Projects
home:pandora:RobinOS23
krb5
_service:download_src_package:Remove-TCL-based-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:download_src_package:Remove-TCL-based-libkadm5-API-tests.patch of Package krb5
From ddb189ff95350afc0e3e063016a0f0dd5213dc4c Mon Sep 17 00:00:00 2001 From: Greg Hudson <ghudson@mit.edu> Date: Fri, 16 Apr 2021 10:24:04 -0400 Subject: [PATCH] Remove TCL-based libkadm5 API tests [antorres@redhat.com: remove diff for .gitignore] --- .gitignore | 20 - doc/kadm5/api-unit-test.tex | 2680 ----------------- src/config/pre.in | 18 +- src/configure.ac | 31 +- src/kadmin/Makefile.in | 2 +- src/kadmin/testing/Makefile.in | 8 - src/kadmin/testing/deps | 1 - src/kadmin/testing/proto/kdc.conf.proto | 16 - src/kadmin/testing/proto/krb5.conf.proto | 32 - src/kadmin/testing/proto/ovsec_adm.dict | 3 - src/kadmin/testing/scripts/Makefile.in | 18 - src/kadmin/testing/scripts/deps | 1 - src/kadmin/testing/scripts/env-setup.shin | 104 - src/kadmin/testing/scripts/init_db | 229 -- src/kadmin/testing/scripts/start_servers | 69 - .../testing/scripts/start_servers_local | 157 - src/kadmin/testing/scripts/stop_servers | 60 - src/kadmin/testing/scripts/stop_servers_local | 44 - src/kadmin/testing/tcl/util.t | 58 - src/kadmin/testing/util/Makefile.in | 42 - src/kadmin/testing/util/bsddb_dump.c | 65 - src/kadmin/testing/util/deps | 16 - src/kadmin/testing/util/tcl_kadm5.c | 2566 ---------------- src/kadmin/testing/util/tcl_kadm5.h | 3 - src/kadmin/testing/util/tcl_kadm5_syntax | 57 - src/kadmin/testing/util/tcl_krb5_hash.c | 167 - src/kadmin/testing/util/test.c | 38 - src/lib/kadm5/Makefile.in | 3 +- src/lib/kadm5/unit-test/Makefile.in | 143 - src/lib/kadm5/unit-test/api.2/crte-policy.exp | 927 ------ src/lib/kadm5/unit-test/api.2/get-policy.exp | 199 -- src/lib/kadm5/unit-test/api.2/mod-policy.exp | 675 ----- .../api.current/chpass-principal-v2.exp | 68 - .../api.current/chpass-principal.exp | 176 -- .../unit-test/api.current/crte-policy.exp | 927 ------ .../unit-test/api.current/crte-principal.exp | 1336 -------- .../kadm5/unit-test/api.current/destroy.exp | 203 -- .../unit-test/api.current/dlte-policy.exp | 208 -- .../unit-test/api.current/dlte-principal.exp | 253 -- .../unit-test/api.current/get-policy.exp | 199 -- .../api.current/get-principal-v2.exp | 250 -- .../unit-test/api.current/get-principal.exp | 346 --- .../kadm5/unit-test/api.current/init-v2.exp | 506 ---- src/lib/kadm5/unit-test/api.current/init.exp | 699 ----- .../unit-test/api.current/mod-policy.exp | 711 ----- .../api.current/mod-principal-v2.exp | 115 - .../unit-test/api.current/mod-principal.exp | 1606 ---------- .../api.current/randkey-principal-v2.exp | 61 - .../api.current/randkey-principal.exp | 297 -- src/lib/kadm5/unit-test/config/unix.exp | 222 -- src/lib/kadm5/unit-test/deps | 86 - src/lib/kadm5/unit-test/destroy-test.c | 48 - src/lib/kadm5/unit-test/diff-files/destroy-1 | 2 - src/lib/kadm5/unit-test/diff-files/no-diffs | 2 - src/lib/kadm5/unit-test/handle-test.c | 140 - src/lib/kadm5/unit-test/init-test.c | 39 - src/lib/kadm5/unit-test/iter-test.c | 51 - src/lib/kadm5/unit-test/lib/lib.t | 306 -- src/lib/kadm5/unit-test/lock-test.c | 105 - src/lib/kadm5/unit-test/randkey-test.c | 42 - src/lib/kadm5/unit-test/setkey-test.c | 246 -- src/lib/kadm5/unit-test/site.exp | 2 - 62 files changed, 7 insertions(+), 17697 deletions(-) delete mode 100644 doc/kadm5/api-unit-test.tex delete mode 100644 src/kadmin/testing/Makefile.in delete mode 100644 src/kadmin/testing/deps delete mode 100644 src/kadmin/testing/proto/kdc.conf.proto delete mode 100644 src/kadmin/testing/proto/krb5.conf.proto delete mode 100644 src/kadmin/testing/proto/ovsec_adm.dict delete mode 100644 src/kadmin/testing/scripts/Makefile.in delete mode 100644 src/kadmin/testing/scripts/deps delete mode 100755 src/kadmin/testing/scripts/env-setup.shin delete mode 100755 src/kadmin/testing/scripts/init_db delete mode 100755 src/kadmin/testing/scripts/start_servers delete mode 100755 src/kadmin/testing/scripts/start_servers_local delete mode 100755 src/kadmin/testing/scripts/stop_servers delete mode 100755 src/kadmin/testing/scripts/stop_servers_local delete mode 100644 src/kadmin/testing/tcl/util.t delete mode 100644 src/kadmin/testing/util/Makefile.in delete mode 100644 src/kadmin/testing/util/bsddb_dump.c delete mode 100644 src/kadmin/testing/util/deps delete mode 100644 src/kadmin/testing/util/tcl_kadm5.c delete mode 100644 src/kadmin/testing/util/tcl_kadm5.h delete mode 100644 src/kadmin/testing/util/tcl_kadm5_syntax delete mode 100644 src/kadmin/testing/util/tcl_krb5_hash.c delete mode 100644 src/kadmin/testing/util/test.c delete mode 100644 src/lib/kadm5/unit-test/Makefile.in delete mode 100644 src/lib/kadm5/unit-test/api.2/crte-policy.exp delete mode 100644 src/lib/kadm5/unit-test/api.2/get-policy.exp delete mode 100644 src/lib/kadm5/unit-test/api.2/mod-policy.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/chpass-principal.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/crte-policy.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/crte-principal.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/destroy.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/dlte-policy.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/dlte-principal.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/get-policy.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/get-principal-v2.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/get-principal.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/init-v2.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/init.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/mod-policy.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/mod-principal.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp delete mode 100644 src/lib/kadm5/unit-test/api.current/randkey-principal.exp delete mode 100644 src/lib/kadm5/unit-test/config/unix.exp delete mode 100644 src/lib/kadm5/unit-test/deps delete mode 100644 src/lib/kadm5/unit-test/destroy-test.c delete mode 100644 src/lib/kadm5/unit-test/diff-files/destroy-1 delete mode 100644 src/lib/kadm5/unit-test/diff-files/no-diffs delete mode 100644 src/lib/kadm5/unit-test/handle-test.c delete mode 100644 src/lib/kadm5/unit-test/init-test.c delete mode 100644 src/lib/kadm5/unit-test/iter-test.c delete mode 100644 src/lib/kadm5/unit-test/lib/lib.t delete mode 100644 src/lib/kadm5/unit-test/lock-test.c delete mode 100644 src/lib/kadm5/unit-test/randkey-test.c delete mode 100644 src/lib/kadm5/unit-test/setkey-test.c delete mode 100644 src/lib/kadm5/unit-test/site.exp diff --git a/doc/kadm5/api-unit-test.tex b/doc/kadm5/api-unit-test.tex deleted file mode 100644 index 014242037..000000000 --- a/doc/kadm5/api-unit-test.tex +++ /dev/null @@ -1,2680 +0,0 @@ -% This document is included for historical purposes only, and does not -% apply to krb5 today. - -\documentstyle[times,fullpage]{article} - -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -%% Make _ actually generate an _, and allow line-breaking after it. -\let\underscore=\_ -\catcode`_=13 -\def_{\underscore\penalty75\relax} -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - -\newcommand{\test}[1]{\begin{description} -\setlength{\itemsep}{0pt} -#1 -\end{description} - -} - -\newcommand{\numtest}[2]{\begin{description} -\setlength{\itemsep}{0pt} -\Number{#1} -#2 -\end{description} - -} - -\newcommand{\Number}[1]{\item[Number:] #1} -\newcommand{\Reason}[1]{\item[Reason:] #1} -\newcommand{\Expected}[1]{\item[Expected:] #1} -\newcommand{\Conditions}[1]{\item[Conditions:] #1} -\newcommand{\Priority}[1]{\item[Priority:] #1} -\newcommand{\Status}[1]{\item[Status:] #1} -\newcommand{\Vtwonote}[1]{\item[V2 note:] #1} -\newcommand{\Version}[1]{\item[Version:] #1} -\newcommand{\Call}[1]{} -%\newcommand{\Call}[1]{\item[Call:] #1} -%\newcommand{\Number}[1]{} -%\newcommand{\Reason}[1]{} -%\newcommand{\Expected}[1]{} -%\newcommand{\Conditions}[1]{} -%\newcommand{\Priority}[1]{} - -\title{KADM5 Admin API\\ -Unit Test Description} -\author{Jonathan I. Kamens} - -\begin{document} - -\maketitle - -%\tableofcontents - -\section{Introduction} - -The following is a description of a black-box unit test of the KADM5 -API. Each API function is listed, followed by the tests that should be -performed on it. - -The tests described here are based on the ``Kerberos Administration -System KADM5 API Functional Specifications'', revision 1.68. This -document was originally written based on the OpenVision API functional -specifications, version 1.41, dated August 18, 1994, and many -indications of the original version remain. - -All tests which test for success should verify, using some means other -than the return value of the function being tested, that the requested -operation was successfully performed. For example: for init, test -that other operations can be performed after init; for destroy, test -that other operations can't be performed after destroy; for modify -functions, verify that all modifications to the database which should -have taken place did, and that the new, modified data is in effect; -for get operations, verify that the data retrieved is the data that -should actually be in the database. - -The tests would be better if they compared the actual contents of the -database before and after each test, rather than relying on the KADM5 -API to report the results of changes. - -Similarly, all tests which test for failure should verify that the -no component of the requested operation took place. For example: if -init fails, other operations should not work. If a modify fails, all -data in the database should be the same as it was before the attempt -to modify, and the old data should still be what is enforced. -Furthermore, tests which test for failure should verify that the -failure code returned is correct for the specific failure condition -tested. - -Most of the tests listed below should be run twice -- once locally on -the server after linking against the server API library, and once -talking to the server via authenticated Sun RPC after linking against -the client API library. Tests which should only be run locally or via -RPC are labelled with a ``local'' or ``RPC''. - -Furthermore, in addition to the tests labelled below, a test should be -implemented to verify that a client can't perform operations on the -server through the client API library when it's linked against -standard Sun RPC instead of OpenV*Secure's authenticated Sun RPC. -This will require a client with a modified version of ovsec_kadm_init -which doesn't call auth_gssapi_create. This client should call this -modified ovsec_kadm_init and then call some other admin API function, -specifying arguments to both functions that would work if the -authenticated Sun RPC had been used, but shouldn't if authentication -wasn't used. The test should verify that the API function call after -the init doesn't succeed. - -There is also another test to see if all the API functions handle getting an -invalid server handle correctly. This is not done as part of the tests that -are run through the TCL program cause the TCL program has no way of -invalidating a server handle. So there is a program that calls init and -changes the handle magic number, and then attempts to call each API function -with the corrupted server handle. - -A number of tests have been added or changed to correspond with KADM5 -API version 2. Tests which are only performed against the newer -version specify the version number in the test description. - -\section{ovsec_kadm_init} - -\numtest{1}{ -\Reason{An empty string realm is rejected.