summaryrefslogtreecommitdiffstats
path: root/src/util/k5test.py
Commit message (Collapse)AuthorAgeFilesLines
* Add "which" function to k5testGreg Hudson2013-09-281-0/+13
| | | | | Add a utility function in k5test.py to look for a command in the executable path, and remove it from t_kdb.py.
* Add kprop Python testsGreg Hudson2013-02-071-3/+9
| | | | | | Create a K5Realm.kprop_port method so test scripts can invoke kprop usefully, and create a simple Python test script exercising the same kprop functionality as the dejagnu suite's kprop.exp.
* Verify iprop test results more thoroughlyGreg Hudson2013-01-221-2/+2
| | | | | | | In k5test.py, allow run_kadminl to take an environment argument. In t_iprop.py, perform some queries on the slaves after each propagation to spot-check that it got modifications from master. Use a helper function to check serial numbers for conciseness.
* Add k5test support for KDC special environmentsGreg Hudson2013-01-111-11/+15
| | | | | | Accept environment parameters in the K5Realm start_kdc and start_kadmind methods, so that krb5kdc or kadmind can be started or restarted with a modified configuration.
* Simplify k5test.py environmentsGreg Hudson2012-12-201-248/+168
| | | | | | | | | | | | | | The initial k5test.py design, copied from the dejagnu suite, is to create config files and environments for four expected roles: client, server, master, and slave. This approach exaggerates the complexity of the common case, where the configurations don't need to vary, and limits us to having just one slave for kprop/iprop tests. Instead, create just one configuration by default, and add a special_env() method which sets up a differently configured environment for the few test cases which need one. The run_as_*() methods are collapsed into just run(), which accepts an optional argument for the environment returned by special_env().
* Add automated tests for LDAP KDB moduleGreg Hudson2012-11-151-0/+3
| | | | | | | | | | | | | | Add new tests kdbtest.c and t_kdb.py. Together these exercise most of the code in the LDAP back end. kdbtest is also run against the DB2 module, which is mostly redundant with other tests, but does exercise the lockout logic a little more thoroughly than t_lockout.py can. To test the LDAP back end, we look for slapd and ldapadd binaries in the path. The system slapd is sometimes constrained by AppArmor or the like, which we can typically work around by making a copy of the binary. slapd detaches before listening on its server socket (this got better in 2.4.27 but still isn't perfect), so we unfortunately have to use a one-second sleep in the slapd setup.
* Make t_iprop.py faster and more robustGreg Hudson2012-10-121-7/+27
| | | | | | | | | | | | | | | Catch SIGUSR1 in iprop-mode kpropd so that we can use it to interrupt sleeps and make kpropd do an iprop request immediately. In k5test.py, add prod_kpropd and read_from_kpropd methods to allow test scripts to send a SIGUSR1 to kpropd and to read its stdout/stderr output; also allow the test script to specify additional arguments when starting kpropd. In t_iprop.py, start kpropd with -d and, instead of sleeping, read kpropd output until we see an indication that kpropd is in sync with the master. To avoid delays, prod kpropd before waiting for sync and after a completed full prop.
* De-conditionalize Camellia codeGreg Hudson2012-10-091-9/+8
| | | | | | | | | | The Camellia enctypes and cksumtypes have received IANA assignments. Add #defines using those assignments to krb5.h, remove the CAMELLIA conditional, and enable testing code as appropriate. The Camellia draft has not received an RFC number yet, so there is no Doxygen markup for the enctype and cksumtype #defines. That can be added once the RFC number is known.
