diff options
Diffstat (limited to 'src/lib/kadm5/unit-test/api.0')
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/chpass-principal.exp | 176 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/crte-policy.exp | 991 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/crte-principal.exp | 1330 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/destroy.exp | 203 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/dlte-policy.exp | 207 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/dlte-principal.exp | 329 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/get-policy.exp | 199 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/get-principal.exp | 346 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/init.exp | 727 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/mod-policy.exp | 703 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/mod-principal.exp | 1942 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/randkey-principal.exp | 319 | ||||
-rw-r--r-- | src/lib/kadm5/unit-test/api.0/rename-principal.exp | 509 |
13 files changed, 7981 insertions, 0 deletions
diff --git a/src/lib/kadm5/unit-test/api.0/chpass-principal.exp b/src/lib/kadm5/unit-test/api.0/chpass-principal.exp new file mode 100644 index 0000000000..12fa3b9d16 --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/chpass-principal.exp @@ -0,0 +1,176 @@ +source lib.t +api_exit +api_start + +test "chpass-principal 180" +proc test180 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [create_principal_pol "$test/a" once-a-min]} { + error_and_restart "$test: creating principal" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_chpass_principal $server_handle "%s/a" FoobarBax + } $test] + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } { test180 } + +test "chpass-principal 180.5" +proc test1805 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [create_principal_pol "$test/a" once-a-min]} { + error_and_restart "$test: creating principal" + return + } + + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_chpass_principal $server_handle "%s/a" FoobarBax + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } { test1805 } + +# +# admin with changepw service tickets try to change other principals +# password, failes with AUTH error +test "chpass-principal 180.625" +proc test180625 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_chpass_principal $server_handle "%s/a" password + } $test] "AUTH" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test180625 } + +test "chpass-principal 180.75" +proc test18075 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [create_principal_pol "$test/a" once-a-min]} { + error_and_restart "$test: creating principal" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_chpass_principal $server_handle "%s/a" Foobar + } $test] "AUTH_CHANGEPW" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } { test18075 } + +test "chpass-principal 182" +proc test182 {} { + global test + + if { ! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_chpass_principal $server_handle kadmin/history password + } "PROTECT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test182 + +test "chpass-principal 183" +proc test183 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if { ! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_chpass_principal null "%s/a" password + } $test] "BAD_SERVER_HANDLE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test183 + +return "" diff --git a/src/lib/kadm5/unit-test/api.0/crte-policy.exp b/src/lib/kadm5/unit-test/api.0/crte-policy.exp new file mode 100644 index 0000000000..dbf4f1cbc1 --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/crte-policy.exp @@ -0,0 +1,991 @@ +source lib.t +api_exit +api_start + +# Description: (1) Fails for mask with undefined bit set. +# 01/24/94: pshuang: untried. +test "create-policy 1" +proc test1 {} { + global test + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete policy \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + 0xF01000 + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test1 + +# Description: (2) Fails if caller connected with CHANGEPW_SERVICE. +test "create-policy 2" +proc test2 {} { + global test + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY} + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy"; + return + } +} +if {$RPC} { test2 } + +# Description: (3) Fails for mask without POLICY bit set. +# 01/24/94: pshuang: untried. +test "create-policy 3" +proc test3 {} { + global test + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete policy \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + 0x000000 + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test3 + +# Description: (4) Fails for mask with REF_COUNT bit set. +test "create-policy 4" +proc test4 {} { + global test + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete policy \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY OVSEC_KADM_REF_COUNT} + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test4 + +# Description: (5) Fails for invalid policy name. +# 01/24/94: pshuang: untried. +test "create-policy 5" +proc test5 {} { + global test + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/"] \ + {OVSEC_KADM_POLICY} + } $test] "BAD_POLICY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test5 + +# Description: (6) Fails for existing policy name. +test "create-policy 6" +proc test6 {} { + global test +# set prms_id 777 +# setup_xfail {*-*-*} $prms_id + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_create_policy $server_handle [simple_policy test-pol] \ + {OVSEC_KADM_POLICY} + } "DUP" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test6 + +# Description: (7) Fails for null policy name. +# 01/24/94: pshuang: untried. +test "create-policy 7" +proc test7 {} { + global test +# set prms_id 1977 +# setup_xfail {*-*-*} $prms_id + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_create_policy $server_handle [simple_policy null] \ + {OVSEC_KADM_POLICY} + } "EINVAL" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test7 + +# Description: (8) Fails for empty-string policy name. +test "create-policy 8" +proc test8 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_create_policy $server_handle [simple_policy ""] \ + {OVSEC_KADM_POLICY} + } "BAD_POLICY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test8 + +# Description: (9) Accepts 0 for pw_min_life. +test "create-policy 9" +proc test9 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE} + } $test]]} { + fail "$test: create failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 1\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test9 + +# Description: (10) Accepts non-zero for pw_min_life. +test "create-policy 10" +proc test10 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 32 0 0 0 0 0 } \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LIFE} + } $test]]} { + fail "$test" + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retreuve policy" + return + } + send "lindex \$policy 1\n" + expect { + -re "32\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test10 + +# Description: (11) Accepts 0 for pw_max_life. +test "create-policy 11" +proc test11 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MAX_LIFE} + } $test]]} { + fail "$test" + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retreuve policy" + return + } + send "lindex \$policy 2\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test11 + +# Description: (12) Accepts non-zero for pw_max_life. +test "create-policy 12" +proc test12 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 0 32 0 0 0 0 } \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MAX_LIFE} + } $test]]} { + fail "$test" + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retreuve policy" + return + } + send "lindex \$policy 2\n" + expect { + -re "32\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test12 + +# Description: (13) Rejects 0 for pw_min_length. +test "create-policy 13" +proc test13 {} { + global test + global prompt + + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH} + } $test] "BAD_LENGTH" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test13 + +# Description: (14) Accepts non-zero for pw_min_length. +test "create-policy 14" +proc test14 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 8 0 0 0 } \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_LENGTH} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retreuve policy" + return + } + send "lindex \$policy 3\n" + expect { + -re "8\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test14 + +# Description: (15) Rejects 0 for pw_min_classes. +test "create-policy 15" +proc test15 {} { + global test + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES} + } $test] "BAD_CLASS" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test15 + +# Description: (16) Accepts 1 for pw_min_classes. +test "create-policy 16" +proc test16 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 1 0 0 } \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retreuve policy" + return + } + send "lindex \$policy 4\n" + expect { + -re "1\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test16 + +# Description: (17) Accepts 4 for pw_min_classes. +test "create-policy 17" +proc test17 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 5 0 0} \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retreuve policy" + return + } + send "lindex \$policy 4\n" + expect { + -re "5\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test17 + +# Description: (18) Rejects 5 for pw_min_classes. +test "create-policy 18" +proc test18 {} { + global test + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 6 0 0} \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_MIN_CLASSES} + } $test] "BAD_CLASS" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test18 + +# Description: (19) Rejects 0 for pw_history_num. +test "create-policy 19" +proc test19 {} { + global test + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM} + } $test] "BAD_HISTORY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test19 + +# Description: (20) Accepts 1 for pw_history_num. +test "create-policy 20" +proc test20 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 1 0} \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retreuve policy" + return + } + send "lindex \$policy 5\n" + expect { + -re "1\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test20 + +# Description: (21) Accepts 10 for pw_history_num. +test "create-policy 21" +proc test21 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 10 0} \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 5\n" + expect { + -re "10\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test21 + +# Description: (21.5) Rejects 11 for pw_history_num. +# 01/24/94: pshuang: untried. + +test "create-policy 21.5" +proc test215 {} { + global test + global prompt + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle {"%s/a" 0 0 0 0 11 0} \ + {OVSEC_KADM_POLICY OVSEC_KADM_PW_HISTORY_NUM} + } $test] "BAD_HISTORY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test215 + + +# Description: (22) Fails for user with no access bits. +test "create-policy 22" +proc test22 {} { + global test + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY} + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} test22 + +# Description: (23) Fails for user with "get" but not "add". +test "create-policy 23" +proc test23 {} { + global test + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY} + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} test23 + +# Description: (24) Fails for user with "modify" but not "add". +# 01/24/94: pshuang: untried. +test "create-policy 24" +proc test24 {} { + global test + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY} + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} test24 + +# Description: (25) Fails for user with "delete" but not "add". +# 01/24/94: pshuang: untried. +test "create-policy 25" +proc test25 {} { + global test + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY} + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} test25 + +# Description: Succeeds for user with "add". +test "create-policy 26" +proc test26 {} { + global test + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY} + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test26 + +# Description: Succeeds for user with "get" and "add". +# 01/24/94: pshuang: untried. +test "create-policy 27" +proc test27 {} { + global test + + if {! (( ! [policy_exists "$test/a"]) || + [delete_policy "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/get-add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_create_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY} + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test27 + +# Description: (28) Rejects null policy argument. +# 01/24/94: pshuang: untried. +test "create-policy 28" +proc test28 {} { + global test + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_create_policy $server_handle null {OVSEC_KADM_POLICY} + } "EINVAL" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test28 + +test "create-policy 30" +proc test30 {} { + global test + one_line_fail_test [format { + ovsec_kadm_create_policy null [simple_policy "%s/a"] \ + {OVSEC_KADM_POLICY} + } $test] "BAD_SERVER_HANDLE" +} +test30 + +return "" diff --git a/src/lib/kadm5/unit-test/api.0/crte-principal.exp b/src/lib/kadm5/unit-test/api.0/crte-principal.exp new file mode 100644 index 0000000000..12c300793a --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/crte-principal.exp @@ -0,0 +1,1330 @@ +source lib.t +api_exit +api_start + +#test "create-principal 1" +# +#proc test1 {} { +# global test +# begin_dump +# one_line_fail_test [format { +# ovsec_kadm_create_principal $server_handle \ +# [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a" +# } $test $test] "NOT_INIT" +# end_dump_compare "no-diffs" +#} +#test1 + +test "create-principal 2" + +proc test2 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_create_principal $server_handle null \ + {OVSEC_KADM_PRINCIPAL} testpass + } "EINVAL" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test2 + +test "create-principal 3" +proc test3 {} { + global test +# set prms_id 777 +# setup_xfail {*-*-*} $prms_id + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} null + } $test] "EINVAL" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test3 + +test "create-principal 4" +proc test4 {} { + global test + + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} "" + } $test] "_Q_TOOSHORT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test4 + +test "create-principal 5" +proc test5 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle \ + [simple_principal "%s/a"] {0x100001} "%s/a" + } $test $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test5 + +test "create-principal 6" +proc test6 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_LAST_PWD_CHANGE} "%s/a" + } $test $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test6 + +test "create-principal 7" +proc test7 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_MOD_TIME} "%s/a" + } $test $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test7 + +test "create-principal 8" +proc test8 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_MOD_NAME} "%s/a" + } $test $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test8 + +test "create-principal 9" +proc test9 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_MKVNO} "%s/a" + } $test $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test9 + +test "create-principal 10" +proc test10 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_AUX_ATTRIBUTES} "%s/a" + } $test $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test10 + +test "create-principal 11" +proc test11 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_POLICY_CLR} "%s/a" + } $test $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test11 + +test "create-principal 12" +proc test12 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} testpass + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" + +} +if {$RPC} { test12 } + +test "create-principal 13" +proc test13 {} { + global test + begin_dump + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} testpass + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +if {$RPC} { test13 } + +test "create-principal 14" +proc test14 {} { + global test + begin_dump + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} testpass + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +if {$RPC} { test14 } + +test "create-principal 15" +proc test15 {} { + global test + begin_dump + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} testpass + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +if {$RPC} { test15 } + +test "create-principal 16" +proc test16 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} testpass + } $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +if {$RPC} { test16 } + +test "create-principal 17" +proc test17 {} { + global test + + begin_dump + if {! (( [principal_exists "$test/a"]) || [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} testpass + } $test] "DUP" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test17 + +test "create-principal 18" +proc test18 {} { + global test + + begin_dump + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle \ + [princ_w_pol "%s/a" test-pol] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} tP + } $test] "_Q_TOOSHORT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test18 + +test "create-principal 19" +proc test19 {} { + global test + + begin_dump + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle \ + [princ_w_pol "%s/a" test-pol] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} testpassword + } $test] "_Q_CLASS" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test19 + +test "create-principal 20" +proc test20 {} { + global test + + begin_dump + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle \ + [princ_w_pol "%s/a" test-pol] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} Abyssinia + } $test] "_Q_DICT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test20 + +test "create-principal 21" +proc test21 {} { + global test + + begin_dump + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_create_principal $server_handle \ + [princ_w_pol "%s/a" non-existant-pol] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} NotinTheDictionary + } $test] "UNK_POLICY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + end_dump_compare "no-diffs" +} +test21 + +test "create-principal 23" +proc test23 {} { + global test + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + one_line_succeed_test \ + [format {ovsec_kadm_get_principal $server_handle "%s/a" p} $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test23 + +test "create-principal 24" +proc test24 {} { + global test + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + one_line_succeed_test \ + [format {ovsec_kadm_get_principal $server_handle "%s/a" p} $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test24 } + + +test "create-principal 28" +proc test28 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle \ + [princ_w_pol "%s/a" test-pol] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return + } + send "lindex \$principal 10\n" + expect { + -re "test-pol.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test28 + +test "create-principal 29" +proc test29 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PRINC_EXPIRE_TIME} \ + inTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 1\n" + expect { + -re "0.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test29 + +test "create-principal 30" +proc test30 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \ + NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 3\n" + expect { + -re "0.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test30 + +test "create-principal 31" +proc test31 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle \ + [princ_w_pol "%s/a" test-pol-nopw] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ + OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 3\n" + expect { + -re "0.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test31 + +test "create-principal 32" +proc test32 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle \ + [princ_w_pol "%s/a" test-pol] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ + OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} { + error_and_restart "$test: cannot retrieve policy" + return + } + + send "lindex \$principal 6\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting mod_date" + return + } + eof { + error_and_restart "$test: eof getting mod_date" + return + } + } + + send "lindex \$principal 3\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_expire" + return + } + eof { + error_and_restart "$test: eof getting pw_expire" + return + } + } + + send "lindex \$policy 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_max_life" + return + } + eof { + error_and_restart "$test: eof getting pw_max_life" + return + } + } + if { [expr "$mod_date + $pw_max_life - $pw_expire"] > 5 } { + fail "$test: pw_expire is wrong" + return + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test32 + +test "create-principal 33" +proc test33 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle \ + {"%s/a" 0 0 1234 0 null 0 0 0 0 null 0} \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \ + NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 3\n" + expect { + -re "1234.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test33 + +test "create-principal 34" +proc test34 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle \ + { "%s/a" 0 0 1234 0 null 0 0 0 0 test-pol-nopw 0} \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ + OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 3\n" + expect { + -re "1234.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test34 + +test "create-principal 35" +proc test35 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle \ + {"%s/a" 0 0 1234 0 null 0 0 0 0 test-pol 0} \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ + OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 3\n" + expect { + -re "1234.