2 files changed, 116 insertions, 35 deletions

diff --git a/src/tests/dejagnu/krb-standalone/iprop.exp b/src/tests/dejagnu/krb-standalone/iprop.exp
index 9f3940800e..91c8b7da46 100644
--- a/src/tests/dejagnu/krb-standalone/iprop.exp
+++ b/src/tests/dejagnu/krb-standalone/iprop.exp
@@ -1,25 +1,44 @@
 # Password-changing Kerberos test.
 # This is a DejaGnu test script.
 
+proc setup_slave {} {
+    global tmppwd hostname REALMNAME KDB5_UTIL
+    file delete $tmppwd/slave-stash $tmppwd/slave-acl
+    file copy -force $tmppwd/acl $tmppwd/slave-acl
+    if ![file exists $tmppwd/kpropdacl] {
+	set aclfile [open $tmppwd/kpropd-acl w]
+	puts $aclfile "host/$hostname@$REALMNAME"
+	close $aclfile
+    }
+    setup_slave_db
+    # copy database - must be used after master db set up
+    envstack_push
+    setup_kerberos_env kdc
+    set dumpfile $tmppwd/dump-file
+    file delete $dumpfile $dumpfile.dump_ok
+    if [catch {exec $KDB5_UTIL dump -i $dumpfile} msg] {
+	error "master dump failed: $msg"
+    }
+    setup_kerberos_env slave
+    foreach suffix { .kadm5.lock .ok } {
+	file copy -force $tmppwd/kdc-db$suffix $tmppwd/slave-db$suffix
+    }
+    if [catch {exec $KDB5_UTIL load -i $dumpfile} msg] {
+	send_user "slave load failed: $msg"
+	spawn_shell
+	error "slave load failed: $msg"
+    }
+}
+
 # We are about to start up a couple of daemon processes.  We do all
 # the rest of the tests inside a proc, so that we can easily kill the
 # processes when the procedure ends.
 
 proc doit { } {
-    global REALMNAME
-    global KLIST
-    global KDESTROY
-    global KEY
-    global KADMIN_LOCAL
-    global KTUTIL
-    global hostname
-    global tmppwd
-    global spawn_id
-    global supported_enctypes
-    global KRBIV
-    global portbase
-    global mode
-    global KPROPLOG
+    global REALMNAME KEY
+    global KLIST KDESTROY KADMIN_LOCAL KTUTIL KPROPLOG KPROPD KDB5_UTIL
+    global hostname tmppwd spawn_id kpropd_spawn_id kpropd_pid
+    global supported_enctypes KRBIV portbase mode
     global ulog des3_krbtgt
 
     # Delete any db, ulog files
@@ -45,12 +64,15 @@ proc doit { } {
 	fail "create update log"
     }
 
+    setup_slave
+
     # Use kadmin to add a key.
     if ![add_kerberos_key wakawaka 0] {
 	return
     }
 