} -\Status{Implemented} -\Vtwonote{The empty string is now passed as the realm field of the -parameters structure.} -} - -\numtest{2}{ -\Reason{A realm containing invalid characters is rejected.} -\Status{Implemented} -\Vtwonote{The invalid character is now passed as the realm field of the -parameters structure.} -} - -\numtest{2.5}{ -\Reason{A non-existent realm is rejected.} -\Status{Implemented} -\Vtwonote{The non-existent realm is now passed as the realm field of the -parameters structure.} -} - -\numtest{3}{ -\Reason{A bad service name representing an existing principal - (different from the client principal) is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{4}{ -\Reason{A bad service name representing a non-existent - principal is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{5}{ -\Reason{A bad service name identical to the (existing) client - name is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{6}{ -\Reason{A null password causes password prompting.} -\Status{Implemented} -} - -\numtest{7}{ -\Reason{An empty-string causes password prompting} -\Status{Implemented} -} - -\numtest{8}{ -\Reason{An incorrect password which is the password of another - user is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{9}{ -\Reason{An incorrect password which isn't the password of any - user is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{10}{ -\Reason{A null client_name is rejected.} -\Status{Implemented} -} - -% Empty string client name is legal. -%\numtest{11}{ -%\Reason{An empty-string client_name is rejected.} -%} - -\numtest{12}{ -\Reason{A client_name referring to a non-existent principal in - the default realm is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{13}{ -\Reason{A client_name referring to a non-existent principal - with the local realm specified explicitly is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{14}{ -\Reason{A client_name referring to a non-existent principal in - a nonexistent realm is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{15}{ -\Reason{A client_name referring to an existing principal in a - nonexistent realm is rejected.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{16}{ -\Reason{Valid invocation.} -\Status{Implemented} -} - -\numtest{17}{ -\Reason{Valid invocation (explicit client realm).} -\Status{Implemented} -} - -\numtest{18}{ -\Reason{Valid invocation (CHANGEPW_SERVICE).} -\Status{Implemented} -} - -\numtest{19}{ -\Reason{Valid invocation (explicit service realm).} -\Status{Implemented} -\Vtwonote{The explicit realm is now passed as the realm field of the -configuration parameters.} -} - -\numtest{20}{ -\Reason{Valid invocation (database access allowed after init).} -\Status{Implemented} -} - -%\numtest{21}{ -%\Reason{Init fails when called twice in a row.} -%\Status{Implemented} -%} - -\numtest{22}{ -\Reason{A null password causes master-key prompting.} -\Conditions{local} -\Status{Implemented} -\Vtwonote{Obsolete.} -} - -\numtest{22.5}{ -\Reason{A empty string password causes master-key prompting.} -\Conditions{local} -\Status{Implemented} -\Vtwonote{Obsolete.} -} - -%\numtest{23}{ -%\Reason{A non-null password causes reading from the kstash.} -%\Conditions{local} -%\Status{Implemented} -%} - -\numtest{24}{ -\Reason{Null service name is ignored in local invocation.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{25}{ -\Reason{Non-null service name is ignored in local invocation.} -\Conditions{local} -\Status{Implemented} -} - -%\numtest{26}{ -%\Reason{Can't do ``get'' operation before calling init.} -%\Status{Implemented} -%} - -%\numtest{27}{ -%\Reason{Can't do ``add'' operation before calling init.} -%\Status{Implemented} -%} - -%\numtest{28}{ -%\Reason{Can't do ``modify'' operation before calling init.} -%\Status{Implemented} -%} - -%\numtest{29}{ -%\Reason{Can't do ``delete'' operation before calling init.} -%\Status{Implemented} -%} - -\numtest{30}{ -\Reason{Can init after failed init attempt.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{31}{ -\Priority{High} -\Reason{Return BAD_STRUCT_VERSION when the mask bits are set to invalid values} -\Status{Implemented} -} - -\numtest{32}{ -\Priority{High} -\Reason{Return BAD_STRUCT_VERSION when the mask bits are not set} -\Status{Implemented} -} - -\numtest{33}{ -\Priority{High} -\Reason{Return OLD_STRUCT_VERSION when attempting to use an old/unsupported - structure version} -\Status{Implemented} -} - -\numtest{34}{ -\Priority{High} -\Reason{Return NEW_STRUCT_VERSION when attempting to use a newer version of - of the structure then what is supported} -\Status{Implemented} -} - -\numtest{35}{ -\Priority{High} -\Reason{Return BAD_API_VERSION when the mask bits are set to invalid values} -\Status{Implemented} -} - -\numtest{36}{ -\Priority{High} -\Reason{Return BAD_API_VERSION when the mask bits are not set} -\Status{Implemented} -} - -\numtest{37}{ -\Priority{High} -\Reason{Return OLD_LIB_API_VERSION when using an old/unsuppored - api version number} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{38}{ -\Priority{High} -\Reason{Return OLD_SERVER_API_VERSION attempting to use an - old/unsupported api version number} -\Conditions{local} -\Status{Implemented} -} - -\numtest{39}{ -\Priority{High} -\Reason{Return NEW_LIB_API_VERSION when using a newer api - version number then supported} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{40}{ -\Priority{High} -\Reason{Return NEW_SERVER_API_VERSION when using a newer api version - number then supported} -\Conditions{local} -\Status{Implemented} -} - -\numtest{41}{ -\Priority{High} -\Reason{Return BAD_XXX_VERSION when the API and the structure - version numbers are reversed} -\Status{Implemented} -} - -\numtest{42}{ -\Priority{High} -\Reason{Succeeds when using valid api and struct version numbers and masks} -\Status{Implemented} -} - -\numtest{43}{ -\Priority{Low} -\Reason{Returns two different server handle when called twice with same info} -} - -\numtest{44}{ -\Priority{Low} -\Reason{Returns two different server handles when called twice with - different info} -} - -\numtest{45}{ -\Priority{Bug fix, secure-install/3390} -\Reason{Returns SECURE_PRINC_MISSING when ADMIN_SERVICE does not -exist.} -\Status{Implemented} -} - -\numtest{46}{ -\Priority{Bug fix, secure-install/3390} -\Reason{Returns SECURE_PRINC_MISSING when CHANGEPW_SERVICE does not -exist.} -\Status{Implemented} -} - -\numtest{100}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the profile field of the configuration parameters, if -set.} -\Status{Implemented} -} - -\numtest{101}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the kadmind_port field of the configuration parameters, -if set.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{102}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the admin_server field of the configuration parameters, -if set with only an admin server name.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{102.5}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the admin_server field of the configuration parameters, -if set with a host name and port number.} -\Conditions{RPC} -} - -\numtest{103}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the dbname field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{104}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the admin_dbname field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{105}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the admin_lockfile field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{106}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the mkey_from_kbd field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{107}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the stash_file field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{108}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the mkey_name field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{109}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the max_life field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{110}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the max_rlife field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{111}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the expiration field of the configuration parameters, if -set.} -\Status{Implemented} -\Conditions{local} -} - -\numtest{112}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the flags field of the configuration parameters, if -set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{113}{ -\Version{KADM5_API_VERSION_2} -\Reason{Obeys the keysalts and num_keysalts field of the configuration -parameters, if set.