* Prep k5test.py for iprop (add start_kpropd(), ...)Nicolas Williams2012-10-081-6/+42
| | | | | | | Add a start_kpropd() method to K5Realm and make start_kadmind() use the kadmind -p, -K, and -F options. ticket: 7378
* Allow full ccache name in k5test's K5Realm.klistGreg Hudson2012-07-111-1/+4
|
* Enable all localizations in main functionsBen Kaduk2012-07-061-2/+3
| | | | | | | | | | | | | | | Bite the bullet and pass LC_ALL to setlocale() instead of just LC_MESSAGES. Calls to setlocale() itself were introduced in fabbf9e443459e8c0161c84563690ed70c7f6a61 for ticket 6918, but only for LC_MESSAGES since only localized strings were needed and that was the most conservative option. However, klist, kadmin, and kinit (and perhaps others) would benefit from localized formats for times (i.e., LC_TIME). If potentially localized data is being sent on the wire, that is a bug that should be fixed. No such bugs are found with the current test suite, so we are comfortable enabling LC_ALL at this time. ticket: 7192
* Add krb5_kt_client_default APIGreg Hudson2012-07-021-0/+5
| | | | | | | | | | | | | | | | The default client keytab is intended to be used to automatically acquire initial credentials for client applications. The current hardcoded default is a placeholder, and will likely change before 1.11. Add test framework settings to ensure that a system default client keytab doesn't interfere with tests, and to allow tests to be written to deliberately use the default client keytab. Add documentation about keytabs to the concepts section of the RST docs, and describe the default client keytab there. ticket: 7188 (new)
* Allow daemon debugging in k5test.pyGreg Hudson2012-06-061-6/+8
| | | | | | | Allow --debug to be used for commands which start daemons, to make it easier to debug startup issues. After debugging a daemon, the script will exit, since the daemon won't be running after the debugging session is over.
* Fix k5test.py hostname canonicalizationGreg Hudson2012-06-051-2/+1
| | | | | | | | | | r25844 (#7124) stopped using AI_ADDRCONFIG when canonicalizing hostnames in sn2princ. So we need to also stop using it in k5test.c's _get_hostname() or we could come up with a different result on a system where forward and reverse resolution via IPv4 and IPv6 produce different results. That in turn causes a t_gssapi.py test (the one using the un-canonicalized hostname) to fail, because libkrb5 looks for a different host principal than k5test.py put in the keytab.
* Remove outdated comment in k5test.pyGreg Hudson2012-06-031-17/+0
|
* Try all host keys by default in vfy_incredsGreg Hudson2012-05-031-0/+4
| | | | | | | | | | | | | | | Factor out the core code of krb5_verify_init_creds into a helper, add new helper functions to retrieve the list of unique host principals from a keytab, and make krb5_verify_init_creds drive the helper once per host principal. Augment the test harness and test cases to better test the new behavior. Add a k5test method to retrieve an NFS principal for the test realm for the sake of the new test cases. ticket: 7125 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25845 dc483132-0cff-0310-8789-dd5450dbe970
* Add k5test.py helpers for running kadminGreg Hudson2012-04-261-0/+25
| | | | | | | | Add K5Realm.prep_kadmin() to create a ccache and K5Realm.run_kadmin() to run a kadmin query using it. Modify t_stringattr.py to use these helpers instead of its own. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25826 dc483132-0cff-0310-8789-dd5450dbe970
* Flip the default of start_kadmind in k5test.pyGreg Hudson2012-04-261-3/+3
| | | | | | | Very few Python tests need kadmind, so it makes more sense to have to turn it on than to have to turn it off. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25825 dc483132-0cff-0310-8789-dd5450dbe970
* Return kinit output in k5test's K5Realm.kinitGreg Hudson2012-04-191-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25816 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid using itertools.permutations in k5testGreg Hudson2011-12-171-2/+2
| | | | | | | | | | k5test is only supposed to require Python 2.4, but cross_realms uses itertools.permutations which is new in 2.6. Use a list display instead. ticket: 7054 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25592 dc483132-0cff-0310-8789-dd5450dbe970
* Fix k5test error message for missing runenv.pyGreg Hudson2011-11-151-1/+1
| | | | | | | "make fake-install" no longer exists, so tell the developer to run "make runenv.py" instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25477 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of fake-installGreg Hudson2011-11-041-13/+3