     # Run kproplog, look at output.
+    setup_kerberos_env kdc
     spawn $KPROPLOG
     expect_after {
 	timeout {
@@ -67,7 +89,7 @@ proc doit { } {
 	expect -re "Update log dump"
 	expect -re "First serial \# : 1"
 	if $des3_krbtgt {
-	    expect -re "Last serial \# : 3"
+	    expect -re "Last serial \# : 4"
 	    expect -re "Update Entry"
 	    expect -re "Update serial \# : 1"
 	    expect -re "Attributes changed : 15"
@@ -76,13 +98,19 @@ proc doit { } {
 	    expect -re "Attributes changed : 6"
 	    expect -re "Update Entry"
 	    expect -re "Update serial \# : 3"
+	    expect -re "Attributes changed : 15"
+	    expect -re "Update Entry"
+	    expect -re "Update serial \# : 4"
 	} else {
-	    expect -re "Last serial \# : 2"
+	    expect -re "Last serial \# : 3"
 	    expect -re "Update Entry"
 	    expect -re "Update serial \# : 1"
 	    expect -re "Attributes changed : 15"
 	    expect -re "Update Entry"
 	    expect -re "Update serial \# : 2"
+	    expect -re "Attributes changed : 15"
+	    expect -re "Update Entry"
+	    expect -re "Update serial \# : 3"
 	}
 	expect -re "Update operation : Add"
 	expect -re "Update principal : wakawaka@KRBTEST.COM"
@@ -94,17 +122,74 @@ proc doit { } {
 	}
 	expect -re "Attributes changed : 15"
 	expect eof
+	pass "kproplog output"
     } foo
-    pass "kproplog output"
     catch expect_after
     if [check_exit_status kproplog] {
-	pass "kproplog exit status"
-    } else {
-	fail "kproplog exit status"
+	pass "kproplog"
+    }
+    add_random_key host/$hostname 0
+    add_random_key kiprop/$hostname 0
+
+    # Already have kadmind running.
+
+    # Get a keytab file.
+    setup_srvtab 0
+
+    # Sleep 11s for built-in delay.
+    verbose "Delaying to bypass contention-avoidance code in kadmind/iprop"
+    sleep 11
+
+    # Launch slave kpropd.
+    start_kpropd
+#    send_user [list $KPROPD -S -d -P [expr 10 + $portbase] -s $tmppwd/srvtab -f $tmppwd/incoming-slave-datatrans -p $KDB5_UTIL -a $tmppwd/kpropd-acl]\n
+#    spawn_shell
+    expect {
+	-i $kpropd_spawn_id
+	"Update transfer from master was OK" {
+	    exec kill $kpropd_pid
+	    wait -i $kpropd_spawn_id
+	    unset kpropd_spawn_id kpropd_pid
+	}
+	-re ..* { exp_continue }
+	timeout {
+	    catch { exec kill $kpropd_pid }
+	    exp_continue
+	}
+	eof {
+	    wait -i $kpropd_spawn_id
+	    unset kpropd_spawn_id kpropd_pid
+	}
     }
+
+    # Wait briefly?
+    # Check slave db for new principal.
+    setup_kerberos_env slave
+    spawn $KADMIN_LOCAL -r $REALMNAME -q listprincs
+    expect {
+	wakawaka@ {
+	    expect eof
+	}
+	eof {
+	    fail "kprop (updated slave data)"
+	    return
+	}
+	timeout {
+	    fail "kprop (examining new db)"
+	    return
+	}
+    }
+    pass "iprop"
+
+    # What about testing for full propagation?  (Small number of
+    # entries in update log, change one principal's record a lot of
+    # times, then fire up incremental kpropd...)  Do later.
 }
 
 run_once iprop {
+    catch "unset kpropd_pid"
+    catch "unset kpropd_spawn_id"
+
     # Set up the Kerberos files and environment.
     if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} {
 	return
@@ -114,9 +199,19 @@ run_once iprop {
 
     stop_kerberos_daemons
 
+    # if kpropd is running, kill it
+    if [info exists kpropd_pid] {
+	catch {
+	    exec kill $kpropd_pid
+	    expect -i $kpropd_spawn_id eof
+	    wait -i $kpropd_spawn_id
+	    unset kpropd_pid kpropd_spawn_id
+	}
+    }
+
     set ulog 0
     reset_kerberos_files
-    file delete $tmppwd/adb $tmppwd/adb.ok $tmppwd/db.ulog
+    delete_db
 
     if { $status != 0 } {
 	send_error "ERROR: error in iprop.exp\n"
diff --git a/src/tests/dejagnu/krb-standalone/kprop.exp b/src/tests/dejagnu/krb-standalone/kprop.exp
index cb0c161336..ed7ed684f9 100644
--- a/src/tests/dejagnu/krb-standalone/kprop.exp
+++ b/src/tests/dejagnu/krb-standalone/kprop.exp
@@ -21,20 +21,6 @@ proc setup_slave {} {
     }
 }
 
-proc start_kpropd {} {
-    global kpropd_pid kpropd_spawn_id KPROPD T_INETD KDB5_UTIL portbase tmppwd
-    global spawn_id
-
-    envstack_push
-    setup_kerberos_env slave
-#    spawn $T_INETD [expr 10 + $portbase] $KPROPD -f $tmppwd/incoming-slave-datatrans -p $KDB5_UTIL
-    spawn $KPROPD -S -d -P [expr 10 + $portbase] -s $tmppwd/srvtab -f $tmppwd/incoming-slave-datatrans -p $KDB5_UTIL -a $tmppwd/kpropd-acl
-#    spawn strace -o /tmp/3 -f $KPROPD -S -d -P [expr 10 + $portbase] -s $tmppwd/srvtab -f $tmppwd/incoming-slave-datatrans -p $KDB5_UTIL -a $tmppwd/kpropd-acl
-    set kpropd_pid [exp_pid]
-    set kpropd_spawn_id $spawn_id
-    envstack_pop
-}
-
 proc scan_kpropd_output {} {
     global kpropd_spawn_id kpropd_pid