diff options
| author | Greg Hudson <ghudson@mit.edu> | 2008-12-18 18:31:16 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2008-12-18 18:31:16 +0000 |
| commit | 3bee8ea39e56d0ddd369bfb365cca9d51fdcfc37 (patch) | |
| tree | f808e8013717b9f044e86d49a29a8288d0437783 /src/tests | |
| parent | 1d86f863efc9f6bc838438f90c6fdda236b6cedd (diff) | |
| download | krb5-3bee8ea39e56d0ddd369bfb365cca9d51fdcfc37.tar.gz krb5-3bee8ea39e56d0ddd369bfb365cca9d51fdcfc37.tar.xz krb5-3bee8ea39e56d0ddd369bfb365cca9d51fdcfc37.zip | |
Remove krb524, lib/des425, lib/krb4, and include/kerberosIV.
Remove krb4 build system references and conditionals.
Move des425 header stuff referenced by des_int.h into des_int.h.
Remove krb4 test cases.
ticket: 6303
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21544 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/dejagnu/Makefile.in | 2 | ||||
| -rw-r--r-- | src/tests/dejagnu/config/default.exp | 174 | ||||
| -rw-r--r-- | src/tests/dejagnu/krb-root/telnet.exp | 2 | ||||
| -rw-r--r-- | src/tests/dejagnu/krb-standalone/standalone.exp | 41 | ||||
| -rw-r--r-- | src/tests/dejagnu/krb-standalone/v4gssftp.exp | 508 | ||||
| -rw-r--r-- | src/tests/dejagnu/krb-standalone/v4krb524d.exp | 168 | ||||
| -rw-r--r-- | src/tests/dejagnu/krb-standalone/v4standalone.exp | 95 |
7 files changed, 2 insertions, 988 deletions
diff --git a/src/tests/dejagnu/Makefile.in b/src/tests/dejagnu/Makefile.in index 83d73e9bf..ddc0da96e 100644 --- a/src/tests/dejagnu/Makefile.in +++ b/src/tests/dejagnu/Makefile.in @@ -7,7 +7,6 @@ RUNTESTFLAGS = KRB5_RUN_ENV= @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -KRB4_RUNTESTFLAGS=@KRB4_DEJAGNU_TEST@ SRCS=$(srcdir)/t_inetd.c @@ -47,7 +46,6 @@ site.exp: runenv.vals Makefile sed -e 's%=\.%='`pwd`'/.%g' > site.exp echo "set KRB5_DB_MODULE_DIR {$(KRB5_DB_MODULE_DIR)}" >> site.exp echo "set PRIOCNTL_HACK @PRIOCNTL_HACK@" >> site.exp - echo set $(KRB4_RUNTESTFLAGS) | sed -e 's/=/ /' >> site.exp # +++ Dependency line eater +++ # diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp index 97649d727..fc8a50730 100644 --- a/src/tests/dejagnu/config/default.exp +++ b/src/tests/dejagnu/config/default.exp @@ -821,7 +821,6 @@ proc modify_principal { name args } { # kadmind +4 # kpasswd +5 # (nothing) +6 -# krb524 +7 # application servers (krlogind, telnetd, krshd, ftpd, etc) +8 # iprop +9 (if enabled) # kpropd +10 @@ -1039,7 +1038,6 @@ proc setup_krb5_conf { {type client} } { } puts $conffile " krb4_config = $tmppwd/krb.conf" puts $conffile " krb4_realms = $tmppwd/krb.realms" - puts $conffile " krb4_srvtab = $tmppwd/v4srvtab" if { $mode == "tcp" } { puts $conffile " udp_preference_limit = 1" } @@ -1058,7 +1056,6 @@ proc setup_krb5_conf { {type client} } { puts $conffile " admin_server = $hostname:[expr 4 + $portbase]" puts $conffile " kpasswd_server = $hostname:[expr 5 + $portbase]" puts $conffile " default_domain = $domain" - puts $conffile " krb524_server = $hostname:[expr 7 + $portbase]" puts $conffile " database_module = foo_db2" puts $conffile " \}" puts $conffile "" @@ -1131,10 +1128,6 @@ proc setup_kerberos_env { {type client} } { set env(KRB5CCNAME) $tmppwd/tkt verbose "KRB5CCNAME=$env(KRB5CCNAME)" - # Direct the Kerberos programs at a local ticket file. - set env(KRBTKFILE) $tmppwd/tktv4 - verbose "KRBTKFILE=$env(KRBTKFILE)" - # Direct the Kerberos server at a cache file stored in the # temporary directory. set env(KRB5RCACHEDIR) $tmppwd @@ -1762,7 +1755,7 @@ proc start_kerberos_daemons { standalone } { envstack_push setup_kerberos_env kdc - spawn $KRB5KDC -r $REALMNAME -n -4 full + spawn $KRB5KDC -r $REALMNAME -n full envstack_pop set kdc_pid [exp_pid] set kdc_spawn_id $spawn_id @@ -2439,171 +2432,6 @@ proc v4_compatible_enctype {} { } } -# kinit -# Use kinit to get a ticket. If the argument is non-zero, call pass -# at relevant points. Returns 1 on success, 0 on failure. - -proc v4kinit { name pass standalone } { - global REALMNAME - global KINIT - global spawn_id - global des3_krbtgt - - # Use kinit to get a ticket. - # - # For now always get forwardable tickets. Later when we need to make - # tests that distiguish between forwardable tickets and otherwise - # we should but another option to this proc. --proven - # - spawn $KINIT -4 $name@$REALMNAME - expect { - "Password for $name@$REALMNAME:" { - verbose "v4kinit started" - } - timeout { - fail "v4kinit" - return 0 - } - eof { - fail "v4kinit" - return 0 - } - } - send "$pass\r" - expect eof - if {$des3_krbtgt == 0} { - if ![check_exit_status v4kinit] { - return 0 - } - } else { - # Fail if kinit is successful with a des3 TGT. - set status_list [wait -i $spawn_id] - set testname v4kinit - verbose "wait -i $spawn_id returned $status_list ($testname)" - if { [lindex $status_list 2] != 0 || [lindex $status_list 3] != 1 } { - verbose -log "exit status: $status_list" - fail "$testname (exit status)" - } - } - if {$standalone} { - pass "v4kinit" - } - - return 1 -} - -proc v4kinit_kt { name keytab standalone } { - global REALMNAME - global KINIT - global spawn_id - - # Use kinit to get a ticket. - # - # For now always get forwardable tickets. Later when we need to make - # tests that distiguish between forwardable tickets and otherwise - # we should but another option to this proc. --proven - # - spawn $KINIT -4 -k -t $keytab $name@$REALMNAME - expect { - timeout { - fail "v4kinit" - return 0 - } - eof { } - } - if ![check_exit_status kinit] { - return 0 - } - - if {$standalone} { - pass "v4kinit" - } - - return 1 -} - -# List v4 tickets. -# Client and server are regular expressions. -proc v4klist { client server testname } { - global KLIST - global tmppwd - - spawn $KLIST -4 - expect { - -re "Kerberos 4 ticket cache:\[ \]*(.+:)?$tmppwd/tkt.*Principal:\[ \]*$client.*$server\r\n" { - verbose "klist started" - } - timeout { - fail $testname - return 0 - } - eof { - fail $testname - return 0 - } - } - - expect eof - - if ![check_exit_status $testname] { - return 0 - } - pass $testname - return 1 -} - -# Destroy tickets. -proc v4kdestroy { testname } { - global KDESTROY - spawn $KDESTROY -4 - if ![check_exit_status $testname] { - return 0 - } - pass $testname - return 1 -} - -# Try to list the krb4 tickets -- there shouldn't be any ticket file. -proc v4klist_none { testname } { - global KLIST - global tmppwd - - # Double check that the ticket was destroyed. - spawn $KLIST -4 - expect { - -re "Kerberos 4 ticket cache:\[ \]*(.+:)?$tmppwd/tkt.*klist: You have no tickets cached.*\r\n" { - verbose "v4klist started" - pass "$testname (output)" - } - timeout { - fail "$testname (output)" - # Skip the 'wait' below, if it's taking too long. - untested "$testname (exit status)" - return 0 - } - eof { - fail "$testname (output)" - } - } - # We can't use check_exit_status, because we expect an exit status - # of 1. - expect eof - set status_list [wait -i $spawn_id] - verbose "wait -i $spawn_id returned $status_list (v4klist)" - if { [lindex $status_list 2] != 0 } { - fail "$testname (exit status)" - return 0 - } else { - if { [lindex $status_list 3] != 1 } { - fail "$testname (exit status)" - return 0 - } else { - pass "$testname (exit status)" - } - } - return 1 -} - # Set up a root shell using rlogin $hostname -l root. This is used # when testing the daemons that must be run as root, such as telnetd # or rlogind. This sets the global variables rlogin_spawn_id and diff --git a/src/tests/dejagnu/krb-root/telnet.exp b/src/tests/dejagnu/krb-root/telnet.exp index 57b1e076a..17095b336 100644 --- a/src/tests/dejagnu/krb-root/telnet.exp +++ b/src/tests/dejagnu/krb-root/telnet.exp @@ -47,7 +47,7 @@ proc start_telnet_daemon { args } { # we don't need to use inetd. The portbase+8 is the port to listen at. # Note that tmppwd here is a shell variable, which is set in # setup_root_shell, not a TCL variable. - send -i $rlogin_spawn_id "sh -c \"$TELNETD $args -debug -t \$tmppwd/srvtab -R $REALMNAME -L $tmppwd/login.wrap -X KERBEROS_V4 [expr 8 + $portbase]\" &\r" + send -i $rlogin_spawn_id "sh -c \"$TELNETD $args -debug -t \$tmppwd/srvtab -R $REALMNAME -L $tmppwd/login.wrap [expr 8 + $portbase]\" &\r" expect { -i $rlogin_spawn_id -re "$ROOT_PROMPT" { } diff --git a/src/tests/dejagnu/krb-standalone/standalone.exp b/src/tests/dejagnu/krb-standalone/standalone.exp index ca601ef48..ad14bcc7d 100644 --- a/src/tests/dejagnu/krb-standalone/standalone.exp +++ b/src/tests/dejagnu/krb-standalone/standalone.exp @@ -175,47 +175,6 @@ proc doit { } { kinit_kt "foo/bar" $tmppwd/fookeytab 1 "kt kvno $vno" do_klist "foo/bar" "krbtgt/$REALMNAME@$REALMNAME" "klist kt foo/bar vno $vno" do_kdestroy "kdestroy foo/bar vno $vno" - - if {[info exists KRBIV] && $KRBIV && - [regexp {des-cbc-[a-z0-9-]*:v4} [lindex $supported_enctypes 0]]} { - catch "exec rm -f $tmppwd/foosrvtab" - spawn $KTUTIL - expect_after { - timeout { fail "ktutil converting keytab to srvtab" ; set ok 0 } - eof { fail "ktutil converting keytab to srvtab" ; set ok 0 } - } - expect "ktutil: " - send "rkt $tmppwd/fookeytab\r" - expect -ex "rkt $tmppwd/fookeytab\r" - expect "ktutil: " -# for debugging, just log this -# send "list\r" -# expect "ktutil: " - # - send "wst $tmppwd/foosrvtab\r" - expect -ex "wst $tmppwd/foosrvtab\r" - expect "ktutil: " -# for debugging, just log this -# send "clear\r" -# expect "ktutil: " -# send "rst $tmppwd/foosrvtab\r" -# expect "ktutil: " -# send "list\r" -# expect "ktutil: " - # okay, now quit and finish testing - send "quit\r" - expect eof - catch expect_after - if [check_exit_status "ktutil converting keytab to srvtab (vno $vno)"] { - pass "ktutil converting keytab to srvtab (vno $vno)" - do_klist_kt $tmppwd/fookeytab "klist srvtab foo/bar vno $vno" - kinit_kt "foo/bar" "SRVTAB:$tmppwd/foosrvtab" 1 "st kvno $vno" - do_klist "foo/bar" "krbtgt/$REALMNAME@$REALMNAME" "klist st foo/bar vno $vno" - do_kdestroy "kdestroy st foo/bar vno $vno" - } - } else { - verbose "skipping v5kinit/srvtab tests because of non-v4 enctype" - } } catch "exec rm -f $keytab" # Check that kadmin.local can actually read the correct kvno, even diff --git a/src/tests/dejagnu/krb-standalone/v4gssftp.exp b/src/tests/dejagnu/krb-standalone/v4gssftp.exp deleted file mode 100644 index d75c57280..000000000 --- a/src/tests/dejagnu/krb-standalone/v4gssftp.exp +++ /dev/null @@ -1,508 +0,0 @@ -# Kerberos ftp test. -# This is a DejaGnu test script. -# This script tests Kerberos ftp. -# Originally written by Ian Lance Taylor, Cygnus Support, <ian@cygnus.com>. -# Modified bye Ezra Peisach for GSSAPI support. - -# Find the programs we need. We use the binaries from the build tree -# if they exist. If they do not, then they must be in PATH. We -# expect $objdir to be .../kerberos/build/tests/dejagnu - -if ![info exists FTP] { - set FTP [findfile $objdir/../../appl/gssftp/ftp/ftp] -} - -if ![info exists FTPD] { - set FTPD [findfile $objdir/../../appl/gssftp/ftpd/ftpd] -} - -# If we do not have what is for a V4 test - return -if ![v4_compatible_enctype] { - return -} - -# A procedure to start up the ftp daemon. - -proc start_ftp_daemon { } { - global FTPD - global tmppwd - global ftpd_spawn_id - global ftpd_pid - global portbase - - # The -p argument tells it to accept a single connection, so we - # don't need to use inetd. Portbase+8 is the port to listen at. - # We rely on KRB5_KTNAME being set to the proper keyfile as there is - # no way to cleanly set it with the gssapi API. - # The -U argument tells it to use an alternate ftpusers file (using - # /dev/null will allow root to login regardless of /etc/ftpusers). - # The -a argument requires authorization, to mitigate any - # vulnerability introduced by circumventing ftpusers. - spawn $FTPD -p [expr 8 + $portbase] -a -U /dev/null -r $tmppwd/krb.conf - set ftpd_spawn_id $spawn_id - set ftpd_pid [exp_pid] - - # Give the ftp daemon a few seconds to get set up. - sleep 2 -} - -# A procedure to stop the ftp daemon. - -proc stop_ftp_daemon { } { - global ftpd_spawn_id - global ftpd_pid - - if [info exists ftpd_pid] { - catch "close -i $ftpd_spawn_id" - catch "exec kill $ftpd_pid" - catch "wait -i $ftpd_spawn_id" - unset ftpd_pid - } -} - -# Test that a file was copied correctly. -proc check_file { filename {bigfile 0}} { - if ![file exists $filename] { - verbose "$filename does not exist" - send_log "$filename does not exist\n" - return 0 - } - - set file [open $filename r] - if { [gets $file line] == -1 } { - verbose "$filename is empty" - send_log "$filename is empty\n" - close $file - return 0 - } - - if ![string match "This file is used for ftp testing." $line] { - verbose "$filename contains $line" - send_log "$filename contains $line\n" - close $file - return 0 - } - - if {$bigfile} { - # + 1 for the newline - seek $file 1048577 current - if { [gets $file line] == -1 } { - verbose "$filename is truncated" - send_log "$filename is truncated\n" - close $file - return 0 - } - - if ![string match "This file is used for ftp testing." $line] { - verbose "$filename contains $line" - send_log "$filename contains $line\n" - close $file - return 0 - } - } - - if { [gets $file line] != -1} { - verbose "$filename is too long ($line)" - send_log "$filename is too long ($line)\n" - close $file - return 0 - } - - close $file - - return 1 -} - -# -# Restore environment variables possibly set. -# -proc ftp_restore_env { } { - global env - global ftp_save_ktname - global ftp_save_ccname - - catch "unset env(KRB5_KTNAME)" - if [info exists ftp_save_ktname] { - set env(KRB5_KTNAME) $ftp_save_ktname - unset ftp_save_ktname - } - - catch "unset env(KRB5CCNAME)" - if [info exists ftp_save_ccname] { - set env(KRB5CCNAME) $ftp_save_ccname - unset ftp_save_ccname - } -} - -# Wrap the tests in a procedure, so that we can kill the daemons if -# we get some sort of error. - -proc v4ftp_test { } { - global FTP - global KEY - global REALMNAME - global hostname - global localhostname - global env - global ftpd_spawn_id - global ftpd_pid - global spawn_id - global tmppwd - global ftp_save_ktname - global ftp_save_ccname - global des3_krbtgt - global portbase - - if {$des3_krbtgt} { - return - } - # Start up the kerberos and kadmind daemons and get a srvtab and a - # ticket file. - if {![start_kerberos_daemons 0] \ - || ![add_random_key ftp/$hostname 0] \ - || ![setup_srvtab 0 ftp] \ - || ![add_kerberos_key $env(USER) 0] \ - || ![v4kinit $env(USER) $env(USER)$KEY 0]} { - return - } - - # - # Save settings of KRB5_KTNAME - # - if [info exists env(KRB5_KTNAME)] { - set