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{114}{ -\Version{KADM5_API_VERSION_2} -\Reason{Returns KADM5_BAD_SERVER_PARAMS if any client-only parameters -are specified to server-side init.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{115}{ -\Version{KADM5_API_VERSION_2} -\Reason{Returns KADM5_BAD_CLIENT_PARAMS if any client-only parameters -are specified to server-side init.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{116}{ -\Version{KADM5_API_VERSION_2} -\Reason{Two calls to init with clients having different privileges -succeeds, and both clients maintain their correct privileges.} -\Priority{Bug fix} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{117}{ -\Version{KADM5_API_VERSION_2} -\Reason{The max_life field defaults to value specified in the API -Functional Specification when kdc.conf is unreadable.} -\Priority{Bug fix, krb5-admin/18} -\Conditions{local} -\Status{Implemented} -} - -\numtest{150}{ -\Version{KADM5_API_VERSION_2} -\Reason{init_with_creds works when given an open ccache with a valid -credential for ADMIN_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{151}{ -\Version{KADM5_API_VERSION_2} -\Reason{init_with_creds works when given an open ccache with a valid -credential for CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{152}{ -\Version{KADM5_API_VERSION_2} -\Reason{init_with_creds fails with KRB5_FCC_NOFILE (was - KADM5_GSS_ERROR) when given an open -ccache with no credentials.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{153}{ -\Version{KADM5_API_VERSION_2} -\Reason{init_with_creds fails with KRB5_CC_NOTFOUND (was - KADM5_GSS_ERROR) when given an open -ccache without credentials for ADMIN_SERVICE or CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{154}{ -\Version{KADM5_API_VERSION_2} -\Reason{If the KRB5_KDC_PROFILE environment variable is set to a filename -that does not exist, init fails with ENOENT.} -\Conditions{RPC} -\Status{Implemented} -} - -\section{ovsec_kadm_destroy} - -\numtest{1}{ -\Reason{Valid invocation.} -\Status{Implemented} -} - -%\numtest{2}{ -%\Reason{Valid invocation (``get'' not allowed after destroy).} -%\Status{Implemented} -%} - -%\numtest{3}{ -%\Reason{Valid invocation (``add'' not allowed after destroy).} -%\Status{Implemented} -%} - -%\numtest{4}{ -%\Reason{Valid invocation (``modify'' not allowed after destroy).} -%\Status{Implemented} -%} - -%\numtest{5}{ -%\Reason{Valid invocation (``delete'' not allowed after destroy).} -%\Status{Implemented} -%} - -%\numtest{6}{ -%\Reason{Fails if database not initialized.} -%\Status{Implemented} -%} - -%\numtest{7}{ -%\Reason{Fails if invoked twice in a row.} -%\Status{Implemented} -%} - -\numtest{8}{ -\Reason{Database can be reinitialized after destroy.} -\Status{Implemented} -} - -\numtest{9}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{10}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{client} -} - -\section{ovsec_kadm_create_principal} - -%In the tests below, ``getu'' refers to a user who has only ``get'' access, -%''addu'' refers to a user who has only ``add'' access, ``modifyu'' refers to -%a user who has only ``modify'' access, and ``deleteu'' refers to a user -%who has only ``delete'' access. ``amu'' refers to a user with ``add'' and -%''modify'' access. ``new_princ'' refers to a principal entry structure -%filled in as follows: -% -% krb5_parse_name("newuser", \&new_princ.principal); -% krb5_timeofday(\&new_princ.princ_expire_time); -% new_princ.princ_expire_time += 130; -% krb5_timeofday(\&new_princ.last_pwd_change); -% new_princ.last_pwd_change += 140; -% krb5_timeofday(\&new_princ.pw_expiration); -% new_princ.pw_expiration += 150; -% new_princ.max_life = 160; -% krb5_parse_name("usera", \&new_princ.mod_name); -% krb5_timeofday(\&new_princ.mod_date); -% new_princ.mod_date += 170; -% new_princ.attributes = 0xabcdabcd; -% new_princ.kvno = 180; -% new_princ.mkvno = 190; -% new_princ.policy = null; -% new_princ.aux_attributes = 0xdeadbeef; -% -%The offsets of 130 through 190 above are used to ensure that the -%fields are all known to be different from each other, so that -%accidentally switched fields can be detected. Some of the fields in -%this structure may be changed by the tests, but they should clean up -%after themselves. - -%\numtest{1}{ -%\Reason{Fails if database not initialized.} -%\Status{Implemented} -%} - -\numtest{2}{ -\Reason{Fails on null princ argument.} -\Status{Implemented} -} - -\numtest{3}{ -\Reason{Fails on null password argument.} -\Status{Implemented} -} - -\numtest{4}{ -\Reason{Fails on empty-string password argument.} -\Status{Implemented} -} - -\numtest{5}{ -\Reason{Fails when mask contains undefined bit.} -\Status{Implemented} -} - -\numtest{6}{ -\Reason{Fails when mask contains LAST_PWD_CHANGE bit.} -\Status{Implemented} -} - -\numtest{7}{ -\Reason{Fails when mask contains MOD_TIME bit.} -\Status{Implemented} -} - -\numtest{8}{ -\Reason{Fails when mask contains MOD_NAME bit.} -\Status{Implemented} -} - -\numtest{9}{ -\Reason{Fails when mask contains MKVNO bit.} -\Status{Implemented} -} - -\numtest{10}{ -\Reason{Fails when mask contains AUX_ATTRIBUTES bit.} -\Status{Implemented} -} - -\numtest{11}{ -\Reason{Fails when mask contains POLICY_CLR bit.} -\Status{Implemented} -} - -\numtest{12}{ -\Reason{Fails for caller with no access bits.} -\Status{Implemented} -} - -\numtest{13}{ -\Reason{Fails when caller has ``get'' access and not ``add''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{14}{ -\Reason{Fails when caller has ``modify'' access and not ``add''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{15}{ -\Reason{Fails when caller has ``delete'' access and not ``add''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{16}{ -\Reason{Fails when caller connected with CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{17}{ -\Reason{Fails on attempt to create existing principal.} -\Status{Implemented} -} - -\numtest{18}{ -\Reason{Fails when password is too short.} -\Status{Implemented} -} - -\numtest{19}{ -\Reason{Fails when password has too few classes.} -\Status{Implemented} -} - -\numtest{20}{ -\Reason{Fails when password is in dictionary.} -\Status{Implemented} -} - -\numtest{21}{ -\Reason{Nonexistent policy is rejected.} -\Status{Implemented} -} - -\numtest{22}{ -\Reason{Fails on invalid principal name.} -\Status{Implemented} -} - -\numtest{23}{ -\Reason{Valid invocation.} -\Status{Implemented} -} - -\numtest{24}{ -\Reason{Succeeds when caller has ``add'' access and another one.} -\Status{Implemented} -} - -%\numtest{25}{ -%\Reason{Fails when password is too short, when override_qual is true.} -%} - -%\numtest{26}{ -%\Reason{Fails when password has too few classes, when -% override_qual is true.} -%} - -%\numtest{27}{ -%\Reason{Fails when password is in dictionary, when override_qual is -% true.} -%} - -\numtest{28}{ -\Reason{Succeeds when assigning policy.} -\Status{Implemented} -} - -\numtest{29}{ -\Priority{High} -\Reason{Allows 0 (never) for princ_expire_time.} -\Status{Implemented} -} - -\numtest{30}{ -\Reason{Allows 0 (never) for pw_expiration when there's no policy.} -\Status{Implemented} -} - -\numtest{31}{ -\Reason{Allows 0 (never) for pw_expiration when there's a policy with - 0 for pw_max_life.} -\Status{Implemented} -} - -\numtest{32}{ -\Reason{Accepts 0 (never) for pw_expiration when there's a policy with - non-zero pw_max_life, and sets pw_expiration to zero.} -\Status{Implemented} -} - -\numtest{33}{ -\Reason{Accepts and sets non-zero pw_expiration when no policy.} -\Status{Implemented} -} - -\numtest{34}{ -\Reason{Accepts and sets non-zero pw_expiration when there's a policy - with zero pw_max_life.} -\Status{Implemented} -} - -\numtest{35}{ -\Reason{Accepts and sets non-zero pw_expiration when there's a policy - with pw_max_life later than the specified pw_expiration.} -\Status{Implemented} -} - -\numtest{36}{ -\Reason{Accepts and sets non-zero pw_expiration greater than now_pw_max_life.} -\Status{Implemented} -} - -\numtest{37}{ -\Priority{High} -\Reason{Sets pw_expiration to 0 (never) if there's no policy and no - specified pw_expiration.} -\Status{Implemented} -} - -\numtest{38}{ -\Priority{High} -\Reason{Sets pw_expiration to 0 (never) if it isn't specified and the - policy has a 0 (never) pw_max_life.} -\Status{Implemented} -} - -\numtest{39}{ -\Priority{High} -\Reason{Sets pw_expiration to now + pw_max_life if it isn't specified - and the policy has a non-zero pw_max_life.} -\Status{Implemented} -} - -\numtest{40}{ -\Priority{High} -\Reason{Allows 0 (forever) for max_life.} -\Status{Implemented} -} - -\numtest{41}{ -\Priority{High} -\Reason{Doesn't modify or free mod_name on success.} -} - -\numtest{42}{ -\Priority{High} -\Reason{Doesn't modify or free mod_name on failure.} -} - -\numtest{43}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{44}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - - -\section{ovsec_kadm_delete_principal} - -%\numtest{1}{ -%\Reason{Fails if database not initialized.} -%\Status{Implemented} -%} - -\numtest{2}{ -\Reason{Fails on null principal.} -\Status{Implemented} -} - -% Empty string principal is legal. -%\numtest{3}{ -%\Reason{Fails on empty-string principal.} -%} - -% There is not invalid principal names -%\numtest{4}{ -%\Reason{Fails on invalid principal name.} -%} - -\numtest{5}{ -\Priority{High} -\Reason{Fails on nonexistent principal.} -\Status{Implemented} -} - -\numtest{6}{ -\Priority{High} -\Reason{Fails when caller connected with CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{7}{ -\Priority{High} -\Reason{Fails if caller has ``add'' access and not ``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{8}{ -\Priority{High} -\Reason{Fails if caller has ``modify'' access and not ``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{9}{ -\Priority{High} -\Reason{Fails if caller has ``get'' access and not ``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{10}{ -\Priority{High} -\Reason{Fails if caller has no access bits.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{11}{ -\Priority{High} -\Reason{Valid invocation.} -\Status{Implemented} -} - -\numtest{12}{ -\Priority{High} -\Reason{Valid invocation (on principal with policy).