diff options
| author | Marc Horowitz <marc@mit.edu> | 1996-07-22 20:49:46 +0000 |
|---|---|---|
| committer | Marc Horowitz <marc@mit.edu> | 1996-07-22 20:49:46 +0000 |
| commit | edf8b4d8a6a665c2aa150993cd813ea6c5cf12e1 (patch) | |
| tree | 6c2974a97b448c040fa4a31708ec5e02f187526c /src/tests | |
| parent | 013bb1391582ed9e653ae706e398ddb8d08cfcc9 (diff) | |
| download | krb5-edf8b4d8a6a665c2aa150993cd813ea6c5cf12e1.tar.gz krb5-edf8b4d8a6a665c2aa150993cd813ea6c5cf12e1.tar.xz krb5-edf8b4d8a6a665c2aa150993cd813ea6c5cf12e1.zip | |
this commit includes all the changes on the OV_9510_INTEGRATION and
OV_MERGE branches. This includes, but is not limited to, the new openvision
admin system, and major changes to gssapi to add functionality, and bring
the implementation in line with rfc1964. before committing, the
code was built and tested for netbsd and solaris.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8774 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/ChangeLog | 8 | ||||
| -rw-r--r-- | src/tests/Makefile.in | 2 | ||||
| -rw-r--r-- | src/tests/configure.in | 2 | ||||
| -rw-r--r-- | src/tests/dejagnu/config/ChangeLog | 6 | ||||
| -rw-r--r-- | src/tests/dejagnu/config/default.exp | 97 | ||||
| -rw-r--r-- | src/tests/dejagnu/krb-standalone/ChangeLog | 10 | ||||
| -rw-r--r-- | src/tests/dejagnu/krb-standalone/gssapi.exp | 26 | ||||
| -rw-r--r-- | src/tests/dejagnu/krb-standalone/gssftp.exp | 2 | ||||
| -rw-r--r-- | src/tests/gssapi/t_imp_name.c | 1 |
9 files changed, 94 insertions, 60 deletions
diff --git a/src/tests/ChangeLog b/src/tests/ChangeLog index ff23e2c68..aa7ccac08 100644 --- a/src/tests/ChangeLog +++ b/src/tests/ChangeLog @@ -1,3 +1,11 @@ +Fri Jul 19 15:31:22 1996 Marc Horowitz <marc@mit.edu> + + * Makefile.in (CFLAGS): the tests in Makefile.in have been + superseded by other tests in the new admin system. + + * configure.in: don't build create, since it doesn't work with the + new admin system, and isn't used by anything, anyway. + Mon Mar 18 21:49:39 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> * configure.in: Add KRB5_RUN_FLAGS diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in index 5632988d9..6fc7ec501 100644 --- a/src/tests/Makefile.in +++ b/src/tests/Makefile.in @@ -11,7 +11,7 @@ TEST_PREFIX = "foo bar" KADMIN_OPTS= -d $(TEST_DB) -r $(TEST_REALM) -P $(TEST_MKEY) KTEST_OPTS= $(KADMIN_OPTS) -p $(TEST_PREFIX) -n $(TEST_NUM) -D $(TEST_DEPTH) -check-unix:: kdb_check +old-check-unix:: kdb_check kdb_check: $(RM) $(TEST_DB)* diff --git a/src/tests/configure.in b/src/tests/configure.in index 258b17141..9ab7794c6 100644 --- a/src/tests/configure.in +++ b/src/tests/configure.in @@ -1,6 +1,6 @@ AC_INIT(configure.in) CONFIG_RULES KRB5_RUN_FLAGS -CONFIG_DIRS(resolve asn.1 create hammer verify gssapi dejagnu) +CONFIG_DIRS(resolve asn.1 hammer verify gssapi dejagnu) DO_SUBDIRS V5_AC_OUTPUT_MAKEFILE diff --git a/src/tests/dejagnu/config/ChangeLog b/src/tests/dejagnu/config/ChangeLog index 62e2e1312..6f4019bea 100644 --- a/src/tests/dejagnu/config/ChangeLog +++ b/src/tests/dejagnu/config/ChangeLog @@ -1,3 +1,9 @@ +Fri Jul 19 19:50:23 1996 Marc Horowitz <marc@mit.edu> + + * default.exp: changes to work with the new admin system. This is + primarily creating the correct keytab for the new admin server, + and using the new admin client for principal creation. + Mon