| | | | | | | | | Instead, use $(BUILDTOP)/plugins as the plugin base for tests. For each real plugin module, create a link in the parent directory if we're doing a shared-library build--so built KDB modules can be found in plugins/kdb, preauth modules in plugins/preauth, etc.. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25436 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of periods in Python test success messagesGreg Hudson2011-11-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25432 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typos in k5test.pyGreg Hudson2011-11-031-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25430 dc483132-0cff-0310-8789-dd5450dbe970
* Add cross-realm tests to python test frameworkGreg Hudson2011-11-031-0/+78
| | | | | | | | Add a cross_realms function to k5test.py to generate several linked realms. Add a test script t_crossrealm.py to exercise six different cross-realm scenarios. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25429 dc483132-0cff-0310-8789-dd5450dbe970
* Wait before killing daemons in interactive k5testGreg Hudson2011-09-101-0/+5
| | | | | | | If k5test is invoked with any stop, wait, or debug options, wait for input before killing daemons, in case a daemon is being debugged. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25171 dc483132-0cff-0310-8789-dd5450dbe970
* Add ccache collection support to toolsGreg Hudson2011-09-051-0/+2
| | | | | | | | | | | | | | | | * "kdestroy -A" destroys all caches in collection. * "kinit princ" searches the collection for a matching cache and overwrites it, or creates a new cache in the collection, if the type of the default cache is collection-enabled. The chosen cache also becomes the primary cache for the collection. * "klist -l" lists (in summary form) the caches in the collection. * "klist -A" lists the content of all of the caches in the collection. * "kswitch -c cache" (new command) makes cache the primary cache. * "kswitch -p princ" makes the cache for princ the primary cache. ticket: 6956 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25157 dc483132-0cff-0310-8789-dd5450dbe970
* Get local hostname more precisely in k5test.pyGreg Hudson2011-09-011-2/+18
| | | | | | | | | socket.getfqdn() tries to produce a result containing a period, so it may disagree with krb5_sname_to_principal's result--for example, in Fedora's default DHCP configuration. Use getaddrinfo and getnameinfo calls mirroring krb5_sname_to_principal's logic instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25122 dc483132-0cff-0310-8789-dd5450dbe970
* Have kinit, klist and klist_keytab in k5test.realm take keyword argsTom Yu2011-08-301-6/+7
| | | | | | Apply patch from Linus Nordberg. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25119 dc483132-0cff-0310-8789-dd5450dbe970
* Convert preauth_plugin.h to new plugin frameworkGreg Hudson2011-06-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | The preauth plugin interface was introduced in 1.6 but was never made a public API. In preparation for making it public in 1.10, convert it to use the new plugin framework. This will require changes to any existing preauth plugins. A number of symbols were renamed for namespace cleanliness, and abstract types were introduced for module data and module per-request data for better type safety. On the consumer end (preauth2.c and kdc_preauth.c), this is a pretty rough conversion. Eventually we should create proper consumer APIs with module handles, and the flat lists of preauth types should hold pointers to module handles rather than copies of the vtables. The built-in preauth type handlers should then be converted to built-in module providers linked into the consumer code (as should encrypted challenge, since it has no external dependencies). None of this will impact the provider API for preauth plugins, so it can wait. ticket: 6921 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24970 dc483132-0cff-0310-8789-dd5450dbe970
* Set LC_MESSAGES to "C" in tests which run commandsGreg Hudson2011-06-101-0/+2
| | | | | | ticket: 6918 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24964 dc483132-0cff-0310-8789-dd5450dbe970
* Implement restrict_anonymous_to_tgt realm flagGreg Hudson2010-12-011-0/+2
| | | | | | | | | | | | | Implement a new realm flag to reject ticket requests from anonymous principals to any principal other than the local TGT. Allows FAST to be deployed using anonymous tickets as armor in realms where the set of authenticatable users must be constrained. ticket: 6829 target_version: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24547 dc483132-0cff-0310-8789-dd5450dbe970
* Implement Camellia-CTS-CMAC instead of Camellia-CCMGreg Hudson2010-11-201-7/+7
| | | | | | | | | | | Replace the Camellia-CCM enctypes with Camellia-CTS-CMAC. Still not compiled in by default since we don't have enctype assignments yet. ticket: 6822 target_verion: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24524 dc483132-0cff-0310-8789-dd5450dbe970
