
+++ b/src/ccapi/test/test_ccapi_util.h
@@ -0,0 +1,14 @@
+#ifndef _TEST_CCAPI_UTIL_H_
+#define _TEST_CCAPI_UTIL_H_
+
+#include <Kerberos/CredentialsCache.h>
+#include "test_ccapi_globals.h"
+#include "test_ccapi_log.h"
+
+cc_int32 destroy_all_ccaches(cc_context_t context);
+
+cc_int32 new_v5_creds_union(cc_credentials_union *out_union, const char *realm);
+void release_v5_creds_union(cc_credentials_union *creds_union);
+int compare_v5_creds_unions(const cc_credentials_union *a, const cc_credentials_union *b);
+
+#endif /* _TEST_CCAPI_UTIL_H_ */
diff --git a/src/ccapi/test/test_constants.c b/src/ccapi/test/test_constants.c
new file mode 100644
index 0000000000..9f52e74b42
--- /dev/null
+++ b/src/ccapi/test/test_constants.c
@@ -0,0 +1,16 @@
+#include <stdio.h>
+#include <limits.h>
+#include <Kerberos/Kerberos.h>
+
+#include "test_ccapi_check.h"
+#include "test_ccapi_constants.h"
+#include "test_ccapi_context.h"
+#include "test_ccapi_ccache.h"
+
+int main (int argc, const char * argv[]) {
+    
+	cc_int32 err = ccNoError;
+	T_CCAPI_INIT;
+	err = check_constants();
+    return err;
+}