May 6 11:54:20 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> * default.exp: Add procedure setup_wrapper to first setup shared diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp index c5102b606..23c26361b 100644 --- a/src/tests/dejagnu/config/default.exp +++ b/src/tests/dejagnu/config/default.exp @@ -93,11 +93,11 @@ if ![info exists KRB5KDC] { } if ![info exists KADMIND] { - set KADMIND [findfile $objdir/../../kadmin/v5server/kadmind5] + set KADMIND [findfile $objdir/../../kadmin/server/kadmind] } if ![info exists KADMIN] { - set KADMIN [findfile $objdir/../../kadmin/v5client/kadmin5] + set KADMIN [findfile $objdir/../../kadmin/cli/kadmin] } if ![info exists KINIT] { @@ -334,16 +334,20 @@ proc setup_kerberos_files { } { puts $conffile "\[realms\]" puts $conffile " $REALMNAME = \{" puts $conffile " database_name = $tmppwd/db" - puts $conffile " master_key_name = master/key" - puts $conffile " master_key_type = des-cbc-md5" - puts $conffile " kdc_ports = 3088" - puts $conffile " kadmind_port = 3750" + puts $conffile " admin_database_name = $tmppwd/adb" + puts $conffile " admin_database_lockfile = $tmppwd/adb.lock" + puts $conffile " admin_keytab = $tmppwd/admin-keytab" puts $conffile " key_stash_file = $tmppwd/stash" + puts $conffile " acl_file = $tmppwd/acl" + puts $conffile " kadmind_port = 3750" puts $conffile " max_life = 1:00:00" puts $conffile " max_renewable_life = 3:00:00" + puts $conffile " master_key_type = des-cbc-md5" + puts $conffile " master_key_name = master/key" + puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" + puts $conffile " kdc_ports = 3088" puts $conffile " default_principal_expiration = 99.12.31.23.59.59" puts $conffile " default_principal_flags = -postdateable forwardable" - puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm des3-cbc-md5:normal" puts $conffile " \}" puts $conffile "" close $conffile @@ -502,46 +506,58 @@ proc setup_kadmind_srvtab { } { global KEY global tmppwd - catch "exec rm -f tmpdir/cpw_srvtab" + catch "exec rm -f tmpdir/admin-keytab" spawn $KDB5_EDIT -r $REALMNAME expect_after { timeout { - fail "kdb5_edit cpw_srvtab" - catch "exec rm -f tmpdir/cpw_srvtab" + fail "kdb5_edit admin-keytab (timeout)" + catch "exec rm -f tmpdir/admin-keytab" catch "expect_after" return 0 } eof { - fail "kdb5_edit cpw_srvtab" - catch "exec rm -f tmpdir/cpw_srvtab" + fail "kdb5_edit admin-keytab (eof)" + catch "exec rm -f tmpdir/admin-keytab" catch "expect_after" return 0 } } expect "kdb5_edit:" - send "xst $REALMNAME changepw\r" - expect "'changepw/$REALMNAME@$REALMNAME' added to keytab" + send "xst admin kadmin\r" + expect "'kadmin/admin@$REALMNAME' added to keytab" + expect "kdb5_edit:" + + catch "exec mv -f admin-new-srvtab changepw-new-srvtab" exec_output + if ![string match "" $exec_output] { + send_log "$exec_output\n" + verbose $exec_output + send_error "ERROR: can't mv admin-new-srvtab\n" + return 0 + } + + send "xst changepw kadmin\r" + expect "'kadmin/changepw@$REALMNAME' added to keytab" expect "kdb5_edit:" send "quit\r" expect "\r" expect_after - if ![check_exit_status "kdb5_edit cpw_srvtab"] { - catch "exec rm -f tmpdir/cpw_srvtab" - send_error "ERROR: kdb5_edit cpw_srvtab exited abnormally\n" + if ![check_exit_status "kdb5_edit admin-keytab"] { + catch "exec rm -f tmpdir/admin-keytab" + send_error "ERROR: kdb5_edit