* Correct a minor error in the k5test documentationGreg Hudson2010-11-151-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24515 dc483132-0cff-0310-8789-dd5450dbe970
* FILE keytabs have been able to handle write operations since krb5 1.7,Greg Hudson2010-10-261-1/+1
| | | | | | | | | | as an apparently unintended side effect of r20594. Clean up the code by combining the identical resolve functions for FILE and WRFILE, and removing the code to set up a WRFILE default keytab name in kadmin.c. Also fixes a slight display bug; k5test.py needs to be adjusted to expect the correct output. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24487 dc483132-0cff-0310-8789-dd5450dbe970
* Add an extra arguments parameter to k5test's realm.start_kdc()Greg Hudson2010-09-171-4/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24327 dc483132-0cff-0310-8789-dd5450dbe970
* Merge the camellia-ccm branch to trunk. Since there are no IANAGreg Hudson2010-09-071-0/+11
| | | | | | | | | assignments for Camellia-CCM enctypes or cksumtypes yet, they are disabled in a default build. They can be made available by defining (via CPPFLAGS) local-use enctype numbers for the enctypes and cksumtypes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24295 dc483132-0cff-0310-8789-dd5450dbe970
* Correct the documentation for the start_kadmind keyword in k5test.pyGreg Hudson2010-08-121-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24239 dc483132-0cff-0310-8789-dd5450dbe970
* Force hostname to lower-case for use in principal namesKen Raeburn2010-05-161-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24039 dc483132-0cff-0310-8789-dd5450dbe970
* Make k5test.py work for builds in the source dirGreg Hudson2010-05-131-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24015 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify how k5test scripts get run by importing runenv by pathnameGreg Hudson2010-04-241-8/+14
| | | | | | (using the imp module) instead of by module name. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23933 dc483132-0cff-0310-8789-dd5450dbe970
* Run Python tests as individual rule commands (friendlier to make -k)Greg Hudson2010-04-241-8/+13
| | | | | | | | | instead of in a loop. Build runenv.py as part of make fake-install; it's harmless if Python is unavailable. Import runenv later in k5test so that we get a beter error message if make fake-install hasn't been run. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23932 dc483132-0cff-0310-8789-dd5450dbe970
* Only create runenv.py at BUILDTOP. Fix bugs in k5test.py relating toTom Yu2010-04-201-1/+8
| | | | | | environment initialization, also so that "make testrealm" works again. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23913 dc483132-0cff-0310-8789-dd5450dbe970
* Build runenv.py, holding environment variable settings required forTom Yu2010-04-161-10/+6
| | | | | | | | running programs out of the build tree during python-based tests. Also updates shilb.conf to set RUN_VARS to make it easier to generate this sort of thing. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23905 dc483132-0cff-0310-8789-dd5450dbe970
* Add a "make testrealm" target using the Python test framework. AsGreg Hudson2010-03-081-12/+19
| | | | | | | part of this, expose the environments in K5Realm as attributes so that test scripts can modify them. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23794 dc483132-0cff-0310-8789-dd5450dbe970
* Make python test start_in_inetd functionEzra Peisach2010-03-071-1/+1
| | | | | | | | | util/k5test.py: Fix incorrect variable used tests/dejagnu/t_inetd.c: Flush stdout after outputting "Ready!" tests/dejagnu/Makefile.in: Always compile t_inetd - even in runtest is not present git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23773 dc483132-0cff-0310-8789-dd5450dbe970
* Add a message parameter to k5test's success(), to briefly indicate theGreg Hudson2010-03-051-6/+9
| | | | | | scope of test scripts. Only displayed when verbose is set. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23768 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up a help string in k5testGreg Hudson2010-03-041-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23764 dc483132-0cff-0310-8789-dd5450dbe970
* Python test frameworkGreg Hudson2010-03-041-0/+1042
Add a framework for writing tests in Python. Documentation is in the initial docstring of util/k5test.py. Inaugurate the framework with two test scripts, t_general.py and t_anonypkinit.py, which together test the same operations as standalone.exp from the dejagnu test suite. ticket: 6672 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23763 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-01-07 17:21:18 +0000