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test35 + +test "create-principal 36" +proc test36 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle \ + {"%s/a" 0 0 999999999 0 null 0 0 0 0 test-pol 0} \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY \ + OVSEC_KADM_PW_EXPIRATION} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy} ]} { + error_and_restart "$test: cannot retrieve policy" + return + } + + send "lindex \$principal 6\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting mod_date" + return + } + eof { + error_and_restart "$test: eof getting mod_date" + return + } + } + + send "lindex \$principal 3\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_expire" + return + } + eof { + error_and_restart "$test: eof getting pw_expire" + return + } + } + + send "lindex \$policy 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_max_life" + return + } + eof { + error_and_restart "$test: eof getting pw_max_life" + return + } + } + if { [expr "$mod_date + $pw_max_life - $pw_expire"] > 5 } { + fail "$test: pw_expire is wrong" + return + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test36 + +test "create-principal 37" +proc test37 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 3\n" + expect { + -re "0.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test37 + +test "create-principal 38" +proc test38 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \ + test-pol-nopw] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \ + NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 3\n" + expect { + -re "0.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test38 + +test "create-principal 39" +proc test39 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \ + test-pol] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \ + NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if { ! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: cannot not retrieve principal" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} { + error_and_restart "$test: cannot retrieve policy" + return + } + send "lindex \$principal 6\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting mod_date" + return + } + eof { + error_and_restart "$test: eof getting mod_date" + return + } + } + + send "lindex \$principal 3\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_expire" + return + } + eof { + error_and_restart "$test: eof getting pw_expire" + return + } + } + + send "lindex \$policy 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_max_life" + return + } + eof { + error_and_restart "$test: eof getting pw_max_life" + return + } + } + if { [expr "$mod_date + $pw_max_life - $pw_expire"] > 5 } { + fail "$test: pw_expire is wrong" + return + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test39 + +test "create-principal 40" +proc test40 {} { + global test + global prompt + + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL OVSEC_KADM_PW_EXPIRATION} \ + NotinTheDictionary + } $test]]} { + fail "$test: can not create principal" + return; + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + fail "$test: can not retreive principal" + return; + } + send "lindex \$principal 4\n" + expect { + -re "0.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test40 + +test "create-principal 43" +proc test43 {} { + global test + one_line_fail_test [format { + ovsec_kadm_create_principal null \ + [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a" + } $test $test] "BAD_SERVER_HANDLE" +} +test43 + +return "" diff --git a/src/lib/kadm5/unit-test/api.0/destroy.exp b/src/lib/kadm5/unit-test/api.0/destroy.exp new file mode 100644 index 0000000000..31b8447861 --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/destroy.exp @@ -0,0 +1,203 @@ +source lib.t +api_exit +api_start + +test "destroy 1" + +proc test1 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test {ovsec_kadm_destroy $server_handle} + end_dump_compare "no-diffs" +} +test1 + +#test "destroy 2" +# +#proc test2 {} { +# global test +# begin_dump +# if {! [cmd { +# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# }]} { +# error "$test: unexpected failure on init" +# return +# } +# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { +# error_and_restart "$test: couldn't close database" +# return +# } +# one_line_fail_test \ +# {ovsec_kadm_get_principal $server_handle admin principal} \ +# "NOT_INIT" +# end_dump_compare "no-diffs" +#} +#test2 + +#test "destroy 3" +#proc test3 {} { +# global test +# +# begin_dump +# if {! (( ! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} { +# error_and_restart "$test couldn't delete principal \"$test/a\"" +# return +# } +# if {! [cmd { +# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# }]} { +# error "$test: unexpected failure on init" +# return +# } +# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { +# error_and_restart "$test: couldn't close database" +# return +# } +# one_line_fail_test [format { +# ovsec_kadm_create_principal $server_handle \ +# [simple_principal "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a" +# } $test $test] "NOT_INIT" +# end_dump_compare "no-diffs" +#} +#test3 + +#test "destroy 4" +#proc test4 {} { +# global test prompt +# +# if {! (([principal_exists "$test/a"]) || [create_principal "$test/a"])} { +# error_and_restart "$test: couldn't create principal \"$test/a\"" +# return +# } +# begin_dump +# if {! ([cmd { +# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# }] && +# [cmd [format { +# ovsec_kadm_get_principal $server_handle "%s/a" principal +# } $test]])} { +# error_and_restart "$test: error getting principal" +# return; +# } +# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { +# error_and_restart "$test: couldn't close database" +# return +# } +# one_line_fail_test [format { +# ovsec_kadm_modify_principal $server_handle \ +# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {OVSEC_KADM_KVNO} +# } $test "77"] "NOT_INIT" +# end_dump_compare "no-diffs" +#} +#test4 + +#test "destroy 5" +# +#proc test5 {} { +# global test +# +# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { +# error_and_restart "$test: couldn't create principal \"$test/a\"" +# return +# } +# begin_dump +# if {! [cmd { +# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# }]} { +# error "$test: unexpected failure on init" +# return +# } +# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { +# error_and_restart "$test: couldn't close database" +# return +# } +# one_line_fail_test [format { +# ovsec_kadm_delete_principal $server_handle "%s/a" +# } $test] "NOT_INIT" +# end_dump_compare "no-diffs" +#} +#test5 + +#test "destroy 6" +# +#proc test6 {} { +# global test +# begin_dump +# one_line_fail_test {ovsec_kadm_destroy $server_handle} "NOT_INIT" +# end_dump_compare "no-diffs" +#} +#test6 + + +#test "destroy 7" +# +#proc test7 {} { +# global test +# begin_dump +# if {! [cmd { +# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# }]} { +# error "$test: unexpected failure in init" +# return +# } +# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { +# error_and_restart "$test: couldn't close database" +# } +# one_line_fail_test {ovsec_kadm_destroy $server_handle} "NOT_INIT" +# end_dump_compare "no-diffs" +#} +#test7 + +test "destroy 8" +proc test8 {} { + global test + begin_dump + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } + one_line_succeed_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } + end_dump_compare "no-diffs" +} +test8 + +test "destroy 9" +proc test9 {} { + global test + one_line_fail_test {ovsec_kadm_destroy null} "BAD_SERVER_HANDLE" +} +test9 + +return "" diff --git a/src/lib/kadm5/unit-test/api.0/dlte-policy.exp b/src/lib/kadm5/unit-test/api.0/dlte-policy.exp new file mode 100644 index 0000000000..7f349b02cd --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/dlte-policy.exp @@ -0,0 +1,207 @@ +source lib.t +api_exit +api_start + +test "delete-policy 2" +proc test2 {} { + global test +# set prms_id 744 +# setup_xfail {*-*-*} $prms_id + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test \ + {ovsec_kadm_delete_policy $server_handle ""} "BAD_POL" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test2 + +test "delete-policy 5" +proc test5 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_policy $server_handle "%s/a" + } $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if ${RPC} test5 + +test "delete-policy 6" +proc test6 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_policy $server_handle "%s/a" + } $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if ${RPC} test6 + +test "delete-policy 7" +proc test7 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_policy $server_handle "%s/a" + } $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} test7 + +test "delete-policy 10" +proc test10 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_delete_policy $server_handle "%s/a" + } $test]]} { + fail "$test" + return + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + if { [policy_exists "$test/a"]} { + fail "$test" + return + } +} +test10 + +test "delete-policy 12" +proc test12 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test unexecpted failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_create_principal $server_handle [princ_w_pol "%s/a" \ + "%s/a"] {OVSEC_KADM_PRINCIPAL OVSEC_KADM_POLICY} \ + NotinTheDictionary + } $test $test]]} { + fail "$test: can not create principal" + return; + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test \ + {ovsec_kadm_delete_policy $server_handle test-pol} "POLICY_REF" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test12 + +test "delete-policy 13" +proc test13 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_policy null "%s/a" + } $test] "BAD_SERVER_HANDLE" +} +test13 + +return "" diff --git a/src/lib/kadm5/unit-test/api.0/dlte-principal.exp b/src/lib/kadm5/unit-test/api.0/dlte-principal.exp new file mode 100644 index 0000000000..bb52301df3 --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/dlte-principal.exp @@ -0,0 +1,329 @@ +source lib.t + +api_exit +api_start + +#test "delete-principal 1" +#proc test1 {} { +# global test +# one_line_fail_test [format { +# ovsec_kadm_delete_principal $server_handle "%s/a" +# } $test] "NOT_INIT" +#} +#test1 + +test "delete-principal 2" +proc test2 {} { + global test + + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test \ + {ovsec_kadm_delete_principal $server_handle null} "EINVAL" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: unexpected failure in destroy" + return + } +} +test2 + +test "delete-principal 5" +proc test5 {} { + global test + + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_principal $server_handle "%s/a" + } $test] "UNK_PRINC" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test5 + +test "delete-principal 6" +proc test6 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal_pol "$test/a" test-pol])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_principal $server_handle "%s/a" + } $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test6 } + + +test "delete-principal 7" +proc test7 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_principal $server_handle "%s/a" + } $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test7 } + + +test "delete-principal 8" +proc test8 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_principal $server_handle "%s/a" + } $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test8 } + +test "delete-principal 9" +proc test9 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_principal $server_handle "%s/a" + } $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test9 } + +test "delete-principal 10" +proc test10 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_delete_principal $server_handle "%s/a" + } $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test10 } + +test "delete-principal 11" +proc test11 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_delete_principal $server_handle "%s/a" + } $test]]} { + fail "$test: delete failed" + return; + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + if { [principal_exists "$test/a"] } { + fail "$test" + return + } +} +test11 + +test "delete-principal 12" +proc test12 {} { + global test + global prompt + + if {! (( [principal_exists "$test/a"]) || + [create_principal_pol "$test/a" test-pol])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} { + error "$test: unexpected failure on get policy" + return + } + if { ! [cmd [format { + ovsec_kadm_delete_principal $server_handle "%s/a" + } $test]]} { + fail "$test: delete failed" + return + } + if { [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" p + } $test]]} { + fail "$test: principal still exists" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} { + error "$test: unexpected failure on get policy" + return + } + send "lindex \$p1 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + + send "lindex \$p2 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { [expr "$oldref - 1"] != $newref } { + fail "$test: policy reference count is wrong" + return; + } + pass "$test" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} + +test12 + +test "delete-principal 13" +proc test13 {} { + global test + one_line_fail_test [format { + ovsec_kadm_delete_principal null "%s/a" + } $test] "BAD_SERVER_HANDLE" +} +test13 + +return "" + + + + + diff --git a/src/lib/kadm5/unit-test/api.0/get-policy.exp b/src/lib/kadm5/unit-test/api.0/get-policy.exp new file mode 100644 index 0000000000..329e7886ab --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/get-policy.exp @@ -0,0 +1,199 @@ +source lib.t +api_exit +api_start + +test "get-policy 3" +proc test3 {} { + global test +# set prms_id 744 +# setup_xfail {*-*-*} $prms_id + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test {ovsec_kadm_get_policy $server_handle "" p} "BAD_POLICY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test3 + +test "get-policy 6" +proc test6 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \ + "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } test6 + +test "get-policy 7" +proc test7 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \ + "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } test7 + +test "get-policy 11" +proc test11 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin/get-pol StupidAdmin $OVSEC_KADM_ADMIN_SERVICE \ + null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test {ovsec_kadm_get_policy $server_handle test-pol p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test11 + +test "get-policy 12" +proc test12 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin/get-pol StupidAdmin \ + $OVSEC_KADM_CHANGEPW_SERVICE null $OVSEC_KADM_STRUCT_VERSION \ + $OVSEC_KADM_API_VERSION_1 server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test \ + {ovsec_kadm_get_policy $server_handle test-pol-nopw p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test12 + +test "get-policy 15" +proc test15 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin/pol StupidAdmin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test \ + {ovsec_kadm_get_policy $server_handle test-pol-nopw p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test15 + +test "get-policy 16" +proc test16 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin/pol StupidAdmin $OVSEC_KADM_CHANGEPW_SERVICE \ + null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test \ + {ovsec_kadm_get_policy $server_handle test-pol-nopw p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test16 + +test "get-policy 17" +proc test17 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test {ovsec_kadm_get_policy $server_handle test-pol p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test17 + +test "get-policy 18" +proc test18 {} { + global test + + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test {ovsec_kadm_get_policy $server_handle test-pol p} \ + "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } test18 + +test "get-policy 21" +proc test21 {} { + global test + + one_line_fail_test {ovsec_kadm_get_policy null "pol1" p} "BAD_SERVER_HANDLE" +} +test21 diff --git a/src/lib/kadm5/unit-test/api.0/get-principal.exp b/src/lib/kadm5/unit-test/api.0/get-principal.exp new file mode 100644 index 0000000000..05937055eb --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/get-principal.exp @@ -0,0 +1,346 @@ +source lib.t +api_exit +api_start + +test "get-principal 1" +proc test1 {} { + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test \ + {ovsec_kadm_get_principal $server_handle null p} "EINVAL" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test1 + +test "get-principal 2" +proc test2 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_get_principal $server_handle "%s/a" p + } $test] "UNK_PRINC" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test2 + +test "get-principal 3" +proc test3 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_get_principal $server_handle "%s/a" p + } $test] "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test3 } + +test "get-principal 4" +proc test4 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_get_principal $server_handle "%s/a" p + } $test] "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test4 } + +test "get-principal 5" +proc test5 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_get_principal $server_handle "%s/a" p + } $test] "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test5 } + +test "get-principal 6" +proc test6 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_get_principal $server_handle "%s/a" p + } $test] "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test6 } + +test "get-principal 7" +proc test7 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_get_principal $server_handle "%s/a" p + } $test] "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test7 } + + +test "get-principal 8" +proc test8 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_get_principal $server_handle "%s/a" p + } $test] "AUTH_GET" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test8 } + + +test "get-principal 9" +proc test9 {} { + global test + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test \ + {ovsec_kadm_get_principal $server_handle admin/none p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test9 + +test "get-principal 10" +proc test10 {} { + global test + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test \ + {ovsec_kadm_get_principal $server_handle admin/none p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test10 + +test "get-principal 11" +proc test11 {} { + global test + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/get p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test11 + +test "get-principal 12" +proc test12 {} { + global test + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/get p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test12 + +test "get-principal 13" +proc test13 {} { + global test + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/add p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test13 + +test "get-principal 14" +proc test14 {} { + global test + if {! [cmd { + ovsec_kadm_init admin/get-mod admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test {ovsec_kadm_get_principal $server_handle admin/add p} + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test14 + +test "get-principal 15" +proc test15 {} { + one_line_fail_test \ + {ovsec_kadm_get_principal null "admin" p} "BAD_SERVER_HANDLE" +} +test15 + +return "" + + + + diff --git a/src/lib/kadm5/unit-test/api.0/init.exp b/src/lib/kadm5/unit-test/api.0/init.exp new file mode 100644 index 0000000000..5df5dcfc94 --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/init.exp @@ -0,0 +1,727 @@ +source lib.t + +# Assumptions: +# +# Principal "admin" exists, with "get", "add", "modify" and "delete" +# access bits and password "admin". +# The string "not-the-password" isn't the password of any user in the database. +# Database master password is "mrroot". + +api_exit +api_start +test "init 1" + +one_line_fail_test_nochk \ + {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE "" \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle} + +test "init 2" + +one_line_fail_test_nochk \ + {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE @ \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle} + +test "init 2.5" + +one_line_fail_test_nochk \ + {ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE BAD.REALM \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 server_handle} + +test "init 3" + +proc test3 {} { + global test + if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + one_line_fail_test_nochk [format { + ovsec_kadm_init admin admin "%s/a" null $OVSEC_KADM_STRUCT_VERSION \ + $OVSEC_KADM_API_VERSION_1 server_handle + } $test] +} +if {$RPC} { test3 } + +test "init 4" + +proc test4 {} { + global test + if {! ((! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + + one_line_fail_test_nochk [format { + ovsec_kadm_init admin admin "%s/a" null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } $test] +} +if {$RPC} { test4 } + +test "init 5" + +if {$RPC} { + one_line_fail_test_nochk { + ovsec_kadm_init admin admin admin null $OVSEC_KADM_STRUCT_VERSION \ + $OVSEC_KADM_API_VERSION_1 server_handle + } +} + +test "init 6" + +proc test6 {} { + global test + + send "ovsec_kadm_init admin null \$OVSEC_KADM_ADMIN_SERVICE null \$OVSEC_KADM_STRUCT_VERSION \$OVSEC_KADM_API_VERSION_1 server_handle\n" + + expect { + {Enter password:} { } + eof { + fail "$test: eof instead of password prompt" + api_exit + api_start + return + } + timeout { + fail "$test: timeout instead of password prompt" + return + } + } + one_line_succeed_test "admin" + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +if { $RPC } { test6 } + +test "init 7" +proc test7 {} { + global test + + send "ovsec_kadm_init admin \"\" \$OVSEC_KADM_ADMIN_SERVICE null \$OVSEC_KADM_STRUCT_VERSION \$OVSEC_KADM_API_VERSION_1 server_handle\n" + + expect { + {Enter password:} { } + -re "key:$" { } + eof { + fail "$test: eof instead of password prompt" + api_exit + api_start + return + } + timeout { + fail "$test: timeout instead of password prompt" + return + } + } + one_line_succeed_test "admin" + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +if { $RPC } { test7 } + +test "init 8" + +proc test8 {} { + global test + if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + one_line_fail_test_nochk [format { + ovsec_kadm_init "%s/a" admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } $test] +} +if {$RPC} { test8 } + +test "init 9" + +if {$RPC} { + global test + one_line_fail_test_nochk { + ovsec_kadm_init admin not-the-password $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } +} + +test "init 10" + +proc test10 {} { + global test +# set prms_id 562 +# setup_xfail {*-*-*} $prms_id + one_line_fail_test_nochk { + ovsec_kadm_init null admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } +} +test10 + +#test "init 11" +# +#proc test11 {} { +# global test +# set prms_id 563 +# setup_xfail {*-*-*} $prms_id +# one_line_fail_test_nochk { +# ovsec_kadm_init "" admin $OVSEC_KADM_ADMIN_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# } +#} +#test11 + +test "init 12" + +proc test12 {} { + global test + one_line_fail_test_nochk [format { + ovsec_kadm_init "%s/a" admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } $test] +} +if {$RPC} { test12 } + +test "init 13" + +proc test13 {} { + global test + one_line_fail_test_nochk [format { + ovsec_kadm_init "%s/a@SECURE-TEST.OV.COM" admin \ + $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION \ + $OVSEC_KADM_API_VERSION_1 server_handle + } $test] +} +if {$RPC} { test13 } + +test "init 14" + +proc test14 {} { + global test + one_line_fail_test_nochk [format { + ovsec_kadm_init "%s/a@BAD.REALM" admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } $test] +} +if {$RPC} { test14 } + +test "init 15" + +if {$RPC} { + one_line_fail_test_nochk { + ovsec_kadm_init admin@BAD.REALM admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } +} + +test "init 16" + +proc test16 {} { + global test + one_line_succeed_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +test16 + +test "init 17" + +proc test17 {} { + global test + one_line_succeed_test { + ovsec_kadm_init admin@SECURE-TEST.OV.COM admin \ + $OVSEC_KADM_ADMIN_SERVICE null $OVSEC_KADM_STRUCT_VERSION \ + $OVSEC_KADM_API_VERSION_1 server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +test17 + +test "init 18" + +proc test18 {} { + global test + one_line_succeed_test { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +test18 + +test "init 19" + +proc test19 {} { + global test + one_line_succeed_test { + ovsec_kadm_init admin@SECURE-TEST.OV.COM admin \ + $OVSEC_KADM_ADMIN_SERVICE SECURE-TEST.OV.COM \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +test19 + +test "init 20" + +proc test20 {} { + global test + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error_and_restart "$test: couldn't init database" + return + } + one_line_succeed_test \ + {ovsec_kadm_get_principal $server_handle admin principal} + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +test20 + +#test "init 21" +# +#proc test21 {} { +# global test +# if {! [cmd { +# ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# }]} { +# error_and_restart "$test: couldn't init database" +# return +# } +# one_line_fail_test_nochk { +# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# } +# if {! [cmd {ovsec_kadm_destroy $server_handle}]} { +# error_and_restart "$test: couldn't close database" +# } +#} +#test21 + + +proc test22 {} { + global test prompt + set prompting 0 + send [string trim { + ovsec_kadm_init admin null null null $OVSEC_KADM_STRUCT_VERSION \ + $OVSEC_KADM_API_VERSION_1 server_handle + }] + send "\n" + expect { + -re ":$" { set prompting 1} + -re "\nOK .*$prompt$" { fail "$test: premature success" } + -re "\nERROR .*$prompt$" { fail "$test: premature failure" } + timeout { fail "$test: timeout" } + eof { fail "$test: eof" } + } + if {$prompting} { + one_line_succeed_test mrroot + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +if {! $RPC} { test22 } + +test "init 22.5" +proc test225 {} { + global test prompt + set prompting 0 + send [string trim { + ovsec_kadm_init admin null null null $OVSEC_KADM_STRUCT_VERSION \ + $OVSEC_KADM_API_VERSION_1 server_handle + }] + send "\n" + expect { + -re ":$" { set prompting 1} + -re "\nOK .*$prompt$" { fail "$test: premature success" } + -re "\nERROR .*$prompt$" { fail "$test: premature failure" } + timeout { fail "$test: timeout" } + eof { fail "$test: eof" } + } + if {$prompting} { + one_line_succeed_test mrroot + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +if {! $RPC} { test225 } + +test "init 23" + +proc test23 {} { + global test + one_line_succeed_test { + ovsec_kadm_init admin not-the-password $OVSEC_KADM_ADMIN_SERVICE \ + null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +if {! $RPC} { test23 } + +test "init 24" + +proc test24 {} { + global test + one_line_succeed_test { + ovsec_kadm_init admin admin null null $OVSEC_KADM_STRUCT_VERSION \ + $OVSEC_KADM_API_VERSION_1 server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +if {! $RPC} { test24 } + +test "init 25" + +proc test25 {} { + global test + one_line_succeed_test { + ovsec_kadm_init admin admin foobar null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +if {! $RPC} { test25 } + +test "init 26" + +#proc test26 {} { +# global test +# +# api_exit +# api_start +# one_line_fail_test_nochk { +# ovsec_kadm_get_principal $server_handle admin principal +# } +#} +#test26 + +#test "init 27" +# +#proc test27 {} { +# global test +# +# if {! ((! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} { +# error_and_restart "$test: couldn't delete principal \"$test/a\"" +# return +# } +# begin_dump +# if {[cmd [format { +# ovsec_kadm_create_principal $server_handle [simple_principal \ +# "%s/a"] {OVSEC_KADM_PRINCIPAL} "%s/a" +# } $test $test]]} { +# fail "$test: unexpected success in add" +# return +# } +# end_dump_compare "no-diffs" +#} +#test27 + +#test "init 28" +# +#proc test28 {} { +# global test prompt +# +# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { +# error_and_restart "$test: couldn't create principal \"$test/a\"" +# return +# } +# begin_dump +# if {! ([cmd { +# ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ +# $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ +# server_handle +# }] && [cmd [format { +# ovsec_kadm_get_principal $server_handle "%s/a" principal +# } $test]])} { +# error_and_restart "$test: error getting principal" +# return; +# } +# send "lindex \$principal 8\n" +# expect { +# -re "\n(\[0-9\]+).*$prompt$" {set kvno $expect_out(1,string) } +# timeout { +# error_and_restart "$test: timeout getting principal kvno" +# return +# } +# eof { +# error_and_restart "$test: eof getting principal kvno" +# return +# } +# } +# api_exit +# api_start +# set new_kvno [expr "$kvno + 1"] +# if {[cmd [format { +# ovsec_kadm_modify_principal $server_handle \ +# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {OVSEC_KADM_KVNO} +# } $test $new_kvno]]} { +# fail "$test: unexpected success in modify" +# return; +# } +# end_dump_compare "no-diffs" +#} +#test28 + +#test "init 29" +# +#proc test29 {} { +# global test +# +# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { +# error_and_restart "$test: couldn't create principal \"$test/a\"" +# return +# } +# begin_dump +# if {[cmd [format { +# ovsec_kadm_delete_principal $server_handle "%s/a" +# } $test]]} { +# fail "$test: unexpected success in delete" +# return +# } +# end_dump_compare "no-diffs" +#} +#test29 + +test "init 30" +proc test30 {} { + global test + if {[cmd { + ovsec_kadm_init admin foobar $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error_and_restart "$test: unexpected succsess" + return + } + one_line_succeed_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +if ${RPC} { test30 } + +test "init 31" +proc test31 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $bad_struct_version_mask $OVSEC_KADM_API_VERSION_1 \ + server_handle + } "BAD_STRUCT_VERSION" +} +test31 + +test "init 32" +proc test32 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $no_struct_version_mask $OVSEC_KADM_API_VERSION_1 \ + server_handle + } "BAD_STRUCT_VERSION" +} +test32 + +test "init 33" +proc test33 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $old_struct_version $OVSEC_KADM_API_VERSION_1 \ + server_handle + } "OLD_STRUCT_VERSION" +} +test33 + +test "init 34" +proc test34 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $new_struct_version $OVSEC_KADM_API_VERSION_1 \ + server_handle + } "NEW_STRUCT_VERSION" +} +test34 + +test "init 35" +proc test35 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $bad_api_version_mask \ + server_handle + } "BAD_API_VERSION" +} +test35 + +test "init 36" +proc test36 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $no_api_version_mask \ + server_handle + } "BAD_API_VERSION" +} +test36 + +test "init 37" +proc test37 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $old_api_version \ + server_handle + } "OLD_LIB_API_VERSION" +} +if { $RPC } test37 + +test "init 38" +proc test38 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $old_api_version \ + server_handle + } "OLD_SERVER_API_VERSION" +} +if { ! $RPC } test38 + +test "init 39" +proc test39 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $new_api_version \ + server_handle + } "NEW_LIB_API_VERSION" +} +if { $RPC } test39 + +test "init 40" +proc test40 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $new_api_version \ + server_handle + } "NEW_SERVER_API_VERSION" +} +if { ! $RPC } test40 + +test "init 41" +proc test41 {} { + global test + one_line_fail_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_API_VERSION_1 $OVSEC_KADM_STRUCT_VERSION \ + server_handle + } "BAD_" +} +test41 + +test "init 42" +proc test42 {} { + global test + one_line_succeed_test { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } + if {! [cmd {ovsec_kadm_destroy $server_handle}]} { + error_and_restart "$test: couldn't close database" + } +} +test42 + + +proc test45_46 {service} { + global test kdb5_edit env + + spawn $kdb5_edit -R "del $service" + expect { + {Type 'yes' to confirm:} { + send "yes\n" + } + default { + error "kdb5_edit del failed\n"; + } + } + expect eof + wait + + one_line_fail_test [concat {ovsec_kadm_init admin admin } \ + $service \ + { null $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle}] "SECURE_PRINC_MISSING" + + # this leaves the keytab with an incorrect entry + exec $kdb5_edit -R "ark $service" + + # restart the api so it gets a new ccache + api_exit + api_start +} + +if {$RPC} { + test "init 45" + + test45_46 ovsec_adm/admin + + test "init 46" + + test45_46 ovsec_adm/changepw + + # re-extract the keytab so it is right + exec rm /krb5/ovsec_adm.srvtab + exec $env(MAKE_KEYTAB) -princ ovsec_adm/admin -princ ovsec_adm/changepw \ + -princ kadmin/admin -princ kadmin/changepw /krb5/ovsec_adm.srvtab +} + +return "" + diff --git a/src/lib/kadm5/unit-test/api.0/mod-policy.exp b/src/lib/kadm5/unit-test/api.0/mod-policy.exp new file mode 100644 index 0000000000..67f8457b6a --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/mod-policy.exp @@ -0,0 +1,703 @@ +source lib.t +api_exit +api_start + +test "modify-policy 2" +proc test2 {} { + global test + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MAX_LIFE} + } $test] "AUTH_MODIFY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test2 } + +test "modify-policy 4" +proc test4 {} { + global test + + if {! ([policy_exists "$test/a"] || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_REF_COUNT} + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test4 + +test "modify-policy 8" +proc test8 {} { + global test +# set prms_id 744 +# setup_xfail {*-*-*} $prms_id + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_modify_policy $server_handle [simple_policy ""] \ + {OVSEC_KADM_PW_MAX_LIFE} + } "BAD_POLICY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test8 + +test "modify-policy 9" +proc test9 {} { + global test + global prompt + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MIN_LIFE} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 1\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test9 + +test "modify-policy 10" +proc test10 {} { + global test + global prompt + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle {"%s/a" 32 0 0 0 0 0} \ + {OVSEC_KADM_PW_MIN_LIFE} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 1\n" + expect { + -re "32\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test10 + + +test "modify-policy 11" +proc test11 {} { + global test + global prompt + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MAX_LIFE} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 2\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test11 + +test "modify-policy 12" +proc test12 {} { + global test + global prompt + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle {"%s/a" 0 32 0 0 0 0} \ + {OVSEC_KADM_PW_MAX_LIFE} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 2\n" + expect { + -re "32\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test12 + +test "modify-policy 13" +proc test13 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MIN_LENGTH} + } $test] "BAD_LENGTH" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test13 + +test "modify-policy 14" +proc test14 {} { + global test + global prompt + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 8 0 0 0} \ + {OVSEC_KADM_PW_MIN_LENGTH} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 3\n" + expect { + -re "8\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test14 + +test "modify-policy 15" +proc test15 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MIN_CLASSES} + } $test] "BAD_CLASS" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test15 + +test "modify-policy 16" +proc test16 {} { + global test + global prompt + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0} \ + {OVSEC_KADM_PW_MIN_CLASSES} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 4\n" + expect { + -re "1\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test16 + +test "modify-policy 17" +proc test17 {} { + global test + global prompt + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a"])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 5 0 0} \ + {OVSEC_KADM_PW_MIN_CLASSES} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 4\n" + expect { + -re "5\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test17 + +test "modify-policy 18" +proc test18 {} { + global test + global prompt + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a" ])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 6 0 0} \ + {OVSEC_KADM_PW_MIN_CLASSES} + } $test] "BAD_CLASS" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test18 + +test "modify-policy 19" +proc test19 {} { + global test + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a" ])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_HISTORY_NUM} + } $test] "BAD_HISTORY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test19 + +test "modify-policy 20" +proc test20 {} { + global test + global prompt + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a" ])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 0 1 0} \ + {OVSEC_KADM_PW_HISTORY_NUM} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 5\n" + expect { + -re "1\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test20 + +test "modify-policy 21" +proc test21 {} { + global test + global prompt + + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a" ])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_policy $server_handle {"%s/a" 0 0 0 0 10 0} \ + {OVSEC_KADM_PW_HISTORY_NUM} + } $test]]} { + fail $test + return + } + if {! [cmd [format { + ovsec_kadm_get_policy $server_handle "%s/a" policy + } $test]]} { + fail "$test: can not retrieve policy" + return + } + send "lindex \$policy 5\n" + expect { + -re "10\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test21 + +test "modify-policy 22" +proc test22 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a" ])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MAX_LIFE} + } $test] "AUTH_MODIFY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} test22 + +test "modify-policy 23" +proc test23 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a" ])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MAX_LIFE} + } $test] "AUTH_MODIFY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} test23 + +test "modify-policy 26" +proc test26 {} { + global test + if {! (( [policy_exists "$test/a"]) || + [create_policy "$test/a" ])} { + error_and_restart "$test: couldn't create policy \"$test/a\"" + return + } + + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_modify_policy $server_handle [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MAX_LIFE} + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test26 + +test "modify-policy 30" +proc test30 {} { + global test + + one_line_fail_test [format { + ovsec_kadm_modify_policy null [simple_policy "%s/a"] \ + {OVSEC_KADM_PW_MAX_LIFE} + } $test] "BAD_SERVER_HANDLE" +} +test30 + +return "" diff --git a/src/lib/kadm5/unit-test/api.0/mod-principal.exp b/src/lib/kadm5/unit-test/api.0/mod-principal.exp new file mode 100644 index 0000000000..c4bc2bed18 --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/mod-principal.exp @@ -0,0 +1,1942 @@ +source lib.t +api_exit +api_start + +#test "modify-principal 1" +#proc test1 {} { +# global test +# one_line_fail_test [format { +# ovsec_kadm_modify_principal $server_handle [simple_principal \ +# "%s/a"] {OVSEC_KADM_PW_EXPIRATION} +# } $test] "NOT_INIT" +#} +#test1 + +test "modify-principal 2" +proc test2 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test] "AUTH_MODIFY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test2 } + +test "modify-principal 4" +proc test4 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINCIPAL} + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test4 + + +test "modify-principal 5" +proc test5 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_LAST_PWD_CHANGE} + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test5 + +test "modify-principal 6" +proc test6 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_MOD_TIME} + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test6 + +test "modify-principal 7" +proc test7 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_MOD_NAME} + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test7 + +test "modify-principal 8" +proc test8 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_MKVNO} + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test8 + +test "modify-principal 9" +proc test9 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_AUX_ATTRIBUTES} + } $test] "BAD_MASK" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test9 + +test "modify-principal 10" +proc test10 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test] "UNK_PRINC" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test10 + +test "modify-principal 11" +proc test11 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test] "AUTH_MOD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } { test11 } + +test "modify-principal 12" +proc test12 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test] "AUTH_MOD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } { test12 } + +test "modify-principal 13" +proc test13 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test] "AUTH_MOD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } { test13 } + +test "modify-principal 14" +proc test14 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test] "AUTH_MOD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } { test14 } + +test "modify-principal 15" +proc test15 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test15 + +test "modify-principal 17" +proc test17 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + no-policy] {OVSEC_KADM_POLICY} + } $test] "UNK_POLICY" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test17 + +test "modify-principal 18" +proc test18 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if { !( [create_principal "$test/a"])} { + error_and_restart "$test: could not create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} { + error "$test: unexpected failure on get policy" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + test-pol] {OVSEC_KADM_POLICY} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 10\n" + expect { + -re "test-pol\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + send "lindex \$p1 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} { + error "$test: unexpected failure on get policy" + return + } + + send "lindex \$p2 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { [expr "$oldref + 1"] != $newref } { + fail "$test: policy reference count is wrong" + return; + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test18 + +test "modify-principal 19" +proc test19 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if { !( [create_principal "$test/a"])} { + error_and_restart "$test: could not create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} { + error "$test: unexpected failure on get policy" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + test-pol] {OVSEC_KADM_POLICY} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 10\n" + expect { + -re "test-pol\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + send "lindex \$p1 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} { + error "$test: unexpected failure on get policy" + return + } + + send "lindex \$p2 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { [expr "$oldref + 1"] != $newref } { + fail "$test: policy reference count is wrong" + return; + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test19 + +test "modify-principal 20" +proc test20 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if { !