summaryrefslogtreecommitdiffstats
path: root/src/tests/gssapi
Commit message (Collapse)AuthorAgeFilesLines
* Tidy up GSSAPI test programsGreg Hudson2012-09-1321-2186/+937
| | | | | | | | Factor out some common functions used by multiple test programs. Use a common argument format for importing names (p:princname, h:hostbasedname, or u:username) and adjust the Python tests to match it. Use more consistent conventions in test programs and fix some coding style issues. Normalize how the test programs are built.
* Add tests for GSS cred export and importGreg Hudson2012-09-113-4/+272
| | | | ticket: 7354
* Run "make depend"Tom Yu2012-08-231-0/+8
|
* Fix minor Makefile.in typos for make dependTom Yu2012-08-231-1/+1
| | | | | Fix minor typos in lib/krb5/krb/Makefile.in and tests/gssapi/Makefile.in so that "make depend" will work.
* Silence a gcc warning in t_export_nameGreg Hudson2012-08-121-1/+1
| | | | | | gcc warnings that nametype may be used uninitialized, presumably failing to deduce that usage() never returns. Initialize nametype to make it build.
* Add test coverage for gss_export_nameGreg Hudson2012-08-113-5/+191
| | | | | Exercise gss_export_name and importing of exported name tokens in t_gssapi.py.
* Fix nitpicky bugs in t_inq_credGreg Hudson2012-08-111-6/+6
|
* Add tests for gss_inquire_credGreg Hudson2012-08-103-3/+221
| | | | | | | | | Now that we're doing a kind of deferred credential acquisition for krb5, the behavior of gss_inquire_cred is a bit more subtle because (per RFC 2743 section 2.1.4) we have to choose a credential cache or acceptor name sooner than we would otherwise do so. Add a C program to invoke gss_acquire_cred/gss_inquire_cred and some Python tests using it.
* Add basic test for credstore extentionsSimo Sorce2012-07-203-3/+175
|
* Automatically create DIR ccache directoriesGreg Hudson2012-07-111-1/+0
| | | | | | | | If the directory for a DIR ccache doesn't exist yet, try to create it (but not its parents) with mode 700. Exercise this in test scripts by not pre-creating directories. ticket: 7196 (new)
* Add client keytab initiation supportGreg Hudson2012-07-025-2/+292
| | | | | | | | | Support acquiring GSSAPI krb5 credentials by fetching initial credentials using the client keytab. Credentials obtained this way will be stored in the default ccache or collection, and will be refreshed when they are halfway to expiring. ticket: 7189 (new)
* Fail from gss_acquire_cred if we have no credsGreg Hudson2012-06-151-0/+7
| | | | | | | | If a caller tries to acquire krb5 initiator creds with no desired name and we have no credentials in the cache collection, fail from gss_acquire_cred intead of deferring until gss_init_sec_context. ticket: 7160
* Fail from gss_acquire_cred if we have no keytabGreg Hudson2012-06-031-0/+7
| | | | | | | | If a caller tries to acquire krb5 acceptor creds with no desired name and we have no keytab keys, fail from gss_acquire_cred instead of deferring until gss_accept_sec_context. ticket: 7159 (new)
* Flip the default of start_kadmind in k5test.pyGreg Hudson2012-04-263-6/+6
| | | | | | | Very few Python tests need kadmind, so it makes more sense to have to turn it on than to have to turn it off. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25825 dc483132-0cff-0310-8789-dd5450dbe970
* Dump attributes differently in t_saslnameGreg Hudson2012-02-031-10/+32
| | | | | | | | Dump the known attributes only once, before iterating over the mechanisms, and display the short and long desc as well as the names when doing so. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25667 dc483132-0cff-0310-8789-dd5450dbe970
* Add automated tests for S4U2Self and S4U2ProxyGreg Hudson2011-12-075-9/+347
| | | | | | | | | These tests mainly exercise the client-side GSSAPI code for S4U2Self and S4U2Proxy. They also exercise the KDC code for S4U2Self, but only the denial logic for S4U2Proxy since the DB2 back end doesn't support constrained delegation currently. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25531 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of periods in Python test success messagesGreg Hudson2011-11-032-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25432 dc483132-0cff-0310-8789-dd5450dbe970
* Make reindentTom Yu2011-10-176-81/+81
| | | | | | | Also fix pkinit_crypto_nss.c struct initializers and add parens to a ternary operator in do_as_req.c for better indentation. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25362 dc483132-0cff-0310-8789-dd5450dbe970
