summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2013-02-03 12:25:10 -0500
committerGreg Hudson <ghudson@mit.edu>2013-02-07 12:54:55 -0500
commit62d0f78c3b420eba1812d232c03ea25a59d5ce64 (patch)
tree94c9ec8097ccaa73498bbbf7e23b39535735659b
parent8d01455ec9ed88bd3ccae939961a6e123bb3d45f (diff)
downloadkrb5-62d0f78c3b420eba1812d232c03ea25a59d5ce64.tar.gz
krb5-62d0f78c3b420eba1812d232c03ea25a59d5ce64.tar.xz
krb5-62d0f78c3b420eba1812d232c03ea25a59d5ce64.zip
Add kprop Python tests
Create a K5Realm.kprop_port method so test scripts can invoke kprop usefully, and create a simple Python test script exercising the same kprop functionality as the dejagnu suite's kprop.exp.
-rw-r--r--src/tests/Makefile.in1
-rw-r--r--src/tests/t_kprop.py44
-rw-r--r--src/util/k5test.py12
3 files changed, 54 insertions, 3 deletions
diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
index f23ac443a..92d8d6889 100644
--- a/src/tests/Makefile.in
+++ b/src/tests/Makefile.in
@@ -76,6 +76,7 @@ check-pytests:: gcred hist kdbtest
$(RUNPYTEST) $(srcdir)/t_general.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_dump.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_iprop.py $(PYTESTFLAGS)
+ $(RUNPYTEST) $(srcdir)/t_kprop.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_anonpkinit.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_policy.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_kadm5_hook.py $(PYTESTFLAGS)
diff --git a/src/tests/t_kprop.py b/src/tests/t_kprop.py
new file mode 100644
index 000000000..ff6290236
--- /dev/null
+++ b/src/tests/t_kprop.py
@@ -0,0 +1,44 @@
+#!/usr/bin/python
+from k5test import *
+
+conf_slave = {'dbmodules': {'db': {'database_name': '$testdir/db.slave'}}}
+
+# kprop/kpropd are the only users of krb5_auth_con_initivector, so run
+# this test over all enctypes to exercise mkpriv cipher state.
+for realm in multipass_realms(create_user=False):
+ slave = realm.special_env('slave', True, kdc_conf=conf_slave)
+
+ # Set up the kpropd acl file.
+ acl_file = os.path.join(realm.testdir, 'kpropd-acl')
+ acl = open(acl_file, 'w')
+ acl.write(realm.host_princ + '\n')
+ acl.close()
+
+ # Create the slave db.
+ dumpfile = os.path.join(realm.testdir, 'dump')
+ realm.run([kdb5_util, 'dump', dumpfile])
+ realm.run([kdb5_util, 'load', dumpfile], slave)
+ realm.run([kdb5_util, 'stash', '-P', 'master'], slave)
+
+ # Make some changes to the master db.
+ realm.addprinc('wakawaka')
+
+ # Start kpropd.
+ kpropd = realm.start_kpropd(slave, ['-d', '-t'])
+
+ realm.run([kdb5_util, 'dump', dumpfile])
+ realm.run([kprop, '-f', dumpfile, '-P', str(realm.kprop_port()), hostname])
+ output('*** kpropd output follows\n')
+ while True:
+ line = kpropd.stdout.readline()
+ if line == '':
+ break
+ output('kpropd: ' + line)
+ if 'Rejected connection' in line:
+ fail('kpropd rejected connection from kprop')
+
+ out = realm.run_kadminl('listprincs', slave)
+ if 'wakawaka' not in out:
+ fail('Slave does not have all principals from master')
+
+success('kprop tests')
diff --git a/src/util/k5test.py b/src/util/k5test.py
index 961ed797f..017aa0c7f 100644
--- a/src/util/k5test.py
+++ b/src/util/k5test.py
@@ -209,6 +209,9 @@ Scripts may use the following realm methods and attributes:
send an input string to the command, and expected_code=N to expect a
return code other than 0.
+* realm.kprop_port(): Returns a port number based on realm.portbase
+ intended for use by kprop and kpropd.
+
* realm.server_port(): Returns a port number based on realm.portbase
intended for use by server processes.
@@ -823,8 +826,8 @@ class K5Realm(object):
env['KRB5_KTNAME'] = self.keytab
env['KRB5_CLIENT_KTNAME'] = self.client_keytab
env['KRB5RCACHEDIR'] = self.testdir
- env['KPROPD_PORT'] = str(self.portbase + 3)
- env['KPROP_PORT'] = str(self.portbase + 3)
+ env['KPROPD_PORT'] = str(self.kprop_port())
+ env['KPROP_PORT'] = str(self.kprop_port())
return env
def run(self, args, env=None, **keywords):
@@ -832,6 +835,9 @@ class K5Realm(object):
env = self.env
return _run_cmd(args, env, **keywords)
+ def kprop_port(self):
+ return self.portbase + 3
+
def server_port(self):
return self.portbase + 5
@@ -885,7 +891,7 @@ class K5Realm(object):
global krb5kdc
slavedump_path = os.path.join(self.testdir, 'incoming-slave-datatrans')
kpropdacl_path = os.path.join(self.testdir, 'kpropd-acl')
- proc = _start_daemon([kpropd, '-D', '-P', str(self.portbase + 3),
+ proc = _start_daemon([kpropd, '-D', '-P', str(self.kprop_port()),
'-f', slavedump_path, '-p', kdb5_util,
'-a', kpropdacl_path] + args, env, 'ready')
self._kpropd_procs.append(proc)