( [create_principal_pol "$test/a" "test-pol"])} { + error_and_restart "$test: could not create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p1}]} { + error "$test: unexpected failure on get policy" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_POLICY_CLR} + } $test]]} { + error "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 10\n" + expect { + -re "test-pol\n$prompt$" { fail "$test" } + timeout { pass "$test" } + } + send "lindex \$p1 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol p2}]} { + error "$test: unexpected failure on get policy" + return + } + + send "lindex \$p2 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { [expr "$oldref - 1"] != $newref } { + fail "$test: policy reference count is wrong" + return; + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test20 + +test "modify-principal 21" +proc test21 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if { !( [create_principal_pol "$test/a" "test-pol"])} { + error_and_restart "$test: could not create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} { + error "$test: unexpected failure on get policy" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw old_p2}]} { + error "$test: unexpected failure on get policy" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + test-pol-nopw] {OVSEC_KADM_POLICY} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$old_p1 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + send "lindex \$old_p2 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set old_p2_ref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} { + error "$test: unexpected failure on get policy" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol-nopw new_p2}]} { + error "$test: unexpected failure on get policy" + return + } + + send "lindex \$new_p1 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + send "lindex \$new_p2 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set new_p2_ref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { [expr "$old_p1_ref - 1"] != $new_p1_ref } { + fail "$test: policy reference count is wrong" + return; + } + if { [expr "$old_p2_ref + 1"] != $new_p2_ref } { + fail "$test: policy reference count is wrong" + return; + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test21 + +test "modify-principal 21.5" +proc test21.5 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if { !( [create_principal_pol "$test/a" "test-pol"])} { + error_and_restart "$test: could not create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol old_p1}]} { + error "$test: unexpected failure on get policy" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + test-pol] {OVSEC_KADM_POLICY} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$old_p1 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol new_p1}]} { + error "$test: unexpected failure on get policy" + return + } + + send "lindex \$new_p1 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + + if {$old_p1_ref != $new_p1_ref} { + fail "$test: policy reference count changed ($old_p1_ref to $new_p1_ref)" + return + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test21.5 + +test "modify-principal 22" +proc test22 {} { + global test + global prompt + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PW_EXPIRATION} + } $test]]} { + fail "$test: modifiy failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 3\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test22 + +test "modify-principal 23" +proc test23 {} { + global test + global prompt + if {! (( [principal_exists "$test/a"]) || + [create_principal_pol "$test/a" test-pol-nopw])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PW_EXPIRATION} + } $test]]} { + fail "$test: modifiy failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 3\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test23 + +test "modify-principal 24" +proc test24 {} { + global test + global prompt +# set prms_id 1358 +# setup_xfail {*-*-*} $prms_id + + if {! (( [principal_exists "$test/a"]) || + [create_principal_pol "$test/a" "test-pol" ])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error_and_restart "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PW_EXPIRATION} + } $test]]} { + fail "$test: could not modify principal" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + if { ! [cmd [format { + ovsec_kadm_get_policy $server_handle %s policy + } test-pol]]} { + error_and_restart "$test: cannot retrieve policy" + return + } + send "lindex \$principal 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting mod_date" + return + } + eof { + error_and_restart "$test: eof getting pw_mod_date" + return + } + } + + send "lindex \$principal 3\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_expire" + return + } + eof { + error_and_restart "$test: eof getting pw_expire" + return + } + } + + send "lindex \$policy 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_max_life" + return + } + eof { + error_and_restart "$test: eof getting pw_max_life" + return + } + } + if { [expr "$pw_mod_date + $pw_max_life"] != $pw_expire } { + fail "$test: pw_expire is wrong" + return + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test24 + +test "modify-principal 25" +proc test25 {} { + global test + global prompt + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 3\n" + expect { + -re "1234\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test25 + +test "modify-principal 26" +proc test26 {} { + global test + global prompt + + if {! (( [principal_exists "$test/a"]) || + [create_principal_pol "$test/a" "test-pol-nopw" ])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 3\n" + expect { + -re "1234\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test26 + +test "modify-principal 27" +proc test27 {} { + global test + global prompt + + if {! (( [principal_exists "$test/a"]) || + [create_principal_pol "$test/a" "test-pol" ])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 3\n" + expect { + -re "1234\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test27 + +test "modify-principal 28" +proc test28 {} { + global test + global prompt +# set prms_id 1358 +# setup_xfail {*-*-*} $prms_id + + if {! (( [principal_exists "$test/a"]) || + [create_principal_pol "$test/a" "test-pol" ])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 900 0 0 0 0 0 0 0 0} {OVSEC_KADM_PW_EXPIRATION} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} { + error_and_restart "$test: cannot retrieve policy" + return + } + send "lindex \$principal 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_mod_date" + return + } + eof { + error_and_restart "$test: eof getting pw_mod_date" + return + } + } + + send "lindex \$principal 3\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_expire" + return + } + eof { + error_and_restart "$test: eof getting pw_expire" + return + } + } + send "lindex \$policy 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_max_life" + return + } + eof { + error_and_restart "$test: eof getting pw_max_life" + return + } + } + if { [expr "$pw_mod_date + $pw_max_life"] == $pw_expire } { + fail "$test: pw_expire is wrong" + return + } + pass "$test" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test28 + +test "modify-principal 29" +proc test29 {} { + global test + global prompt + + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if { ! ([create_principal_pol "$test/a" test-pol])} { + error "$test: unexpected failure in creating principal" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_POLICY_CLR} + } $test]]} { + fail "$test: modifiy failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 3\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test29 + +test "modify-principal 30" +proc test30 {} { + global test + global prompt + + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal_pol "$test/a" test-pol])} { + error "$test: unexpected failure in creating principal" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + test-pol-nopw] {OVSEC_KADM_POLICY} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 3\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test30 + +test "modify-principal 31" +proc test31 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + test-pol] {OVSEC_KADM_POLICY} + } $test]]} { + fail "modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol policy}]} { + error_and_restart "$test: cannot retrieve policy" + return + } + send "lindex \$principal 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_mod_date" + return + } + eof { + error_and_restart "$test: eof getting pw_mod_date" + return + } + } + + send "lindex \$principal 3\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_expire" + return + } + eof { + error_and_restart "$test: eof getting pw_expire" + return + } + } + + send "lindex \$policy 2\n" + expect { + -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting pw_max_life" + return + } + eof { + error_and_restart "$test: eof getting pw_max_life" + return + } + } + if { [expr "$pw_mod_date + $pw_max_life"] != $pw_expire } { + fail "$test: pw_expire is wrong" + return + } + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test31 + +test "modify-principal 32" +proc test32 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 1234 0 0 0 0 0 0 0 0 0 0} \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 1\n" + expect { + -re "1234\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test32 + +test "modify-principal 33" +proc test33 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_ALL_TIX 0 0 0 0} \ + {OVSEC_KADM_ATTRIBUTES} + } $test]]} { + fail "$test: modified fail" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 7\n" + expect { + -re "KRB5_KDB_DISALLOW_ALL_TIX.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test33 + +test "modify-principal 33.25" +proc test3325 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 0 0 0 0 KRB5_KDB_REQUIRES_PWCHANGE 0 0 0 0} \ + {OVSEC_KADM_ATTRIBUTES} + } $test]]} { + fail "$test: modified fail" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 7\n" + expect { + -re "KRB5_KDB_REQUIRES_PWCHANGE.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test3325 + +test "modify-principal 33.5" +proc test335 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_TGT_BASED 0 0 0 0} \ + {OVSEC_KADM_ATTRIBUTES} + } $test]]} { + fail "$test: modified fail" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 7\n" + expect { + -re "KRB5_KDB_DISALLOW_TGT_BASED.*$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test335 + + +test "modify-principal 34" +proc test34 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 0 3456 0 0 0 0 0 0 0} {OVSEC_KADM_MAX_LIFE} + } $test]]} { + fail "$test: modify failed" + return + } + + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 4\n" + expect { + -re "3456\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test34 + +test "modify-principal 35" +proc test35 {} { + global prompt + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd [format { + ovsec_kadm_modify_principal $server_handle \ + {"%s/a" 0 0 0 0 0 0 0 7 0 0 0} {OVSEC_KADM_KVNO} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 8\n" + expect { + -re "7\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test35 + +test "modify-principal 36" +proc test36 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if { !