} -\Status{Implemented} -} - -\numtest{13}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{14}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - - -\section{ovsec_kadm_modify_principal} - -%\numtest{1}{ -%\Reason{Fails if database not initialized.} -%\Status{Implemented} -%} - -\numtest{2}{ -\Priority{High} -\Reason{Fails if user connected with CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{3}{ -\Reason{Fails on mask with undefined bit set.} -\Status{Implemented} -} - -\numtest{4}{ -\Reason{Fails on mask with PRINCIPAL set.} -\Status{Implemented} -} - -\numtest{5}{ -\Priority{High} -\Reason{Fails on mask with LAST_PWD_CHANGE set.} -\Status{Implemented} -} - -\numtest{6}{ -\Reason{Fails on mask with MOD_TIME set.} -\Status{Implemented} -} - -\numtest{7}{ -\Reason{Fails on mask with MOD_NAME set.} -\Status{Implemented} -} - -\numtest{8}{ -\Reason{Fails on mask with MKVNO set.} -\Status{Implemented} -} - -\numtest{9}{ -\Priority{High} -\Reason{Fails on mask with AUX_ATTRIBUTES set.} -\Status{Implemented} -} - -\numtest{10}{ -\Reason{Fails on nonexistent principal.} -\Status{Implemented} -} - -\numtest{11}{ -\Priority{High} -\Reason{Fails for user with no access bits.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{12}{ -\Priority{High} -\Reason{Fails for user with ``get'' access.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{13}{ -\Priority{High} -\Reason{Fails for user with ``add'' access.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{14}{ -\Priority{High} -\Reason{Fails for user with ``delete'' access.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{15}{ -\Priority{High} -\Reason{Succeeds for user with ``modify'' access.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{16}{ -\Reason{Succeeds for user with ``modify'' and another access.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{17}{ -\Priority{High} -\Reason{Fails when nonexistent policy is specified.} -\Status{Implemented} -} - -\numtest{18}{ -\Priority{High} -\Reason{Succeeds when existent policy is specified.} -\Status{Implemented} -} - -\numtest{19}{ -\Reason{Updates policy count when setting policy from none.} -\Status{Implemented} -} - -\numtest{20}{ -\Reason{Updates policy count when clearing policy from set.} -\Status{Implemented} -} - -\numtest{21}{ -\Reason{Updates policy count when setting policy from other policy.} -\Status{Implemented} -} - -\numtest{21.5}{ -\Reason{Policy reference count remains unchanged when policy is - changed to itself.} -\Status{Implemented.} -} - -\numtest{22}{ -\Reason{Allows 0 (never) for pw_expiration when there's no policy.} -\Status{Implemented} -} - -\numtest{23}{ -\Reason{Allows 0 (never) for pw_expiration when there's a policy with - 0 for pw_max_life.} -\Status{Implemented} -} - -\numtest{24}{ -\Reason{Accepts 0 (never) for pw_expiration when there's a policy with - non-zero pw_max_life, but actually sets pw_expiration to - last_pwd_change + pw_max_life.} -\Status{Implemented} -} - -\numtest{25}{ -\Reason{Accepts and sets non-zero pw_expiration when no policy.} -\Status{Implemented} -} - -\numtest{26}{ -\Reason{Accepts and sets non-zero pw_expiration when there's a policy - with zero pw_max_life.} -\Status{Implemented} -} - -\numtest{27}{ -\Reason{Accepts and sets non-zero pw_expiration when there's a policy - with pw_max_life later than the specified pw_expiration.} -\Status{Implemented} -} - -\numtest{28}{ -\Reason{Accepts non-zero pw_expiration and limits it to last_pwd_change + - pw_max_life when it's later than last_pwd_change + non-zero - pw_max_life in policy.} -\Status{Implemented} -} - -\numtest{29}{ -\Priority{High} -\Reason{Sets pw_expiration to 0 (never) when a policy is cleared and -no pw_expiration is specified.} -\Status{Implemented} -} - -\numtest{30}{ -\Priority{High} -\Reason{Sets pw_expiration to 0 (never) if it isn't specified and the - new policy has a 0 (never) pw_max_life.} -\Status{Implemented} -} - -\numtest{31}{ -\Priority{High} -\Reason{Sets pw_expiration to now + pw_max_life if it isn't specified - and the new policy has a non-zero pw_max_life.} -\Status{Implemented} -} - -\numtest{32}{ -\Priority{High} -\Reason{Accepts princ_expire_time change.} -\Status{Implemented} -} - - - -\numtest{33}{ -\Priority{High} -\Reason{Accepts attributes change.} -\Status{Implemented} -} - -\numtest{33.25}{ -\Priority{High} -\Reason{Accepts attributes change (KRB5_KDB_REQUIRES_PW_CHANGE).} -\Status{Implemented} -} - -\numtest{33.5}{ -\Priority{High} -\Reason{Accepts attributes change (KRB5_DISALLOW_TGT_BASE).} -\Status{Implemented} -} - -\numtest{33.75}{ -\Priority{High} -\Reason{Accepts attributes change (KRB5_PW_CHANGE_SERVICE).} -\Status{Implemented} -} - -\numtest{34}{ -\Priority{High} -\Reason{Accepts max_life change.} -\Status{Implemented} -} - -\numtest{35}{ -\Priority{High} -\Reason{Accepts kvno change.} -\Status{Implemented} -} - -\numtest{36}{ -\Reason{Behaves correctly when policy is set to the same as it was - before.} -\Status{Implemented} -} - -\numtest{37}{ -\Reason{Behaves properly when POLICY_CLR is specified and there was no - policy before.} -\Status{Implemented} -} - -\numtest{38}{ -\Priority{High} -\Reason{Accepts 0 (never) for princ_expire_time.} -\Status{Implemented} -} - -\numtest{39}{ -\Priority{High} -\Reason{Accepts 0 for max_life.} -\Status{Implemented} -} - -\numtest{40}{ -\Reason{Rejects null principal argument.} -\Status{Implemented} -} - -\numtest{41}{ -\Priority{High} -\Reason{Doesn't modify or free mod_name on success.} -} - -\numtest{42}{ -\Priority{High} -\Reason{Doesn't modify or free mod_name on failure.} -} - -\numtest{43}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{44}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - -\numtest{100}{ -\Version{KADM5_API_VERSION_2} -\Priority{bug-fix} -\Reason{Accepts max_rlife change.} -\Status{Implemented} -} - -\numtest{101}{ -\Version{KADM5_API_VERSION_2} -\Reason{Rejects last_success change.} -\Status{Implemented} -} - -\numtest{102}{ -\Version{KADM5_API_VERSION_2} -\Reason{Rejects last_failed change.} -\Status{Implemented} -} - -\numtest{103}{ -\Version{KADM5_API_VERSION_2} -\Reason{Rejects fail_auth_count change.} -\Status{Implemented} -} - -\numtest{103.5}{ -\Version{KADM5_API_VERSION_2} -\Reason{Rejects key_data change.} -\Status{Implemented} -} - -\numtest{104}{ -\Version{KADM5_API_VERSION_2} -\Reason{Accepts tl_data change when all types are greater than 256.} -\Status{Implemented} -} - -\numtest{105}{ -\Version{KADM5_API_VERSION_2} -\Reason{Returns KADM5_BAD_TL_TYPE when given tl_data with a type less -than 256.} -\Status{Implemented} -} - -\section{ovsec_kadm_rename_principal} - -%\numtest{1}{ -%\Reason{Fails if database not initialized.} -%\Status{Implemented} -%} - -\numtest{2}{ -\Priority{High} -\Reason{Fails if user connected with CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{3}{ -\Priority{High} -\Reason{Fails for user with no access bits.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{4}{ -\Reason{Fails for user with ``modify'' access and not ``add'' or -``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{5}{ -\Reason{Fails for user with ``get'' access and not ``add'' or -``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{6}{ -\Reason{Fails for user with ``modify'' and ``add'' but not ``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{7}{ -\Reason{Fails for user with ``modify'' and ``delete'' but not ``add''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{8}{ -\Reason{Fails for user with ``get'' and ``add'' but not ``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{9}{ -\Reason{Fails for user with ``get'' and ``delete'' but not ``add.''} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{10}{ -\Reason{Fails for user with ``modify'', ``get'' and ``add'', but not - ``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{11}{ -\Reason{Fails for user with ``modify'', ``get'' and ``delete'', but - not ``add''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{12}{ -\Priority{High} -\Reason{Fails for user with ``add'' but not ``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{13}{ -\Priority{High} -\Reason{Fails for user with ``delete'' but not ``add''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{14}{ -\Priority{High} -\Reason{Succeeds for user with ``add'' and ``delete'', when that user -has non-name-based salt.} -\Status{Implemented} -} - -\numtest{15}{ -\Priority{High} -\Reason{Fails if target principal name exists.} -\Status{Implemented} -} - -\numtest{16}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{17}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - -\numtest{18}{ -\Priority{bug fix} -\Reason{Returns NO_RENAME_SALT when asked to rename a principal whose -salt depends on the principal name.} -\Status{Implemented} -} - -\section{ovsec_kadm_chpass_principal} -\label{ovseckadmchpassprincipal} - -\subsection{Quality/history enforcement tests} - -This section lists a series of tests which will be run a number of -times, with various parameter settings (e.g., which access bits user -has, whether user connected with ADMIN_SERVICE or CHANGEPW_SERVICE, -etc.). The table following the -list of tests gives the various parameter settings under which the -tests should be run, as well which should succeed and which should -fail for each choice of parameter settings. - -\subsubsection{List of tests} - -The test number of each of these tests is an offset from the base -given in the table below. - -\numtest{1}{ -\Priority{High} -\Reason{With history setting of 1, change password to itself.} -} - -\numtest{2}{ -\Reason{With history setting of 2 but no password changes since - principal creation, change password to itself.} -} - -\numtest{3}{ -\Reason{With history setting of 2 and one password change since - principal creation, change password to itself - and directly previous password.} -} - -\numtest{4}{ -\Priority{High} -\Reason{With a history setting of 3 and no password changes, - change password to itself.} -} - -\numtest{5}{ -\Priority{High} -\Reason{With a history setting of 3 and 1 password change, - change password to itself or previous password.