From 5df34938ad875db43a584f12e181b8ae9705ff44 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Wed, 1 May 2013 15:52:40 -0400
Subject: Disable the gssrpc expired-cred test

The "expired" test in expire.exp tries to authenticate to the server
process with an expired TGT (obtained using kinit -l -1m).  Using an
expired TGT to get an expired service cred no longer works after
#6948.  We could use kinit -S to get an expired service cred, but
krb5_get_credentials won't return expired service cred from the cache
(even before #6948).  We could use time offsets to simulate clock skew
between the client and server process, but that would be difficult
because the test programs don't have access to the krb5_context
objects used by the client or server process.  Since we don't have a
simple workaround, disable the test.
---
 src/lib/rpc/unit-test/rpc_test.0/expire.exp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/lib/rpc/unit-test/rpc_test.0/expire.exp b/src/lib/rpc/unit-test/rpc_test.0/expire.exp
index ab3796554..e19cca0ef 100644
--- a/src/lib/rpc/unit-test/rpc_test.0/expire.exp
+++ b/src/lib/rpc/unit-test/rpc_test.0/expire.exp
@@ -19,8 +19,9 @@ proc expired {} {
     flush_server
 }
 
-#if { [info exists server_pid] && ($server_pid >= 0) } { expired }
-if { $server_started } {expired } 
+# This test doesn't work after #6948, because the client won't try to
+# authenticate using an expired TGT.
+#if { $server_started } {expired }
 
 proc overlap {} {
     global spawn_id
-- 
cgit