From 94da4584645475272abec6259d1666e34bd59594 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Fri, 20 Dec 2013 15:19:06 -0500 Subject: Avoid keyctl purge in keyring ccache tests keyctl purge was added in keyutils 1.5 (released in March 2011). Use keyctl unlink to clean up keys instead, as it is more universal. ticket: 7810 target_version: 1.12.1 tags: pullup --- src/lib/krb5/ccache/t_cccol.py | 30 ++++++++++++++++-------------- src/tests/t_ccache.py | 20 ++++++++++++-------- 2 files changed, 28 insertions(+), 22 deletions(-) (limited to 'src') diff --git a/src/lib/krb5/ccache/t_cccol.py b/src/lib/krb5/ccache/t_cccol.py index e762625662..e6d715cbaf 100644 --- a/src/lib/krb5/ccache/t_cccol.py +++ b/src/lib/krb5/ccache/t_cccol.py @@ -11,30 +11,33 @@ test_keyring = (keyctl is not None and # Run the collection test program against each collection-enabled type. realm.run(['./t_cccol', 'DIR:' + os.path.join(realm.testdir, 'cc')]) if test_keyring: + def cleanup_keyring(anchor, name): + out = realm.run(['keyctl', 'list', anchor]) + if ('keyring: ' + name + '\n') in out: + keyid = realm.run(['keyctl', 'search', anchor, 'keyring', name]) + realm.run(['keyctl', 'unlink', keyid.strip(), anchor]) + # Use the test directory as the collection name to avoid colliding # with other build trees. cname = realm.testdir + col_ringname = '_krb_' + cname # Remove any keys left behind by previous failed test runs. - realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname]) - realm.run(['keyctl', 'purge', 'keyring', cname]) - out = realm.run(['keyctl', 'list', '@u']) - if ('keyring: _krb_' + cname + '\n') in out: - id = realm.run(['keyctl', 'search', '@u', 'keyring', '_krb_' + cname]) - realm.run(['keyctl', 'unlink', id.strip(), '@u']) + cleanup_keyring('@s', cname) + cleanup_keyring('@s', col_ringname) + cleanup_keyring('@u', col_ringname) # Run test program over each subtype, cleaning up as we go. Don't # test the persistent subtype, since it supports only one # collection and might be in actual use. realm.run(['./t_cccol', 'KEYRING:' + cname]) - realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname]) + cleanup_keyring('@s', col_ringname) realm.run(['./t_cccol', 'KEYRING:legacy:' + cname]) - realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname]) + cleanup_keyring('@s', col_ringname) realm.run(['./t_cccol', 'KEYRING:session:' + cname]) - realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname]) + cleanup_keyring('@s', col_ringname) realm.run(['./t_cccol', 'KEYRING:user:' + cname]) - id = realm.run(['keyctl', 'search', '@u', 'keyring', '_krb_' + cname]) - realm.run(['keyctl', 'unlink', id.strip(), '@u']) + cleanup_keyring('@u', col_ringname) realm.run(['./t_cccol', 'KEYRING:process:abcd']) realm.run(['./t_cccol', 'KEYRING:thread:abcd']) @@ -57,8 +60,7 @@ realm.kinit('alice', password('alice'), flags=['-c', dalice]) realm.kinit('bob', password('bob'), flags=['-c', dbob]) if test_keyring: - cname = realm.testdir - realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname]) + cleanup_keyring('@s', col_ringname) krccname = 'KEYRING:session:' + cname kruser = '%s:tkt1' % krccname kralice = '%s:tkt2' % krccname @@ -105,7 +107,7 @@ realm.run(['./t_cccursor', realm.ccache, 'CONTENT']) realm.run(['./t_cccursor', mfoo, 'CONTENT'], expected_code=1) if test_keyring: realm.run(['./t_cccursor', krccname, 'CONTENT']) - realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname]) + cleanup_keyring('@s', col_ringname) # Make sure FILE doesn't yield a nonexistent default cache. realm.run([kdestroy]) diff --git a/src/tests/t_ccache.py b/src/tests/t_ccache.py index eedd29af8f..dd20e11399 100644 --- a/src/tests/t_ccache.py +++ b/src/tests/t_ccache.py @@ -85,13 +85,20 @@ def collection_test(realm, ccname): collection_test(realm, 'DIR:' + os.path.join(realm.testdir, 'cc')) if test_keyring: + def cleanup_keyring(anchor, name): + out = realm.run(['keyctl', 'list', anchor]) + if ('keyring: ' + name + '\n') in out: + keyid = realm.run(['keyctl', 'search', anchor, 'keyring', name]) + realm.run(['keyctl', 'unlink', keyid.strip(), anchor]) + # Use realm.testdir as the collection name to avoid conflicts with # other build trees. cname = realm.testdir + col_ringname = '_krb_' + cname - realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname]) + cleanup_keyring('@s', col_ringname) collection_test(realm, 'KEYRING:session:' + cname) - realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname]) + cleanup_keyring('@s', col_ringname) # Test legacy keyring cache linkage. realm.env['KRB5CCNAME'] = 'KEYRING:' + cname @@ -108,12 +115,10 @@ if test_keyring: # Remove the collection keyring. When the collection is # reinitialized, the legacy cache should reappear inside it # automatically as the primary cache. - out = realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname]) - if 'purged 1 keys' not in out: - fail('Could not purge collection keyring') + cleanup_keyring('@s', col_ringname) out = realm.run([klist]) if realm.user_princ not in out: - fail('Cannot see legacy cache after purging collection') + fail('Cannot see legacy cache after removing collection') coll_id = realm.run([keyctl, 'search', '@s', 'keyring', '_krb_' + cname]) out = realm.run([keyctl, 'list', coll_id.strip()]) if (id.strip() + ':') not in out: @@ -121,8 +126,7 @@ if test_keyring: # Destroy the cache and check that it is unlinked from the session keyring. realm.run([kdestroy]) realm.run([keyctl, 'search', '@s', 'keyring', cname], expected_code=1) - # Clean up the collection key. - realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname]) + cleanup_keyring('@s', col_ringname) # Test parameter expansion in default_ccache_name realm.stop() -- cgit