} -} - -\numtest{6}{ -\Priority{High} -\Reason{With a history setting of 3 and 2 password changes, - change password to itself and the two previous passwords.} -} - -\numtest{7}{ -\Priority{High} -\Reason{Change to previously unused password when now - - last_pwd_change $<$ pw_min_life.} -} - -\numtest{8}{ -\Priority{High} -\Reason{Change to previously unused password that doesn't contain enough - character classes.} -} - -\numtest{9}{ -\Priority{High} -\Reason{Change to previously unused password that's too short.} -} - -\numtest{10}{ -\Priority{High} -\Reason{Change to previously unused password that's in the dictionary.} -} - -\subsubsection{List of parameter settings} - -In the table below, ``7 passes'' means that test 7 above passes and -the rest of the tests fail. - -\begin{tabular}{llllll} -Base & Modify access? & Own password? & Service & Pass/Fail \\ \hline -0 & No & Yes & ADMIN & all fail \\ -20 & No & Yes & CHANGEPW & all fail \\ -40 & No & No & ADMIN & all fail \\ -60 & No & No & CHANGEPW & all fail \\ -80 & Yes & Yes & ADMIN & 7 passes \\ -100 & Yes & Yes & CHANGEPW & all fail \\ -120 & Yes & No & ADMIN & 7 passes \\ -140 & Yes & No & CHANGEPW & all fail \\ -\end{tabular} - -\subsection{Other quality/history tests} - -\numtest{161}{ -\Priority{High} -\Reason{With history of 1, can change password to anything other than - itself that doesn't conflict with other quality - rules.} -} - -\numtest{162}{ -\Reason{With history of 2 and 2 password changes, can change password - to original password.} -} - -\numtest{163}{ -\Priority{High} -\Reason{With history of 3 and 3 password changes, can change password - to original password.} -} - -\numtest{164}{ -\Priority{High} -\Reason{Can change password when now - last_pwd_change $>$ pw_min_life.} -} - -\numtest{165}{ -\Priority{High} -\Reason{Can change password when it contains exactly the number of - classes required by the policy.} -} - -\numtest{166}{ -\Priority{High} -\Reason{Can change password when it is exactly the length required by - the policy.} -} - -\numtest{167}{ -\Priority{High} -\Reason{Can change password to a word that isn't in the dictionary.} -} - - -\subsection{Other tests} - -%\numtest{168}{ -%\Reason{Fails if database not initialized.} -%} - -\numtest{169}{ -\Reason{Fails for non-existent principal.} -} - -\numtest{170}{ -\Reason{Fails for null password.} -} - -\numtest{171}{ -\Priority{High} -\Reason{Fails for empty-string password.} -} - -\numtest{172}{ -\Priority{High} -\Reason{Pw_expiration is set to now + max_pw_life if policy exists and - has non-zero max_pw_life.} -} - -\numtest{173}{ -\Priority{High} -\Reason{Pw_expiration is set to 0 if policy exists and has zero - max_pw_life.} -} - -\numtest{174}{ -\Priority{High} -\Reason{Pw_expiration is set to 0 if no policy.} -} - -\numtest{175}{ -\Priority{High} -\Reason{KRB5_KDC_REQUIRES_PWCHANGE bit is cleared when password is - successfully changed.} -} - -\numtest{176}{ -\Priority{High} -\Reason{Fails for user with no access bits, on other's password.} -} - -\numtest{177}{ -\Priority{High} -\Reason{Fails for user with ``get'' but not ``modify'' access, on - other's password.} -} - -\numtest{178}{ -\Reason{Fails for user with ``delete'' but not ``modify'' access, on - other's password.} -} - -\numtest{179}{ -\Reason{Fails for user with ``add'' but not ``modify'' access, on - other's password.} -} - -\numtest{180}{ -\Reason{Succeeds for user with ``get'' and ``modify'' access, on - other's password.} -\Status{Implemented} -} - -\numtest{180.5}{ -\Priority{High} -\Reason{Succeeds for user with ``modify'' but not ``get'' access, on - other's password.} -\Conditions{RPC} -\Status{Implemented} -} -\numtest{180.625}{ -\Priority{High} -\Reason{Fails for user with modify when connecting with CHANGEPW_SERVICE on - others password} -\Conditions{RPC} -\Status{Implemented} -} -\numtest{180.75}{ -\Priority{High} -\Reason{Fails for user with modify when connecting with CHANGEPW_SERVICE - on other's password which has expired} -\Conditions{RPC} -\Status{Implemented} -} - -%\numtest{181}{ -%\Reason{Password that would succeed if override_qual were false fails -% if override_qual is true.} -%\Expected{Returns CANNOT_OVERRIDE.} -%} - -\numtest{182}{ -\Priority{High} -\Reason{Can not change key of ovsec_adm/history principal.} -\Status{Implemented} -} - -\numtest{183}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{184}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - -\numtest{200}{ -\Version{KADM5_API_VERSION_2} -\Reason{Creates a key for the principal for each unique encryption -type/salt type in use.} -\Status{Implemented} -} - -\section{ovsec_kadm_chpass_principal_util} - -Rerun all the tests listed for ovsec_kadm_chpass_principal above in -Section \ref{ovseckadmchpassprincipal}. Verify that they succeed -and fail in the same circumstances. Also verify that in each failure -case, the error message returned in msg_ret is as specified in the -functional specification. - -Also, run the following additional tests. - -\numtest{1}{ -\Reason{Null msg_ret is rejected.} -} - -\numtest{2}{ -\Priority{High} -\Reason{New password is put into pw_ret, when it's prompted for.} -} - -\numtest{3}{ -\Priority{High} -Reason{New password is put into pw_ret, when it's supplied by the - caller.} -} - -\numtest{4}{ -\Priority{High} -\Reason{Successful invocation when pw_ret is null.} -} - - - -\section{ovsec_kadm_randkey_principal} - -\subsection{TOOSOON enforcement tests} - -This test should be run a number of times, as indicated in the table -following it. The table also indicates the expected result of each -run of the test. - -\test{ -\Reason{Change key when now - last_pwd_change $<$ pw_min_life.} -} - -\subsubsection{List of parameter settings} - -\begin{tabular}{llllll} -Number & Modify Access? & Own Key? & Service & Pass/Fail & Implemented? \\ \hline -1 & No & Yes & ADMIN & fail & Yes \\ -3 & No & Yes & CHANGEPW & fail & Yes \\ -5 & No & No & ADMIN & fail \\ -7 & No & No & CHANGEPW & fail \\ -9 & Yes & Yes & ADMIN & pass \\ -11 & Yes & Yes & CHANGEPW & fail \\ -13 & Yes & No & ADMIN & pass & Yes \\ -15 & Yes & No & CHANGEPW & fail & Yes \\ -\end{tabular} - -\subsection{Other tests} - -\numtest{17}{ -\Reason{Fails if database not initialized.} -} - -\numtest{18}{ -\Reason{Fails for non-existent principal.} -} - -\numtest{19}{ -\Reason{Fails for null keyblock pointer.} -} - -\numtest{20}{ -\Priority{High} -\Reason{Pw_expiration is set to now + max_pw_life if policy exists and - has non-zero max_pw_life.} -} - -\numtest{21}{ -\Priority{High} -\Reason{Pw_expiration is set to 0 if policy exists and has zero - max_pw_life.} -} - -\numtest{22}{ -\Priority{High} -\Reason{Pw_expiration is set to 0 if no policy.} -} - -\numtest{23}{ -\Priority{High} -\Reason{KRB5_KDC_REQUIRES_PWCHANGE bit is cleared when key is - successfully changed.} -} - -\numtest{24}{ -\Priority{High} -\Reason{Fails for user with no access bits, on other's password.} -} - -\numtest{25}{ -\Priority{High} -\Reason{Fails for user with ``get'' but not ``modify'' access, on - other's password.} -\Vtwonote{Change-password instead of modify access.} -} - -\numtest{26}{ -\Reason{Fails for user with ``delete'' but not ``modify'' access, on - other's password.} -\Vtwonote{Change-password instead of modify access.} -} - -\numtest{27}{ -\Reason{Fails for user with ``add'' but not ``modify'' access, on - other's password.} -\Vtwonote{Change-password instead of modify access.} -} - -\numtest{28}{ -\Reason{Succeeds for user with ``get'' and ``modify'' access, on - other's password.} -\Status{Implemented} -\Vtwonote{Change-password instead of modify access.} -} - -\numtest{28.25}{ -\Priority{High} -\Reason{Fails for user with get and modify access on others password - When conneceted with CHANGEPW_SERVICE} -\Status{Implemented} -\Vtwonote{Change-password instead of modify access.} -} - -\numtest{28.5}{ -\Priority{High} -\Reason{Succeeds for user with ``modify'' but not ``get'' access, on - other's password.} -\Status{Implemented} -\Vtwonote{Change-password instead of modify access.} -} - -\numtest{29}{ -\Reason{The new key that's assigned is truly random. XXX not sure how - to test this.} -} - -\numtest{30}{ -\Reason{Succeeds for own key, no other access bits when connecting with CHANGEPW service} -\Status{Implemented} -} -\numtest{31}{ -\Reason{Succeeds for own key, no other access bits when connecting with ADMIM service} -\Status{Implemented} -} - -\numtest{32}{ -\Reason{Cannot change ovsec_adm/history key} -\Status{Implemented} -} - -\numtest{33}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{34}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - -\numtest{100}{ -\Version{KADM5_API_VERSION_2} -\Reason{Returns a key for each unique encryption type specified in the -keysalts.} -} - -\section{ovsec_kadm_get_principal} - -\numtest{1}{ -\Reason{Fails for null ent.} -\Status{Implemented} -} - -\numtest{2}{ -\Reason{Fails for non-existent principal.} -\Status{Implemented} -} - -\numtest{3}{ -\Priority{High} -\Reason{Fails for user with no access bits, retrieving other principal.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{4}{ -\Priority{High} -\Reason{Fails for user with ``add'' but not ``get'', getting principal - other than his own, using ADMIN_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{5}{ -\Reason{Fails for user with ``modify'' but not ``get'', getting - principal other than his own, using ADMIN_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{6}{ -\Reason{Fails for user with ``delete'' but not ``get'', getting - principal other than his own, using ADMIN_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{7}{ -\Reason{Fails for user with ``delete'' but not ``get'', getting - principal other than his own, using CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{8}{ -\Priority{High} -\Reason{Fails for user with ``get'', getting principal other than his - own, using CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{9}{ -\Priority{High} -\Reason{Succeeds for user without ``get'', retrieving self, using - ADMIN_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{10}{ -\Reason{Succeeds for user without ``get'', retrieving self, using - CHANGEPW_SERVICE.