ftp_save_ktname $env(KRB5_KTNAME) - } - - # - # set KRB5_KTNAME - # - set env(KRB5_KTNAME) FILE:$tmppwd/srvtab - verbose "KRB5_KTNAME=$env(KRB5_KTNAME)" - - # - # Save settings of KRB5CCNAME - # These tests fail if the krb5 cache happens to have a valid credential - # which can result from running the gssftp.exp test immediately - # preceeding these tests. - # - if [info exists env(KRB5CCNAME)] { - set ftp_save_ccname $env(KRB5CCNAME) - } - - # - # set KRB5_KTNAME - # - set env(KRB5CCNAME) FILE:$tmppwd/non-existant-cache - verbose "KRB5CCNAME=$env(KRB5CCNAME)" - - # Start the ftp daemon. - start_ftp_daemon - - # Make an ftp client connection to it. - spawn $FTP $hostname [expr 8 + $portbase] - - expect_after { - timeout { - fail "$testname (timeout)" - catch "expect_after" - return - } - eof { - fail "$testname (eof)" - catch "expect_after" - return - } - } - - set testname "ftp connection(v4)" - expect -nocase "connected to $hostname" - expect -nocase -re "$localhostname.*ftp server .version \[0-9.\]*. ready." - expect -re "Using authentication type GSSAPI; ADAT must follow" - expect "GSSAPI accepted as authentication type" - expect -re "GSSAPI error major: (Unspecified GSS|Miscellaneous) failure" - expect { - "GSSAPI error minor: Unsupported credentials cache format version number" {} - "GSSAPI error minor: No credentials cache found" {} - -re "GSSAPI error minor: Credentials cache file '.*' not found" {} - "GSSAPI error minor: Decrypt integrity check failed" {} - } - expect "GSSAPI error: initializing context" - expect "GSSAPI authentication failed" - expect -re "Using authentication type KERBEROS_V4; ADAT must follow" - expect { - "Kerberos V4 authentication succeeded" { pass "ftp authentication" } - eof { fail "ftp authentication" ; catch "expect_after" ; return } - -re "Kerberos V4 .* failed.*\r" { - fail "ftp authentication"; - send "quit\r"; catch "expect_after"; - return - } - } - expect -nocase "name ($hostname:$env(USER)): " - send "$env(USER)\r" - expect "Kerberos user $env(USER)@$REALMNAME is authorized as $env(USER)" - expect "Remote system type is UNIX." - expect "Using binary mode to transfer files." - expect "ftp> " { - pass $testname - } - - set testname "binary(v4)" - send "binary\r" - expect "ftp> " { - pass $testname - } - - set testname "status(v4)" - send "status\r" - expect -nocase "connected to $hostname." - expect "Authentication type: KERBEROS_V4" - expect "ftp> " { - pass $testname - } - - set testname "ls(v4)" - send "ls $tmppwd/ftp-test\r" - expect -re "Opening ASCII mode data connection for .*ls." - expect -re ".* $tmppwd/ftp-test" - expect "ftp> " { - pass $testname - } - - set testname "nlist(v4)" - send "nlist $tmppwd/ftp-test\r" - expect -re "Opening ASCII mode data connection for file list." - expect -re "$tmppwd/ftp-test" - expect -re ".* Transfer complete." - expect "ftp> " { - pass $testname - } - - set testname "ls missing(v4)" - send "ls $tmppwd/ftp-testmiss\r" - expect -re "Opening ASCII mode data connection for .*ls." - expect { - -re "$tmppwd/ftp-testmiss not found" {} - -re "$tmppwd/ftp-testmiss: No such file or directory" - } - expect "ftp> " { - pass $testname - } - - - set testname "get(v4)" - catch "exec rm -f $tmppwd/copy" - send "get $tmppwd/ftp-test $tmppwd/copy\r" - expect "Opening BINARY mode data connection for $tmppwd/ftp-test" - expect "Transfer complete" - expect -re "\[0-9\]+ bytes received in \[0-9.e-\]+ seconds" - expect "ftp> " - if [check_file $tmppwd/copy] { - pass $testname - } else { - fail $testname - } - - set testname "put(v4)" - catch "exec rm -f $tmppwd/copy" - send "put $tmppwd/ftp-test $tmppwd/copy\r" - expect "Opening BINARY mode data connection for $tmppwd/copy" - expect "Transfer complete" - expect -re "\[0-9\]+ bytes sent in \[0-9.e-\]+ seconds" - expect "ftp> " - if [check_file $tmppwd/copy] { - pass $testname - } else { - fail $testname - } - - set testname "cd(v4)" - send "cd $tmppwd\r" - expect "CWD command successful." - expect "ftp> " { - pass $testname - } - - set testname "lcd(v4)" - send "lcd $tmppwd\r" - expect "Local directory now $tmppwd" - expect "ftp> " { - pass $testname - } - - set testname "local get(v4)" - catch "exec rm -f $tmppwd/copy" - send "get ftp-test copy\r" - expect "Opening BINARY mode data connection for ftp-test" - expect "Transfer complete" - expect -re "\[0-9\]+ bytes received in \[0-9.e-\]+ seconds" - expect "ftp> " - if [check_file $tmppwd/copy] { - pass $testname - } else { - fail $testname - } - - set testname "big local get(v4)" - catch "exec rm -f $tmppwd/copy" - send "get bigftp-test copy\r" - expect "Opening BINARY mode data connection for bigftp-test" - expect "Transfer complete" - expect -re "\[0-9\]+ bytes received in \[0-9.e-\]+ seconds" - expect "ftp> " - if [check_file $tmppwd/copy 1] { - pass $testname - } else { - fail $testname - } - - set testname "start encryption(v4)" - send "private\r" - expect "Data channel protection level set to private" - expect "ftp> " { - pass $testname - } - - set testname "status(v4)" - send "status\r" - expect "Protection Level: private" - expect "ftp> " { - pass $testname - } - - set testname "encrypted get(v4)" - catch "exec rm -f $tmppwd/copy" - send "get ftp-test copy\r" - expect "Opening BINARY mode data connection for ftp-test" - expect "Transfer complete" - expect { - -re "\[0-9\]+ bytes received in \[0-9.e-\]+ seconds" {} - -re "krb_rd_priv failed for KERBEROS_V4" { - fail $testname - send "quit\r" - catch "expect_after" - return - } - } - expect "ftp> " - if [check_file $tmppwd/copy] { - pass $testname - } else { - fail $testname - } - - - # Test a large file that will overflow PBSZ size - set testname "big encrypted get(v4)" - catch "exec rm -f $tmppwd/copy" - send "get bigftp-test copy\r" - expect "Opening BINARY mode data connection for bigftp-test" - expect "Transfer complete" - expect { - -re "\[0-9\]+ bytes received in \[0-9.e+-\]+ seconds" {} - -re "krb_rd_priv failed for KERBEROS_V4" { - fail $testname - send "quit\r" - catch "expect_after" - return - } - } - expect "ftp> " - if [check_file $tmppwd/copy 1] { - pass $testname - } else { - fail $testname - } - - set testname "close(v4)" - send "close\r" - expect "Goodbye." - expect "ftp> " - set status_list [wait -i $ftpd_spawn_id] - verbose "wait -i $ftpd_spawn_id returned $status_list ($testname)" - catch "close -i $ftpd_spawn_id" - if { [lindex $status_list 2] != 0 || [lindex $status_list 3] != 0 } { - send_log "exit status: $status_list\n" - verbose "exit status: $status_list" - fail $testname - } else { - pass $testname - unset ftpd_pid - } - - set testname "quit(v4)" - send "quit\r" - expect_after - expect eof - if [check_exit_status $testname] { - pass $testname - } - -} - -run_once v4gssftp { - # Make sure .klogin is reasonable. - if ![check_k5login ftp] { - return - } - - if ![check_klogin ftp] { - return - } - - # Set up the kerberos database. - if {![get_hostname] \ - || ![setup_kerberos_files] \ - || ![setup_kerberos_env] \ - || ![setup_kerberos_db 0]} { - return - } - - # Create a file to use for ftp testing. - set file [open $tmppwd/ftp-test w] - puts $file "This file is used for ftp testing." - close $file - - # Create a large file to use for ftp testing. File needs to be - # larger that 2^20 or 1MB for PBSZ testing. - set file [open $tmppwd/bigftp-test w] - puts $file "This file is used for ftp testing.