* * New implementation to map a gss name to localnameSam Hartman2011-09-211-1/+4
| | | | | | | | | | | | | | | | * Write gss_pname_to_uid in terms of gss_localname; suppress on win32 * Add test for gss_pname_to_uid indirectly testing gss_localname * gss_localname is the SPI, not gss_pname_to_uid * fix some const gss_OID->gss_const_oid Signed-off-by: Sam Hartman <hartmans@painless-security.com> gss_localname: map gss name to localname git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25222 dc483132-0cff-0310-8789-dd5450dbe970
* Fix t_ccselect bugsGreg Hudson2011-09-062-4/+3
| | | | | | | initiator_cred wasn't initialized if no second arg was given. t_ccselect wasn't removed on make clean. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25165 dc483132-0cff-0310-8789-dd5450dbe970
* Make gss-krb5 use cache collectionGreg Hudson2011-09-054-8/+307
| | | | | | | | | | | | | | | | For default credentials, defer ccache resolution until we need the information. If this happens in init_sec_context when we have the target principal in hand, use krb5_cc_select() to pick a cache. If the target principal is not known, use the default cache. For credentials with a specified principal, use krb5_cc_cache_match() to find the cache. If no cache is found and a password is specified, create a new cache within the collection to hold the new credentials, if the default cache type supports a collection. ticket: 6958 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25160 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent per krb5-batch-reindent.el.Ken Raeburn2011-09-042-7/+7
| | | | | | | Some minor reformatting added in places to avoid exceeding 80 columns. Used Emacs 22.1 built-in C mode. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25144 dc483132-0cff-0310-8789-dd5450dbe970
* make-dependKen Raeburn2011-08-201-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25108 dc483132-0cff-0310-8789-dd5450dbe970
* Add automated tests for krb5_gss_import_credGreg Hudson2011-07-203-10/+195
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25022 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-095-5/+0
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* On make clean remove test programs and object files. In lib/krb5/krbEzra Peisach2011-03-061-1/+2
| | | | | | make depend as a test program was missed from the source list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24687 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2011-02-251-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24662 dc483132-0cff-0310-8789-dd5450dbe970
* Improve acceptor name flexibilityGreg Hudson2011-02-073-5/+260
| | | | | | | | | | | | | | | | | | | | | | Be more flexible about the principal names we will accept for a given GSS acceptor name. Also add support for a new libdefaults profile variable ignore_acceptor_hostname, which causes the hostnames of host-based service principals to be ignored when passed by server applications as acceptor names. Note that we still always invoke krb5_sname_to_principal() when importing a gss-krb5 mechanism name, even though we won't always use the result. This is an unfortunate waste of getaddrinfo/getnameinfo queries in some situations, but the code surgery necessary to defer it appears too risky at this time. The project proposal for this change is at: http://k5wiki.kerberos.org/wiki/Projects/Acceptor_Names ticket: 6855 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24616 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2010-12-051-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24561 dc483132-0cff-0310-8789-dd5450dbe970
* Use for loops for recursion in the Windows build, cutting down on theGreg Hudson2010-11-281-1/+1
| | | | | | | | | verbiage in Makefile.in files. For correctness of output, every Makefile.in mydir= definition is changed to use $(S) instead of /. ticket: 6826 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970
* Merge users/lhoward/sasl-gs2 to trunkGreg Hudson2010-10-062-4/+194
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24436 dc483132-0cff-0310-8789-dd5450dbe970
* Fix type errors in t_gssextsGreg Hudson2010-10-021-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24412 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate K&R-style function definition headers in t_gssexts.c, andGreg Hudson2010-10-021-18/+10
| | | | | | reformat other definitions according to coding practices. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24411 dc483132-0cff-0310-8789-dd5450dbe970