} -\Status{Implemented} -} - -\numtest{11}{ -\Reason{Succeeds for user with ``get'', retrieving self, using - ADMIN_SERVICE.} -\Status{Implemented} -} - -\numtest{12}{ -\Reason{Succeeds for user with ``get'', retrieving self, using - CHANGEPW_SERVICE.} -\Status{Implemented} -} - -\numtest{13}{ -\Priority{High} -\Reason{Succeeds for user with ``get'', retrieving other user, using - ADMIN_SERVICE.} -\Status{Implemented} -} - -\numtest{14}{ -\Reason{Succeeds for user with ``get'' and ``modify'', retrieving - other principal, using ADMIN_SERVICE.} -\Status{Implemented} -} - -\numtest{15}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{16}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - -\numtest{100}{ -\Version{KADM5_API_VERSION_2} -\Reason{If KADM5_PRINCIPAL_NORMAL_MASK is specified, the key_data and -tl_data fields are NULL/zero.} -\Status{Implemented} -} - -\numtest{101}{ -\Version{KADM5_API_VERSION_2} -\Reason{If KADM5_KEY_DATA is specified, the key_data fields contain -data but the contents are all NULL.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{102}{ -\Version{KADM5_API_VERSION_2} -\Reason{If KADM5_KEY_DATA is specified, the key_data fields contain -data and the contents are all non-NULL.} -\Conditions{local} -\Status{Implemented} -} - -\numtest{103}{ -\Version{KADM5_API_VERSION_2} -\Reason{If KADM5_TL_DATA is specified, the tl_data field contains the -correct tl_data and no entries whose type is less than 256.} -\Status{Implemented} -} - - -\section{ovsec_kadm_create_policy} - -\numtest{1}{ -\Reason{Fails for mask with undefined bit set.} -\Status{Implemented - untested} -} - -\numtest{2}{ -\Priority{High} -\Reason{Fails if caller connected with CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{3}{ -\Reason{Fails for mask without POLICY bit set.} -\Status{Implemented - untested} -} - -\numtest{4}{ -\Reason{Fails for mask with REF_COUNT bit set.} -\Status{Implemented} -} - -\numtest{5}{ -\Reason{Fails for invalid policy name.} -\Status{Implemented - untested} -} - -\numtest{6}{ -\Priority{High} -\Reason{Fails for existing policy name.} -\Status{Implemented} -} - -\numtest{7}{ -\Reason{Fails for null policy name.} -\Status{Implemented - untested} -} - -\numtest{8}{ -\Priority{High} -\Reason{Fails for empty-string policy name.} -\Status{Implemented} -} - -\numtest{9}{ -\Priority{High} -\Reason{Accepts 0 for pw_min_life.} -\Status{Implemented} -} - -\numtest{10}{ -\Priority{High} -\Reason{Accepts non-zero for pw_min_life.} -\Status{Implemented} -} - -\numtest{11}{ -\Priority{High} -\Reason{Accepts 0 for pw_max_life.} -\Status{Implemented} -} - -\numtest{12}{ -\Priority{High} -\Reason{Accepts non-zero for pw_max_life.} -\Status{Implemented} -} - -\numtest{13}{ -\Priority{High} -\Reason{Rejects 0 for pw_min_length.} -\Status{Implemented} -} - -\numtest{14}{ -\Priority{High} -\Reason{Accepts non-zero for pw_min_length.} -\Status{Implemented} -} - -\numtest{15}{ -\Priority{High} -\Reason{Rejects 0 for pw_min_classes.} -\Status{Implemented} -} - -\numtest{16}{ -\Priority{High} -\Reason{Accepts 1 for pw_min_classes.} -\Status{Implemented} -} - -\numtest{17}{ -\Priority{High} -\Reason{Accepts 4 for pw_min_classes.} -\Status{Implemented} -} - -\numtest{18}{ -\Priority{High} -\Reason{Rejects 5 for pw_min_classes.} -\Status{Implemented} -} - -\numtest{19}{ -\Priority{High} -\Reason{Rejects 0 for pw_history_num.} -\Status{Implemented} -} - -\numtest{20}{ -\Priority{High} -\Reason{Accepts 1 for pw_history_num.} -\Status{Implemented} -} - -\numtest{21}{ -\Priority{High} -\Reason{Accepts 10 for pw_history_num.} -\Status{Implemented} -} - -\numtest{21.5}{ -\Reason{Rejects 11 for pw_history_num.} -\Status{Implemented - untested} -} - -\numtest{22}{ -\Priority{High} -\Reason{Fails for user with no access bits.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{23}{ -\Priority{High} -\Reason{Fails for user with ``get'' but not ``add''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{24}{ -\Reason{Fails for user with ``modify'' but not ``add.''} -\Conditions{RPC} -\Status{Implemented - untested} -} - -\numtest{25}{ -\Reason{Fails for user with ``delete'' but not ``add.''} -\Conditions{RPC} -\Status{Implemented - untested} -} - -\numtest{26}{ -\Priority{High} -\Reason{Succeeds for user with ``add.''} -\Status{Implemented} -} - -\numtest{27}{ -\Reason{Succeeds for user with ``get'' and ``add.''} -\Status{Implemented - untested} -} - -\numtest{28}{ -\Reason{Rejects null policy argument.} -\Status{Implemented - untested} -} - -\numtest{29}{ -\Reason{Rejects pw_min_life greater than pw_max_life.} -} - -\numtest{30}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{31}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - - -\section{ovsec_kadm_delete_policy} - -\numtest{1}{ -\Reason{Fails for null policy name.} -} - -\numtest{2}{ -\Priority{High} -\Reason{Fails for empty-string policy name.} -\Status{Implemented} -} - -\numtest{3}{ -\Reason{Fails for non-existent policy name.} -} - -\numtest{4}{ -\Reason{Fails for bad policy name.} -} - -\numtest{5}{ -\Priority{High} -\Reason{Fails if caller connected with CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{6}{ -\Priority{High} -\Reason{Fails for user with no access bits.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{7}{ -\Priority{High} -\Reason{Fails for user with ``add'' but not ``delete''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{8}{ -\Reason{Fails for user with ``modify'' but not ``delete''.} -\Conditions{RPC} -} - -\numtest{9}{ -\Reason{Fails for user with ``get'' but not ``delete.''} -\Conditions{RPC} -} - -\numtest{10}{ -\Priority{High} -\Reason{Succeeds for user with only ``delete''.} -\Status{Implemented} -} - -\numtest{11}{ -\Reason{Succeeds for user with ``delete'' and ``add''.} -} - -\numtest{12}{ -\Priority{High} -\Reason{Fails for policy with non-zero reference count.} -\Status{Implemented} -} - -\numtest{13}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{14}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - - -\section{ovsec_kadm_modify_policy} - -\numtest{1}{ -\Reason{Fails for mask with undefined bit set.} -\Conditions{RPC} -} - -\numtest{2}{ -\Priority{High} -\Reason{Fails if caller connected with CHANGEPW_SERVICE.} -\Status{Implemented} -} - -\numtest{3}{ -\Reason{Fails for mask with POLICY bit set.} -} - -\numtest{4}{ -\Reason{Fails for mask with REF_COUNT bit set.} -\Status{Implemented} -} - -\numtest{5}{ -\Reason{Fails for invalid policy name.} -} - -\numtest{6}{ -\Reason{Fails for non-existent policy name.} -} - -\numtest{7}{ -\Reason{Fails for null policy name.} -} - -\numtest{8}{ -\Priority{High} -\Reason{Fails for empty-string policy name.} -\Status{Implemented} -} - -\numtest{9}{ -\Priority{High} -\Reason{Accepts 0 for pw_min_life.} -\Status{Implemented} -} - -\numtest{10}{ -\Priority{High} -\Reason{Accepts non-zero for pw_min_life.} -\Status{Implemented} -} - -\numtest{11}{ -\Priority{High} -\Reason{Accepts 0 for pw_max_life.} -\Status{Implemented} -} - -\numtest{12}{ -\Priority{High} -\Reason{Accepts non-zero for pw_max_life.} -\Status{Implemented} -} - -\numtest{13}{ -\Priority{High} -\Reason{Accepts 0 for pw_min_length.} -\Status{Implemented} -} - -\numtest{14}{ -\Priority{High} -\Reason{Accepts non-zero for pw_min_length.} -\Status{Implemented} -} - -\numtest{15}{ -\Priority{High} -\Reason{Rejects 0 for pw_min_classes.} -\Status{Implemented} -} - -\numtest{16}{ -\Priority{High} -\Reason{Accepts 1 for pw_min_classes.} -\Status{Implemented} -} - -\numtest{17}{ -\Priority{High} -\Reason{Accepts 4 for pw_min_classes.} -\Status{Implemented} -} - -\numtest{18}{ -\Priority{High} -\Reason{Rejects 5 for pw_min_classes.} -\Status{Implemented} -} - -\numtest{19}{ -\Priority{High} -\Reason{Rejects 0 for pw_history_num.} -\Status{Implemented} -} - -\numtest{20}{ -\Priority{High} -\Reason{Accepts 1 for pw_history_num.} -\Status{Implemented} -} - -\numtest{21}{ -\Priority{High} -\Reason{Accepts 10 for pw_history_num.} -\Status{Implemented} -} - -\numtest{22}{ -\Priority{High} -\Reason{Fails for user with no access bits.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{23}{ -\Priority{High} -\Reason{Fails for user with ``get'' but not ``modify''.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{24}{ -\Reason{Fails for user with ``add'' but not ``modify.''} -\Conditions{RPC} -} - -\numtest{25}{ -\Reason{Fails for user with ``delete'' but not ``modify.''} -\Conditions{RPC} -} - -\numtest{26}{ -\Priority{High} -\Reason{Succeeds for user with ``modify.''} -\Status{Implemented} -} - -\numtest{27}{ -\Reason{Succeeds for user with ``get'' and ``modify.''} -} - -\numtest{28}{ -\Reason{Rejects null policy argument.} -} - -\numtest{29}{ -\Reason{Rejects change which makes pw_min_life greater than - pw_max_life.} -} - -\numtest{30}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{31}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - -\section{ovsec_kadm_get_policy} - -\numtest{1}{ -\Reason{Fails for null policy.} -} - -\numtest{2}{ -\Reason{Fails for invalid policy name.} -} - -\numtest{3}{ -\Priority{High} -\Reason{Fails for empty-string policy name.} -\Status{Implemented} -} - -\numtest{4}{ -\Reason{Fails for non-existent policy name.} -} - -\numtest{5}{ -\Reason{Fails for null ent.} -} - -\numtest{6}{ -\Priority{High} -\Reason{Fails for user with no access bits trying to get other's - policy, using ADMIN_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{7}{ -\Priority{High} -\Reason{Fails for user with ``add'' but not ``get'' trying to get - other's policy, using ADMIN_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{8}{ -\Reason{Fails for user with ``modify'' but not ``get'' trying to get - other's policy, using ADMIN_SERVICE.} -\Conditions{RPC} -} - -\numtest{9}{ -\Reason{Fails for user with ``delete'' but not ``get'' trying to get - other's policy, using ADMIN_SERVICE.} -\Conditions{RPC} -} - -\numtest{10}{ -\Reason{Fails for user with ``delete'' but not ``get'' trying to get - other's policy, using CHANGEPW_SERVICE.