\n" - seek $file 1048576 current - puts $file "This file is used for ftp testing." - close $file - - # The ftp client will look in $HOME/.netrc for the user name to use. - # To avoid confusing the testsuite, point $HOME at a directory where - # we know there is no .netrc file. - if [info exists env(HOME)] { - set home $env(HOME) - } elseif [info exists home] { - unset home - } - set env(HOME) $tmppwd - - # Run the test. Logging in sometimes takes a while, so increase the - # timeout. - set oldtimeout $timeout - set timeout 60 - set status [catch v4ftp_test msg] - set timeout $oldtimeout - - # Shut down the kerberos daemons and the ftp daemon. - stop_kerberos_daemons - - stop_ftp_daemon - - ftp_restore_env - - # Reset $HOME, for safety in case we are going to run more tests. - if [info exists home] { - set env(HOME) $home - } else { - unset env(HOME) - } - - if { $status != 0 } { - perror "error in v4gssftp.exp: $msg" - } -} diff --git a/src/tests/dejagnu/krb-standalone/v4krb524d.exp b/src/tests/dejagnu/krb-standalone/v4krb524d.exp deleted file mode 100644 index d78f14ba3..000000000 --- a/src/tests/dejagnu/krb-standalone/v4krb524d.exp +++ /dev/null @@ -1,168 +0,0 @@ -# Standalone Kerberos test. -# This is a DejaGnu test script. -# This script tests that the Kerberos tools can talk to each other. - -# This mostly just calls procedures in testsuite/config/default.exp. - -if ![info exists K524INIT] { - set K524INIT [findfile $objdir/../../krb524/k524init] -} - -if ![info exists KRB524D] { - set KRB524D [findfile $objdir/../../krb524/krb524d] -} - -if ![info exists KLIST] { - set KLIST [findfile $objdir/../../clients/klist/klist] -} - -if ![info exists KDESTROY] { - set KDESTROY [findfile $objdir/../../clients/kdestroy/kdestroy] -} - -# Set up the Kerberos files and environment. -if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} { - return -} - -# If we do not have what is for a V4 test - return -if ![v4_compatible_enctype] { - return -} - -# Initialize the Kerberos database. The argument tells -# setup_kerberos_db that it is being called from here. -if ![setup_kerberos_db 1] { - return -} - -# A procedure to stop the krb524 daemon. -proc start_k524_daemon { } { - global KRB524D - global k524d_spawn_id - global k524d_pid - global REALMNAME - global portbase - - spawn $KRB524D -m -p [expr 7 + $portbase] -r $REALMNAME -nofork - set k524d_spawn_id $spawn_id - set k524d_pid [exp_pid] - - # Give the krb524d daemon a few seconds to get set up. - sleep 2 -} - -# A procedure to stop the krb524 daemon. -proc stop_k524_daemon { } { - global k524d_spawn_id - global k524d_pid - - if [info exists k524d_pid] { - catch "close -i $k524d_spawn_id" - catch "exec kill $k524d_pid" - catch "wait -i $k524d_spawn_id" - unset k524d_pid - } -} - -# We are about to start up a couple of daemon processes. We do all -# the rest of the tests inside a proc, so that we can easily kill the -# processes when the procedure ends. - -proc doit { } { - global env - global KEY - global K524INIT - # To pass spawn_id to the wait process - global spawn_id - global KLIST - global KDESTROY - global tmppwd - global REALMNAME - global des3_krbtgt - - if {$des3_krbtgt} { - return - } - # Start up the kerberos and kadmind daemons. - if ![start_kerberos_daemons 1] { - return - } - - # Add a user key and get a V5 ticket - if {![add_kerberos_key $env(USER) 0] \ - || ![kinit $env(USER) $env(USER)$KEY 0]} { - return - } - - # Start the krb524d daemon. - start_k524_daemon - - # The k524init program does not advertise anything on success - - #only failure. - spawn $K524INIT - expect { - -timeout 10 - -re "k524init: .