admin-keytab exited abnormally\n" return 0 } - catch "exec mv -f $REALMNAME-new-srvtab tmpdir/cpw_srvtab" exec_output + catch "exec mv -f changepw-new-srvtab tmpdir/admin-keytab" exec_output if ![string match "" $exec_output] { send_log "$exec_output\n" verbose $exec_output - send_error "ERROR: can't mv new cpw_srvtab\n" + send_error "ERROR: can't mv new admin-keytab\n" return 0 } # Make the srvtab file globally readable in case we are using a # root shell and the srvtab is NFS mounted. - catch "exec chmod a+r tmpdir/cpw_srvtab" + catch "exec chmod a+r tmpdir/admin-keytab" return 1 } @@ -686,7 +702,9 @@ proc setup_kerberos_db { standalone } { expect "Re-enter password for verification:" send "adminpass$KEY\r" expect "kdb5_edit:" - send "ark changepw/$REALMNAME@$REALMNAME\r" + send "ark kadmin/admin@$REALMNAME\r" + expect "kdb5_edit:" + send "ark kadmin/changepw@$REALMNAME\r" expect "kdb5_edit:" send "quit\r" expect "\r" @@ -702,6 +720,9 @@ proc setup_kerberos_db { standalone } { return 0 } + # create the admin database lock file + catch "exec touch tmpdir/adb.lock" + if {$standalone} { pass "kdb5_edit" } @@ -797,7 +818,7 @@ proc start_kerberos_daemons { standalone } { # Start up the kadmind daemon # XXXX kadmind uses stderr a lot. the sh -c and redirect can be # removed when this is fixed - spawn $BINSH -c "exec $KADMIND -a $tmppwd/acl -r $REALMNAME -n 2>>$kadmind_lfile" + spawn $BINSH -c "exec $KADMIND -r $REALMNAME -nofork 2>>$kadmind_lfile" set kadmind_pid [exp_pid] set kadmind_spawn_id $spawn_id @@ -825,7 +846,7 @@ proc start_kerberos_daemons { standalone } { stop_kerberos_daemons return 0 } - "administrative server starting" { } + "starting" { } default { fail "kadmind (startup)" stop_kerberos_daemons @@ -886,7 +907,7 @@ proc add_kerberos_key { kkey standalone } { global spawn_id # Use kadmin to add an key. - spawn $KADMIN -m -p krbtest/admin@$REALMNAME + spawn $KADMIN -p krbtest/admin@$REALMNAME -q "ank $kkey@$REALMNAME" expect_after { "Cannot contact any KDC" { fail "kadmin interactive add $kkey lost KDC" @@ -904,23 +925,18 @@ proc add_kerberos_key { kkey standalone } { return 0 } } - expect "kadmin5:" - send "ank $kkey@$REALMNAME\r" - expect "Enter password for krbtest/admin@$REALMNAME:" + expect "Enter password:" send "adminpass$KEY\r" - expect "Enter new password for $kkey@$REALMNAME :" + expect "Enter password for principal \"$kkey@$REALMNAME\":" send "$kkey" send "$KEY\r" - expect "Re-enter new password for $kkey@$REALMNAME :" + expect "Re-enter password for principal \"$kkey@$REALMNAME\":" send "$kkey" send "$KEY\r" expect { - "principal $kkey@$REALMNAME added" { } - "Principal $kkey@$REALMNAME already exists" { } + "Principal \"$kkey@$REALMNAME\" created" { } + "Principal or policy already exists while creating" { } } - expect "kadmin5:" - send "q\r" - expect "\r" expect_after if ![check_exit_status kadmin] { return 0 @@ -946,7 +962,7 @@ proc add_random_key { kkey standalone } { global spawn_id # Use kadmin to add an key. - spawn $KADMIN -m -p krbtest/admin@$REALMNAME + spawn $KADMIN -p krbtest/admin@$REALMNAME -q "ank -randkey $kkey@$REALMNAME" expect_after { timeout { fail "kadmin $kkey" @@ -959,17 +975,12 @@ proc add_random_key { kkey standalone } { return 0 } } - expect "kadmin5:" - send "ark $kkey@$REALMNAME\r" - expect "Enter password for krbtest/admin@$REALMNAME:" + expect "Enter password:" send "adminpass$KEY\r" expect { - "principal $kkey@$REALMNAME added" { } - "Principal $kkey@$REALMNAME already exists" { } + "Principal \"$kkey@$REALMNAME\" created" { } + "Principal or policy already exists while creating" { } } - expect "kadmin5:" - send "q\r" - expect "\r" expect_after if ![check_exit_status kadmin] { return 0 diff --git a/src/tests/dejagnu/krb-standalone/ChangeLog b/src/tests/dejagnu/krb-standalone/ChangeLog index e15c07203..f1ef85e1a 100644 --- a/src/tests/dejagnu/krb-standalone/ChangeLog +++ b/src/tests/dejagnu/krb-standalone/ChangeLog @@ -1,3 +1,13 @@ +Mon Jul 22 04:19:46 1996 Marc Horowitz <marc@mit.edu> + + * gssftp.exp (ftp_test): check for the banner with -nocase, since + hostnames are case insensitive. + +Fri Jul 19 19:56:26 1996 Marc Horowitz <marc@mit.edu> + + * gssapi.exp: port to changes in gss-sample, most importantly, + output format changes and the removal of the -v2 flag. + Mon May 6 08:05:33 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> * rcp.exp: Use a wrapper script to set up the remote rcp as diff --git a/src/tests/dejagnu/krb-standalone/gssapi.exp b/src/tests/dejagnu/krb-standalone/gssapi.exp index 06790e97a..58a9e1253 100644 --- a/src/tests/dejagnu/krb-standalone/gssapi.exp +++ b/src/tests/dejagnu/krb-standalone/gssapi.exp @@ -252,7 +252,7 @@ proc doit { } { return } } - expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@$REALMNAME\" at" + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@$REALMNAME\"" expect -i $gss_server_spawn_id "Received message: \"message from gsstest0\"" catch "expect_after" if ![check_exit_status gssclient0] { @@ -293,7 +293,7 @@ proc doit { } { return } } - expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@$REALMNAME\" at" + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@$REALMNAME\"" expect -i $gss_server_spawn_id "Received message: \"message from gsstest1\"" catch "expect_after" if ![check_exit_status gssclient1] { @@ -334,7 +334,7 @@ proc doit { } { return } } - expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@$REALMNAME\" at" + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@$REALMNAME\"" expect -i $gss_server_spawn_id "Received message: \"message from gsstest2\"" catch "expect_after" if ![check_exit_status gssclient2] { @@ -360,7 +360,7 @@ proc doit { } { return } } - expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@$REALMNAME\" at" + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@$REALMNAME\"" expect -i $gss_server_spawn_id "Received message: \"message from gsstest3\"" catch "expect_after" expect_after { @@ -388,7 +388,7 @@ proc doit { } { # Try some V2 services. # Now start the gss-server. - spawn $GSSSERVER -port 5557 -v2 gssservice@$hostname + spawn $GSSSERVER -port 5557 gssservice@$hostname set gss_server_pid [exp_pid] set gss_server_spawn_id $spawn_id catch "exec sleep 4" @@ -396,7 +396,7 @@ proc doit { } { # Start the client with client identity 0 set env(KRB5CCNAME) $tmppwd/gss_tk_0 verbose "KRB5CCNAME=$env(KRB5CCNAME)" - spawn $GSSCLIENT -port 5557 -v2 $hostname gssservice@$hostname "message from gsstest0" + spawn $GSSCLIENT -port 5557 $hostname gssservice@$hostname "message from gsstest0" expect_after { -i $spawn_id timeout { @@ -425,7 +425,7 @@ proc doit { } { return } } - expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@$REALMNAME\" at" + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest0@$REALMNAME\"" expect -i $gss_server_spawn_id "Received message: \"message from gsstest0\"" catch "expect_after" if ![check_exit_status gssclient0] { @@ -437,7 +437,7 @@ proc doit { } { # Start the client with client identity 1 set env(KRB5CCNAME) $tmppwd/gss_tk_1 verbose "KRB5CCNAME=$env(KRB5CCNAME)" - spawn $GSSCLIENT -port 5557 -v2 $hostname gssservice@$hostname "message from gsstest1" + spawn $GSSCLIENT -port 5557 $hostname gssservice@$hostname "message from gsstest1" expect_after { -i $spawn_id timeout { @@ -466,7 +466,7 @@ proc doit { } { return } } - expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@$REALMNAME\" at" + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest1@$REALMNAME\"" expect -i $gss_server_spawn_id "Received message: \"message from gsstest1\"" catch "expect_after" if ![check_exit_status gssclient1] { @@ -478,7 +478,7 @@ proc doit { } { # Start the client with client identity 2 set env(KRB5CCNAME) $tmppwd/gss_tk_2 verbose "KRB5CCNAME=$env(KRB5CCNAME)" - spawn $GSSCLIENT -port 5557 -v2 $hostname gssservice@$hostname "message from gsstest2" + spawn $GSSCLIENT -port 5557 $hostname gssservice@$hostname "message from gsstest2" expect_after { -i $spawn_id timeout { @@ -507,7 +507,7 @@ proc doit { } { return } } - expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@$REALMNAME\" at" + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest2@$REALMNAME\"" expect -i $gss_server_spawn_id "Received message: \"message from gsstest2\"" catch "expect_after" if ![check_exit_status gssclient2] { @@ -519,7 +519,7 @@ proc doit { } { # Start the client with client identity 3 set env(KRB5CCNAME) $tmppwd/gss_tk_3 verbose "KRB5CCNAME=$env(KRB5CCNAME)" - spawn $GSSCLIENT -port 5557 -v2 $hostname gssservice@$hostname "message from gsstest3" + spawn $GSSCLIENT -port 5557 $hostname gssservice@$hostname "message from gsstest3" expect_after { -i $gss_server_spawn_id timeout { @@ -533,7 +533,7 @@ proc doit { } { return } } - expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@$REALMNAME\" at" + expect -i $gss_server_spawn_id "Accepted connection: \"gsstest3@$REALMNAME\"" expect -i $gss_server_spawn_id "Received message: \"message from gsstest3\"" catch "expect_after" expect_after { diff --git a/src/tests/dejagnu/krb-standalone/gssftp.exp b/src/tests/dejagnu/krb-standalone/gssftp.exp index ac67599ff..748793ad1 100644 --- a/src/tests/dejagnu/krb-standalone/gssftp.exp +++ b/src/tests/dejagnu/krb-standalone/gssftp.exp @@ -176,7 +176,7 @@ proc ftp_test { } { set testname "ftp connection" expect "Connected to $hostname" - expect -re "$localhostname.*FTP server .Version \[0-9.\]*. ready." + expect -nocase -re "$localhostname.*ftp server .version \[0-9.\]*. ready." expect -re "Using authentication type GSSAPI; ADAT must follow" expect "GSSAPI accepted as authentication type" expect { diff --git a/src/tests/gssapi/t_imp_name.c b/src/tests/gssapi/t_imp_name.c index f1b3cd2ad..d63faced3 100644 --- a/src/tests/gssapi/t_imp_name.c +++ b/src/tests/gssapi/t_imp_name.c @@ -83,7 +83,6 @@ static int test_import_name(name) printf("\n"); (void) gss_release_buffer(&min_stat, &buffer_name); - (void) gss_release_oid(&min_stat, &name_oid); (void) gss_release_name(&min_stat, &gss_name); return 0; } |