* Add gss_krb5_import_credGreg Hudson2010-09-271-23/+81
| | | | | | | | | | | | Add gss_krb5_import_cred from Heimdal; allows krb5 creds to be acquired from a keytab or ccache into a GSSAPI credential without using global process or thread variables. Merged from the users/lhoward/import-cred branch. ticket: 6785 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24356 dc483132-0cff-0310-8789-dd5450dbe970
* Run Python tests as individual rule commands (friendlier to make -k)Greg Hudson2010-04-241-2/+1
| | | | | | | | | instead of in a loop. Build runenv.py as part of make fake-install; it's harmless if Python is unavailable. Import runenv later in k5test so that we get a beter error message if make fake-install hasn't been run. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23932 dc483132-0cff-0310-8789-dd5450dbe970
* Include t_spengno.o in list of OBJS so make clean will removeEzra Peisach2010-03-231-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23831 dc483132-0cff-0310-8789-dd5450dbe970
* Add a Python test to run t_spnegoGreg Hudson2010-03-052-0/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23771 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a double-free in the t_spnego test program resulting from overlyGreg Hudson2010-03-051-3/+0
| | | | | | careless cutting and pasting. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23769 dc483132-0cff-0310-8789-dd5450dbe970
* Implement gss_set_neg_mechsGreg Hudson2010-02-102-2/+269
| | | | | | | | | | | | | | | | | Implement gss_set_neg_mechs in SPNEGO by intersecting the provided mech set with the mechanisms available in the union credential. As we now need space to hold the mech set, the SPNEGO credential is now a structure and not just a mechglue credential. t_spnego.c is a test program which exercises the new logic. Like the other GSSAPI tests, it is not run as part of "make check" at this time. ticket: 6658 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23715 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2010-01-031-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23575 dc483132-0cff-0310-8789-dd5450dbe970
* Add GSS extensions to store credentials, generate random bitsGreg Hudson2009-12-172-6/+428
| | | | | | | | | Merge /users/lhoward/gssextras-no-cqa to trunk. Adds gss_pseudo_random and gss_store_cred. ticket: 6597 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23479 dc483132-0cff-0310-8789-dd5450dbe970
* Mark and reindent tests, with some exclusionsTom Yu2009-11-303-130/+131
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23394 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate Makefile variables now that we have only a single globalGreg Hudson2009-11-222-4/+2
| | | | | | | | | | | | | configure script: $(SRCTOP) --> $(top_srcdir) $(srcdir)/$(thisconfigdir) --> $(top_srcdir) $(thisconfigdir) --> $(BUILDTOP) $(myfulldir) --> $(mydir) ticket: 6583 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23308 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-313-11/+8
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* For naming extensions draft compliance, s/mspac:/urn:mspac:/Luke Howard2009-10-201-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22957 dc483132-0cff-0310-8789-dd5450dbe970
* correct indirection of minor status code when calling displayStatus()Luke Howard2009-10-201-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22954 dc483132-0cff-0310-8789-dd5450dbe970
* Move destest to builtin/des, because it depends on overriding someTom Yu2009-10-101-0/+4
| | | | | | | | internals. Make depend. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22877 dc483132-0cff-0310-8789-dd5450dbe970
* Implement GSS naming extensions and authdata verificationGreg Hudson2009-10-093-6/+628
| | | | | | | | | Merge Luke's users/lhoward/authdata branch to trunk. Implements GSS naming extensions and verification of authorization data. ticket: 6572 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22875 dc483132-0cff-0310-8789-dd5450dbe970
* Re-run make depend without autoconf.h in the source treeGreg Hudson2009-09-161-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22775 dc483132-0cff-0310-8789-dd5450dbe970
* Implement s4u extensionsGreg Hudson2009-09-132-4/+425
| | | | | | | | | Merge Luke's users/lhoward/s4u branch to trunk. Implements S4U2Self and S4U2Proxy extensions. ticket: 6563 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22736 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-01-08 16:42:31 +0000