*\r" { - fail "k524init" - return - } - eof {} - timeout {} - } - - - if ![check_exit_status "k524init"] { - return - } - pass "k524init" - - # Make sure that klist can see the ticket. - spawn $KLIST -4 - expect { - -re "Kerberos 4 ticket cache:\[ \]*(.+:)?$tmppwd/tkt.*Principal:\[ \]*$env(USER)@$REALMNAME.*krbtgt\.$REALMNAME@$REALMNAME\r\n" { - verbose "klist started" - } - timeout { - fail "v4klist" - return - } - eof { - fail "v4klist" - return - } - } - - expect { - "\r" { } - eof { } - } - - if ![check_exit_status "klist"] { - return - } - pass "krb524d: v4klist" - - # Destroy the ticket. - spawn $KDESTROY -4 - if ![check_exit_status "kdestroy"] { - return - } - pass "krb524d: v4kdestroy" - - pass "krb524d: krb524d" -} - -set status [catch doit msg] - -stop_kerberos_daemons - -stop_k524_daemon - -if { $status != 0 } { - send_error "ERROR: error in v4krb524d.exp\n" - send_error "$msg\n" - exit 1 -} - - diff --git a/src/tests/dejagnu/krb-standalone/v4standalone.exp b/src/tests/dejagnu/krb-standalone/v4standalone.exp deleted file mode 100644 index cc42e8dab..000000000 --- a/src/tests/dejagnu/krb-standalone/v4standalone.exp +++ /dev/null @@ -1,95 +0,0 @@ -# Standalone Kerberos test. -# This is a DejaGnu test script. -# This script tests that the Kerberos tools can talk to each other. - -# This mostly just calls procedures in testsuite/config/default.exp. - -# Set up the Kerberos files and environment. -if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} { - return -} - -# If we do not have what is for a V4 test - return -if ![v4_compatible_enctype] { - return -} - -# Initialize the Kerberos database. The argument tells -# setup_kerberos_db that it is being called from here. -if ![setup_kerberos_db 1] { - return -} - -# We are about to start up a couple of daemon processes. We do all -# the rest of the tests inside a proc, so that we can easily kill the -# processes when the procedure ends. - -proc check_and_destroy_v4_tix { client server } { - global REALMNAME - global des3_krbtgt - - # Skip this if we're using a des3 TGT, since that's supposed to fail. - if {$des3_krbtgt} { - return - } - # Make sure that klist can see the ticket. - if ![v4klist "$client" "$server" "v4klist"] { - return - } - - # Destroy the ticket. - if ![v4kdestroy "v4kdestroy"] { - return - } - - if ![v4klist_none "v4klist no tix 1"] { - return - } -} - -proc doit { } { - global REALMNAME - global KLIST - global KDESTROY - global KEY - global hostname - global spawn_id - global tmppwd - - # Start up the kerberos and kadmind daemons. - if ![start_kerberos_daemons 1] { - return - } - - # Use kadmin to add an host key. - if ![add_random_key host/$hostname 1] { - return - } - - # Use ksrvutil to create a srvtab entry. - if ![setup_srvtab 1] { - return - } - - # Use kinit to get a ticket. - if [v4kinit krbtest.admin adminpass$KEY 1] { - check_and_destroy_v4_tix krbtest.admin@$REALMNAME krbtgt.$REALMNAME@$REALMNAME - } - - # Use kinit with srvtab to get a ticket. - # XXX - Currently kinit doesn't support "-4 -k"! -# set shorthost [string range $hostname 0 [expr [string first . $hostname] - 1]] -# if [v4kinit_kt host.$shorthost SRVTAB:$tmppwd/srvtab 1] { -# check_and_destroy_v4_tix host.$shorthost@$REALMNAME krbtgt.$REALMNAME@$REALMNAME -# } -} - -set status [catch doit msg] - -stop_kerberos_daemons - -if { $status != 0 } { - send_error "ERROR: error in v4standalone.exp\n" - send_error "$msg\n" - exit 1 -} |