} -\Conditions{RPC} -} - -\numtest{11}{ -\Priority{High} -\Reason{Succeeds for user with only ``get'', trying to get own policy, - using ADMIN_SERVICE.} -\Status{Implemented} -} - -\numtest{12}{ -\Priority{High} -\Reason{Succeeds for user with only ``get'', trying to get own policy, - using CHANGEPW_SERVICE.} -\Status{Implemented} -} - -\numtest{13}{ -\Reason{Succeeds for user with ``add'' and ``get'', trying to get own - policy, using ADMIN_SERVICE.} -} - -\numtest{14}{ -\Reason{Succeeds for user with ``add'' and ``get'', trying to get own - policy, using CHANGEPW_SERVICE.} -} - -\numtest{15}{ -\Reason{Succeeds for user without ``get'', trying to get own policy, - using ADMIN_SERVICE.} -} - -\numtest{16}{ -\Priority{High} -\Reason{Succeeds for user without ``get'', trying to get own policy, - using CHANGEPW_SERVICE.} -\Status{Implemented} -} - -\numtest{17}{ -\Priority{High} -\Reason{Succeeds for user with ``get'', trying to get other's policy, - using ADMIN_SERVICE.} -\Status{Implemented} -} - -\numtest{18}{ -\Priority{High} -\Reason{Fails for user with ``get'', trying to get other's policy, - using CHANGEPW_SERVICE.} -\Conditions{RPC} -\Status{Implemented} -} - -\numtest{19}{ -\Reason{Succeeds for user with ``modify'' and ``get'', trying to get - other's policy, using ADMIN_SERVICE.} -} - -\numtest{20}{ -\Reason{Fails for user with ``modify'' and ``get'', trying to get - other's policy, using CHANGEPW_SERVICE.} -} - -\numtest{21}{ -\Priority{High} -\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in} -\Status{Implemented} -} - -\numtest{22}{ -\Priority{Low} -\Reason{Connects to correct server when multiple handles exist} -\Conditions{RPC} -} - - -\section{ovsec_kadm_free_principal_ent} - -In addition to the tests listed here, a memory-leak detector such as -TestCenter, Purify or dbmalloc should be used to verify that the -memory freed by this function is really freed. - -\numtest{1}{ -\Reason{Null princ succeeds.} -} - -\numtest{2}{ -\Reason{Non-null princ succeeds.} -} - - -\section{ovsec_kadm_free_policy_ent} - -In addition to the tests listed here, a memory-leak detector such as -TestCenter, Purify or dbmalloc should be used to verify that the -memory freed by this function is really freed. - -\numtest{1}{ -\Reason{Null policy succeeds.} -} - -\numtest{2}{ -\Reason{Non-null policy succeeds.} -} - - - -\section{ovsec_kadm_get_privs} - -\numtest{1}{ -\Reason{Fails for null pointer argument.} -} - -This test should be run with the 16 possible combinations of access -bits (since there are 4 access bits, there are $2^4 = 16$ possible -combinations of them): - -\numtest{2}{ -\Priority{High} -\Reason{Returns correct bit mask for access bits of user.} -\Conditions{RPC} -} - -This test should be run locally: - -\numtest{3}{ -\Priority{High} -\Reason{Returns 0x0f.} -\Conditions{local} -} - -\end{document} diff --git a/src/config/pre.in b/src/config/pre.in index 3752174c7..b2d17b077 100644 --- a/src/config/pre.in +++ b/src/config/pre.in @@ -228,16 +228,8 @@ KRB5_INCSUBDIRS = \ $(KRB5_INCDIR)/gssapi \ $(KRB5_INCDIR)/gssrpc -# -# Macros used by the KADM5 (OV-based) unit test system. -# XXX check which of these are actually used! -# SKIPTESTS = $(BUILDTOP)/skiptests -TESTDIR = $(BUILDTOP)/kadmin/testing -STESTDIR = $(top_srcdir)/kadmin/testing -ENV_SETUP = $(TESTDIR)/scripts/env-setup.sh -CLNTTCL = $(TESTDIR)/util/kadm5_clnt_tcl -SRVTCL = $(TESTDIR)/util/kadm5_srv_tcl + # Dejagnu variables. # We have to set the host with --host so that setup_xfail will work. # If we don't set it, then the host type used is "native", which @@ -249,14 +241,6 @@ RUNTEST = runtest $(DEJAFLAGS) RUNPYTEST = PYTHONPATH=$(top_srcdir)/util VALGRIND="$(VALGRIND)" \ $(PYTHON) -START_SERVERS = $(STESTDIR)/scripts/start_servers $(TEST_SERVER) $(TEST_PATH) -START_SERVERS_LOCAL = $(STESTDIR)/scripts/start_servers_local - -STOP_SERVERS = $(STESTDIR)/scripts/stop_servers $(TEST_SERVER) $(TEST_PATH) -STOP_SERVERS_LOCAL = $(STESTDIR)/scripts/stop_servers_local -# -# End of macros for the KADM5 unit test system. -# transform = @program_transform_name@ diff --git a/src/configure.ac b/src/configure.ac index 61778dcd0..4f16fee45 100644 --- a/src/configure.ac +++ b/src/configure.ac @@ -991,33 +991,9 @@ ath_compat= AC_ARG_ENABLE([athena], [ --enable-athena build with MIT Project Athena configuration], ath_compat=compat,) -# The following are tests for the presence of programs required for -# kadmin testing. -AC_CHECK_PROG(have_RUNTEST,runtest,runtest) -AC_CHECK_PROG(have_PERL,perl,perl) -if test "$have_PERL" = perl -a "$have_RUNTEST" = runtest -a "$TCL_LIBS" != ""; then - DO_TEST=ok -fi -AC_SUBST(DO_TEST) - -# The following are substituted into kadmin/testing/scripts/env-setup.sh -RBUILD=`pwd` -AC_SUBST(RBUILD) -case "$srcdir" in -/*) S_TOP=$srcdir ;; -*) S_TOP=`pwd`/$srcdir ;; -esac -AC_SUBST(S_TOP) -AC_PATH_PROG(EXPECT,expect) -# For kadmin/testing/util/Makefile.in -if test "$TCL_LIBS" != "" ; then - DO_ALL=tcl -fi -AC_SUBST(DO_ALL) + KRB5_AC_PRIOCNTL_HACK -K5_GEN_FILE(kadmin/testing/scripts/env-setup.sh:kadmin/testing/scripts/env-setup.shin) -# for lib/kadm5 -AC_CHECK_PROG(RUNTEST,runtest,runtest) + AC_CHECK_PROG(PERL,perl,perl) # lib/gssapi @@ -1552,7 +1528,7 @@ V5_AC_OUTPUT_MAKEFILE(. lib/rpc lib/rpc/unit-test - lib/kadm5 lib/kadm5/clnt lib/kadm5/srv lib/kadm5/unit-test + lib/kadm5 lib/kadm5/clnt lib/kadm5/srv lib/krad lib/apputils @@ -1588,7 +1564,6 @@ V5_AC_OUTPUT_MAKEFILE(. clients/kdestroy clients/kpasswd clients/ksu clients/kswitch kadmin kadmin/cli kadmin/dbutil kadmin/ktutil kadmin/server - kadmin/testing kadmin/testing/scripts kadmin/testing/util appl appl/sample appl/sample/sclient appl/sample/sserver diff --git a/src/kadmin/Makefile.in b/src/kadmin/Makefile.in index f4061f4f7..87cfa43fd 100644 --- a/src/kadmin/Makefile.in +++ b/src/kadmin/Makefile.in @@ -1,6 +1,6 @@ mydir=kadmin BUILDTOP=$(REL).. -SUBDIRS = cli dbutil ktutil server testing +SUBDIRS = cli dbutil ktutil server all: diff --git a/src/kadmin/testing/Makefile.in b/src/kadmin/testing/Makefile.in deleted file mode 100644 index 5b803cb23..000000000 --- a/src/kadmin/testing/Makefile.in +++ /dev/null @@ -1,8 +0,0 @@ -mydir=kadmin$(S)testing -BUILDTOP=$(REL)..$(S).. -SUBDIRS = scripts util - -all: - -clean: - -$(RM) -r krb5-test-root admin_* init-* *.rcache2 ovsec-* diff --git a/src/kadmin/testing/deps b/src/kadmin/testing/deps deleted file mode 100644 index 2feac3c9d..000000000 --- a/src/kadmin/testing/deps +++ /dev/null @@ -1 +0,0 @@ -# No dependencies here. diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto deleted file mode 100644 index 8a4b87de1..000000000 --- a/src/kadmin/testing/proto/kdc.conf.proto +++ /dev/null @@ -1,16 +0,0 @@ -[kdcdefaults] - kdc_listen = 1750 - kdc_tcp_listen = 1750 - -[realms] - __REALM__ = { - profile = __K5ROOT__/krb5.conf - database_name = __K5ROOT__/kdb5 - key_stash_file = __K5ROOT__/.k5.__REALM__ - acl_file = __K5ROOT__/ovsec_adm.acl - dict_file = __K5ROOT__/ovsec_adm.dict - kadmind_port = 1751 - kpasswd_port = 1752 - master_key_type = des3-hmac-sha1 - supported_enctypes = des3-hmac-sha1:normal aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal - } diff --git a/src/kadmin/testing/proto/krb5.conf.proto b/src/kadmin/testing/proto/krb5.conf.proto deleted file mode 100644 index a1c57119c..000000000 --- a/src/kadmin/testing/proto/krb5.conf.proto +++ /dev/null @@ -1,32 +0,0 @@ -[libdefaults] - default_realm = __REALM__ - default_keytab_name = FILE:__K5ROOT__/keytab - dns_fallback = no - dns_canonicalize_hostname = fallback - qualify_shortname = "" - plugin_base_dir = __PLUGIN_DIR__ - allow_weak_crypto = true - -[realms] - __REALM__ = { - kdc = __HOSTNAME__:1750 - admin_server = __HOSTNAME__:1751 - database_module = foobar_db2_module_blah - } - -[domain_realm] - __HOSTNAME__ = __REALM__ - -[logging] - admin_server = FILE:__K5ROOT__/syslog - kdc = FILE:__K5ROOT__/syslog - default = FILE:__K5ROOT__/syslog - - -# THIS SHOULD BE IN KDC.CONF INSTEAD! -[dbmodules] - db_module_dir = __MODDIR__ - foobar_db2_module_blah = { - db_library = db2 - database_name = __K5ROOT__/kdb5 - } diff --git a/src/kadmin/testing/proto/ovsec_adm.dict b/src/kadmin/testing/proto/ovsec_adm.dict deleted file mode 100644 index b54e3a85e..000000000 --- a/src/kadmin/testing/proto/ovsec_adm.dict +++ /dev/null @@ -1,3 +0,0 @@ -Abyssinia -Discordianism -foo diff --git a/src/kadmin/testing/scripts/Makefile.in b/src/kadmin/testing/scripts/Makefile.in deleted file mode 100644 index 635930511..000000000 --- a/src/kadmin/testing/scripts/Makefile.in +++ /dev/null @@ -1,18 +0,0 @@ -mydir=kadmin$(S)testing$(S)scripts -BUILDTOP=$(REL)..$(S)..$(S).. - -all: env-setup.sh runenv.sh $(GEN_SCRIPTS) - -# Should only rebuild env_setup.sh here (use CONFIG_FILES=), but the weird krb5 -# makefile post-processing is unconditional and would trash the makefile. -env-setup.sh: env-setup.stamp -env-setup.stamp: $(srcdir)/env-setup.shin $(BUILDTOP)/config.status \ - Makefile - (cd $(BUILDTOP) && \ - CONFIG_FILES=$(mydir)/env-setup.sh:$(mydir)/env-setup.shin $(SHELL) \ - config.status) - chmod +x env-setup.sh - touch env-setup.stamp - -clean: - -rm -f env-setup.sh env-setup.stamp diff --git a/src/kadmin/testing/scripts/deps b/src/kadmin/testing/scripts/deps deleted file mode 100644 index 2feac3c9d..000000000 --- a/src/kadmin/testing/scripts/deps +++ /dev/null @@ -1 +0,0 @@ -# No dependencies here. diff --git a/src/kadmin/testing/scripts/env-setup.shin b/src/kadmin/testing/scripts/env-setup.shin deleted file mode 100755 index 88f8ad1aa..000000000 --- a/src/kadmin/testing/scripts/env-setup.shin +++ /dev/null @@ -1,104 +0,0 @@ -#!