( [create_principal_pol "$test/a" "test-pol"])} { + error_and_restart "$test: could not create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol}]} { + error "$test: unexpected failure on get policy" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + test-pol] {OVSEC_KADM_POLICY} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 10\n" + expect { + -re "test-pol\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + send "lindex \$pol 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { ! [cmd {ovsec_kadm_get_policy $server_handle test-pol pol2}]} { + error "$test: unexpected failure on get policy" + return + } + send "lindex \$pol2 6\n" + expect { + -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } + timeout { + error_and_restart "$test: timeout getting principal kvno (second time)" + return + } + eof { + error_and_restart "$test: eof getting principal kvno (second time)" + return + } + } + if { $oldref != $newref } { + fail "$test: policy reference count is wrong" + return; + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test36 + +test "modify-principal 37" +proc test37 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if { !( [create_principal "$test/a"])} { + error_and_restart "$test: could not create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_POLICY_CLR} + } $test]]} { + fail "$test: modify failed" + return + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test37 + +test "modify-principal 38" +proc test38 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 1\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test38 + +test "modify-principal 39" +proc test39 {} { + global test + global prompt + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! ([create_principal "$test/a"])} { + error "$test: unexpected failure in creating principal" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [simple_principal "%s/a"] \ + {OVSEC_KADM_MAX_LIFE} + } $test]]} { + fail "$test: modify failed" + return + } + if {! [cmd [format { + ovsec_kadm_get_principal $server_handle "%s/a" principal + } $test]]} { + error_and_restart "$test: could not retrieve principal" + return + } + send "lindex \$principal 4\n" + expect { + -re "0\n$prompt$" { pass "$test" } + timeout { fail "$test" } + } + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test39 + +test "modify-principal 40" +proc test40 {} { + global test + global prompt + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_modify_principal $server_handle null \ + {OVSEC_KADM_PRINC_EXPIRE_TIME} + } "EINVAL" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test40 + +test "modify-principal 43" +proc test43 {} { + global test + one_line_fail_test [format { + ovsec_kadm_modify_principal null [simple_principal \ + "%s/a"] {OVSEC_KADM_PW_EXPIRATION} + } $test] "BAD_SERVER_HANDLE" +} +test43 + +return "" diff --git a/src/lib/kadm5/unit-test/api.0/randkey-principal.exp b/src/lib/kadm5/unit-test/api.0/randkey-principal.exp new file mode 100644 index 0000000000..259cd8f031 --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/randkey-principal.exp @@ -0,0 +1,319 @@ +source lib.t +api_exit +api_start + +test "randkey-principal 1" +proc test1 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [create_principal_pol "$test/a" once-a-min]} { + error_and_restart "$test: creating principal" + return + } + + if {! [cmd [format { + ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } $test $test]]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] "PASS_TOOSOON" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test1 } + +test "randkey-principal 3" +proc test3 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [create_principal_pol "$test/a" once-a-min]} { + error_and_restart "$test: creating principal" + return + } + + if {! [cmd [format { + ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } $test $test]]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] "PASS_TOOSOON" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if ${RPC} { test3 } + +test "randkey-principal 13" +proc test13 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + if {! [cmd [format { + ovsec_kadm_modify_principal $server_handle [princ_w_pol "%s/a" \ + once-a-min] OVSEC_KADM_POLICY + } $test]]} { + error "$test: failed modify" + return + } + one_line_succeed_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test13 + +test "randkey-principal 15" +proc test15 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [create_principal_pol "$test/a" once-a-min]} { + error_and_restart "$test: creating principal" + return + } + + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] "AUTH_CHANGEPW" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if { $RPC } { test15 } + +test "randkey-principal 28" +proc test28 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test28 + +test "randkey-principal 28.25" +proc test2825 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] "AUTH" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test2825 } + +test "randkey-principal 28.5" +proc test285 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test285 + +test "randkey-principal 30" +proc test30 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [create_principal "$test/a"]} { + error_and_restart "$test: creating principal" + return + } + if {! [cmd [format { + ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } $test $test]]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test30 + +test "randkey-principal 31" +proc test31 {} { + global test + if {! (( ! [principal_exists "$test/a"]) || + [delete_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! [create_principal "$test/a"]} { + error_and_restart "$test: creating principal" + return + } + + if {! [cmd [format { + ovsec_kadm_init "%s/a" "%s/a" $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + } $test $test]]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_randkey_principal $server_handle "%s/a" key + } $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test31 + +test "randkey-principal 32" +proc test32 {} { + global test + + if { ! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test { + ovsec_kadm_randkey_principal $server_handle kadmin/history key + } "PROTECT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test32 + +test "randkey-principal 33" +proc test33 {} { + global test + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if { ! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_randkey_principal null "%s/a" key + } $test] "BAD_SERVER_HANDLE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} + +test33 + +return "" diff --git a/src/lib/kadm5/unit-test/api.0/rename-principal.exp b/src/lib/kadm5/unit-test/api.0/rename-principal.exp new file mode 100644 index 0000000000..56e4129552 --- /dev/null +++ b/src/lib/kadm5/unit-test/api.0/rename-principal.exp @@ -0,0 +1,509 @@ +source lib.t +api_exit +api_start + +#test "rename-principal 1" +#proc test1 {} { +# global test +# one_line_fail_test [format { +# ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" +# } $test $test] "NOT_INIT" +#} +#test1 + +test "rename-principal 2" +proc test2 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin admin $OVSEC_KADM_CHANGEPW_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "INSUFFICIENT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } + +} +if {$RPC} { test2 } + +test "rename-principal 3" +proc test3 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/none admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_INSUFFICIENT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test3 } + +test "rename-principal 4" +proc test4 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/modify admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_INSUFFICIENT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test4 } + +test "rename-principal 5" +proc test5 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/get admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_INSUFFICIENT" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test5 } + +test "rename-principal 6" +proc test6 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/mod-add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test6 } + +test "rename-principal 7" +proc test7 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/mod-delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test7 } + +test "rename-principal 8" +proc test8 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/get-add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test8 } + +test "rename-principal 9" +proc test9 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/get-delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test9 } + +test "rename-principal 10" +proc test10 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/no-delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_DELETE" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test10 } + +test "rename-principal 11" +proc test11 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/no-add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH_ADD" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test11 } + +test "rename-principal 12" +proc test12 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/add admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test12 } + + +test "rename-principal 13" +proc test13 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/delete admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "AUTH" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +if {$RPC} { test13 } + +test "rename-principal 14" +proc test14 {} { + global test + + if {[principal_exists "$test/a"]} { + delete_principal "$test/a" + } + + if {[create_principal_with_keysalts "$test/a" "des-cbc-crc:v4"]} { + error_and_restart "$test: couldn't create no-salt principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_succeed_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test14 + +test "rename-principal 15" +proc test15 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( [principal_exists "$test/b"]) || + [create_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "DUP" + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test15 + +test "rename-principal 16" +proc test16 {} { + global test + one_line_fail_test [format { + ovsec_kadm_rename_principal null "%s/a" "%s/b" + } $test $test] "BAD_SERVER_HANDLE" +} +test16 + +test "rename-principal 18" +proc test18 {} { + global test + + if {! (( [principal_exists "$test/a"]) || + [create_principal "$test/a"])} { + error_and_restart "$test: couldn't create principal \"$test/a\"" + return + } + if {! (( ! [principal_exists "$test/b"]) || + [delete_principal "$test/b"])} { + error_and_restart "$test: couldn't delete principal \"$test/a\"" + return + } + if {! [cmd { + ovsec_kadm_init admin/rename admin $OVSEC_KADM_ADMIN_SERVICE null \ + $OVSEC_KADM_STRUCT_VERSION $OVSEC_KADM_API_VERSION_1 \ + server_handle + }]} { + error "$test: unexpected failure in init" + return + } + one_line_fail_test [format { + ovsec_kadm_rename_principal $server_handle "%s/a" "%s/b" + } $test $test] "NO_RENAME_SALT" + + if { ! [cmd {ovsec_kadm_destroy $server_handle}]} { + error "$test: unexpected failure in destroy" + return + } +} +test18 + +return "" |