/bin/sh -# -# The KADM5 unit tests were developed to work under gmake. As a -# result, they expect to inherit a number of environment variables. -# Rather than rewrite the tests, we simply use this script as an -# execution wrapper that sets all the necessary environment variables -# before running the program specified on its command line. -# -# The variable settings all came from OV's config.mk. -# -# Usage: env-setup.sh <command line> -# - -TOP=@RBUILD@/kadmin -STOP=@S_TOP@/kadmin -export TOP -export STOP -# These two may be needed in case $libdir references them. -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ ; eval "libdir=$libdir"; export libdir - -# The shared library run time setup -TOPLIBD=@RBUILD@/lib -PROG_LIBPATH=-L@RBUILD@/lib -BUILDTOP=@RBUILD@ -# XXX kludge! -PROG_RPATH=@RBUILD@/lib -# This converts $(TOPLIBD) to $TOPLIBD -cat > /tmp/env_setup$$ <<\EOF -@KRB5_RUN_ENV@ -EOF - -foo=`sed -e 's/(//g' -e 's/)//g' -e 's/\\\$\\\$/\$/g' /tmp/env_setup$$` -eval $foo -export @KRB5_RUN_VARS@ - -# This will get put in setup.csh for convenience -KRB5_RUN_ENV_CSH=`eval echo "$foo" | \ - sed -e 's/\([^=]*\)=\(.*\)/setenv \1 \2/g'` -export KRB5_RUN_ENV_CSH -rm /tmp/env_setup$$ - -TESTDIR=$TOP/testing; export TESTDIR -STESTDIR=$STOP/testing; export STESTDIR -if [ "$K5ROOT" = "" ]; then - K5ROOT="`cd $TESTDIR; pwd`/krb5-test-root" - export K5ROOT -fi - -# If $VERBOSE_TEST is non-null, enter verbose mode. Set $VERBOSE to -# true or false so its exit status identifies the mode. -if test x$VERBOSE_TEST = x; then - VERBOSE=false -else - VERBOSE=true -fi -export VERBOSE - -REALM=SECURE-TEST.OV.COM; export REALM - -if test x$EXPECT = x; then - EXPECT=@EXPECT@; export EXPECT -fi - -COMPARE_DUMP=$TESTDIR/scripts/compare_dump.pl; export COMPARE_DUMP -INITDB=$STESTDIR/scripts/init_db; export INITDB -SIMPLE_DUMP=$TESTDIR/scripts/simple_dump.pl; export SIMPLE_DUMP -TCLUTIL=$STESTDIR/tcl/util.t; export TCLUTIL -BSDDB_DUMP=$TESTDIR/util/bsddb_dump; export BSDDB_DUMP -CLNTTCL=$TESTDIR/util/kadm5_clnt_tcl; export CLNTTCL -SRVTCL=$TESTDIR/util/kadm5_srv_tcl; export SRVTCL - -HOSTNAME=`hostname | tr '[A-Z]' '[a-z]'` -export HOSTNAME - -KRB5_CONFIG=$K5ROOT/krb5.conf; export KRB5_CONFIG -KRB5_KDC_PROFILE=$K5ROOT/kdc.conf; export KRB5_KDC_PROFILE -KRB5_KTNAME=$K5ROOT/ovsec_adm.keytab; export KRB5_KTNAME -KRB5_CLIENT_KTNAME=$K5ROOT/client_keytab; export KRB5_CLIENT_KTNAME -KRB5CCNAME=$K5ROOT/krb5cc_unit-test; export KRB5CCNAME -GSS_MECH_CONFIG=$K5ROOT/mech.conf; export GSS_MECH_CONFIG - -# Make sure we don't get confused by translated messages -# or localized times. -LC_ALL=C; export LC_ALL - -if [ "x$PS_ALL" = "x" ]; then - if ps auxww >/dev/null 2>&1; then - PS_ALL="ps auxww" - PS_PID="ps uwwp" - elif ps -ef >/dev/null 2>&1; then - PS_ALL="ps -ef" - PS_PID="ps -fp" - else - PS_ALL="ps auxww" - PS_PID="ps uwwp" - echo "WARNING! Cannot auto-detect ps type, assuming BSD." - fi - - export PS_ALL PS_PID -fi - -exec ${1+"$@"} diff --git a/src/kadmin/testing/scripts/init_db b/src/kadmin/testing/scripts/init_db deleted file mode 100755 index 216f62793..000000000 --- a/src/kadmin/testing/scripts/init_db +++ /dev/null @@ -1,229 +0,0 @@ -#!/bin/sh - -if $VERBOSE; then - REDIRECT= -else - REDIRECT='>/dev/null' -fi - -# Requires that $K5ROOT, /etc/krb.conf, and .k5.$REALM be world-writeable. - -if [ "$TOP" = "" ]; then - echo "init_db: Environment variable \$TOP must point to top of build tree" 1>&2 - exit 1 -fi - -if [ "$STOP" = "" ]; then - echo "init_db: Environment variable \$STOP must point to top of source tree" 1>&2 - exit 1 -fi - -if [ "$libdir" = "" ]; then - echo "init_db: Environment variable \$libdir must point to library install directory" 1>&2 - exit 1 -fi - -IROOT=$TOP/.. -ADMIN=$TOP/dbutil -BIN=$IROOT/bin -ETC=$IROOT/etc -MODDIR=$TOP/../plugins/kdb -SBIN=$TOP/keytab:$TOP/server -DUMMY=${REALM=SECURE-TEST.OV.COM}; export REALM - -. ./runenv.sh - -if [ ! -d $MODDIR ]; then - echo "+++" 1>&2 - echo "+++ Error! $MODDIR does not exist!" 1>&2 - echo "+++ The MODDIR variable should point to the directory in which" 1>&2 - echo "+++ database modules have been installed for testing." 1>&2 - echo "+++" 1>&2 - exit 1 -fi - -DUMMY=${TESTDIR=$TOP/testing}; export TESTDIR -DUMMY=${STESTDIR=$STOP/testing} -DUMMY=${SRVTCL=$TESTDIR/util/kadm5_srv_tcl}; export SRVTCL -DUMMY=${TCLUTIL=$STESTDIR/tcl/util.t}; export TCLUTIL - -PATH=$ADMIN:$BIN:$ETC:$SBIN:$PATH; export PATH - -if [ ! -x $SRVTCL ]; then - echo "+++" 1>&2 - echo "+++ Error! $SRVTCL does not exist!" 1>&2 - echo "+++ It was probably not compiled because TCL was not available. If you" 1>&2 - echo "+++ now have TCL installed, cd into that directory, re-run configure" 1>&2 - echo "+++ with the --with-tcl option, and then re-run make." 1>&2 - echo "+++" 1>&2 - - exit 1 -fi - -rm -rf $K5ROOT/* -if [ -d $K5ROOT ]; then - true -else - mkdir $K5ROOT -fi - -# touch $K5ROOT/syslog -# for pid in `$PS_ALL | awk '/syslogd/ && !/awk/ {print $2}'` ; do -# case "$pid" in -# xxx) ;; -# *) -# if $VERBOSE; then $PS_PID$pid | grep -v COMMAND; fi -# kill -1 $pid -# ;; -# esac -# done - -sed -e "s/__REALM__/$REALM/g" -e "s#__K5ROOT__#$K5ROOT#g" \ - -e "s/__HOSTNAME__/$HOSTNAME/g" \ - -e "s#__MODDIR__#$MODDIR#g" \ - < $STESTDIR/proto/krb5.conf.proto > $K5ROOT/krb5.conf -sed -e "s/__REALM__/$REALM/g" -e "s#__K5ROOT__#$K5ROOT#g" \ - < $STESTDIR/proto/kdc.conf.proto > $K5ROOT/kdc.conf - -eval kdb5_util -r $REALM create -W -P mrroot -s $REDIRECT || exit 1 - -cp $STESTDIR/proto/ovsec_adm.dict $K5ROOT/ovsec_adm.dict - -cat - > /tmp/init_db$$ <<\EOF -source $env(TCLUTIL) -set r $env(REALM) -if {[info exists env(USER)]} { - set whoami $env(USER) -} else { - set whoami [exec whoami] -} - -set cmds { - {kadm5_init $env(SRVTCL) mrroot null \ - [config_params {KADM5_CONFIG_REALM} $r] $KADM5_STRUCT_VERSION \ - $KADM5_API_VERSION_3 server_handle} - - {kadm5_create_policy $server_handle "test-pol 0 10000 8 2 3 0 2 90 180" \ - {KADM5_POLICY KADM5_PW_MIN_LENGTH KADM5_PW_MIN_CLASSES KADM5_PW_MAX_LIFE KADM5_PW_HISTORY_NUM KADM5_PW_MAX_FAILURE KADM5_PW_FAILURE_COUNT_INTERVAL KADM5_PW_LOCKOUT_DURATION}} - {kadm5_create_policy $server_handle "once-a-min 10 0 0 0 0 0 0 0 0" \ - {KADM5_POLICY KADM5_PW_MIN_LIFE}} - {kadm5_create_policy $server_handle "dict-only 0 0 0 0 0 0 0 0 0" \ - {KADM5_POLICY}} - {kadm5_create_policy $server_handle [simple_policy test-pol-nopw] \ - {KADM5_POLICY}} - - {kadm5_create_principal $server_handle \ - [simple_principal testuser@$r] {KADM5_PRINCIPAL} notathena} - {kadm5_create_principal $server_handle \ - [simple_principal test1@$r] {KADM5_PRINCIPAL} test1} - {kadm5_create_principal $server_handle \ - [simple_principal test2@$r] {KADM5_PRINCIPAL} test2} - {kadm5_create_principal $server_handle \ - [simple_principal test3@$r] {KADM5_PRINCIPAL} test3} - {kadm5_create_principal $server_handle \ - [simple_principal admin@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/get@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/modify@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/delete@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/add@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/none@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/rename@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/mod-add@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/mod-delete@$r] {KADM5_PRINCIPAL} \ - admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/get-add@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/get-delete@$r] {KADM5_PRINCIPAL} \ - admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/get-mod@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/no-add@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [simple_principal admin/no-delete@$r] {KADM5_PRINCIPAL} admin} - {kadm5_create_principal $server_handle \ - [princ_w_pol pol1@$r test-pol] {KADM5_PRINCIPAL \ - KADM5_POLICY} pol111111} - {kadm5_create_principal $server_handle \ - [princ_w_pol pol2@$r once-a-min] {KADM5_PRINCIPAL \ - KADM5_POLICY} pol222222} - {kadm5_create_principal $server_handle \ - [princ_w_pol pol3@$r dict-only] {KADM5_PRINCIPAL \ - KADM5_POLICY} pol333333} - {kadm5_create_principal $server_handle \ - [princ_w_pol admin/get-pol@$r test-pol-nopw] \ - {KADM5_PRINCIPAL KADM5_POLICY} StupidAdmin} - {kadm5_create_principal $server_handle \ - [princ_w_pol admin/pol@$r test-pol-nopw] {KADM5_PRINCIPAL \ - KADM5_POLICY} StupidAdmin} - - {kadm5_create_principal $server_handle \ - [simple_principal changepw/kerberos] \ - {KADM5_PRINCIPAL} {XXX THIS IS WRONG}} - - {kadm5_create_principal $server_handle \ - [simple_principal $whoami] \ - {KADM5_PRINCIPAL} $whoami} - - {kadm5_create_principal $server_handle \ - [simple_principal testkeys@$r] {KADM5_PRINCIPAL} testkeys} - - {kadm5_destroy $server_handle} -} - -foreach cmd $cmds { - if {[catch $cmd output]} { - puts stderr "Error! Command: $cmd\nError: $output" - exit 1 - } else { - puts stdout $output - } -} -EOF -eval "$SRVTCL < /tmp/init_db$$ $REDIRECT" -rm /tmp/init_db$$ - -if [ $? -ne 0 ]; then - echo "Error in $SRVTCL!" 1>&2 - exit 1 -fi - -cat > $K5ROOT/ovsec_adm.acl <<EOF -admin@$REALM admcilse -admin/get@$REALM il -admin/modify@$REALM mc -admin/delete@$REALM d -admin/add@$REALM a -admin/get-pol@$REALM il -admin/rename@$REALM adil -admin/mod-add@$REALM amc -admin/mod-delete@$REALM mcd -admin/get-add@$REALM ail -admin/get-delete@$REALM ild -admin/get-mod@$REALM ilmc -admin/no-add@$REALM mcdil -admin/no-delete@$REALM amcil -changepw/kerberos@$REALM cil - -EOF - -# Create $K5ROOT/setup.csh to make it easy to run other programs against -# the test db -cat > $K5ROOT/setup.csh <<EOF -setenv KRB5_CONFIG $KRB5_CONFIG -setenv KRB5_KDC_PROFILE $KRB5_KDC_PROFILE -setenv KRB5_KTNAME $KRB5_KTNAME -setenv KRB5_CLIENT_KTNAME $KRB5_CLIENT_KTNAME -setenv GSS_MECH_CONFIG $GSS_MECH_CONFIG -$KRB5_RUN_ENV_CSH -EOF - diff --git a/src/kadmin/testing/scripts/start_servers b/src/kadmin/testing/scripts/start_servers deleted file mode 100755 index 05519e4ee..000000000 --- a/src/kadmin/testing/scripts/start_servers +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -# -# Usage: start_servers [hostname [path]] -# -# This script turns a host into a OpenV*Secure primary server for the -# realm SECURE-TEST.OV.COM. If no arguments are specified, -# the local host is affected. Otherwise, the host hostname is -# affected; the path argument is the top of the Secure install tree on -# that host, and if it is not specified the current canonical value of -# TOP is used. - -DUMMY=${TESTDIR=$TOP/testing} -DUMMY=${STESTDIR=$STOP/testing} -DUMMY=${START_SERVERS_LOCAL=$STESTDIR/scripts/start_servers_local} -# This'll be wrong sometimes -DUMMY=${RSH_CMD=rsh} - -local=1 - -if [ $# -gt 0 ]; then - if [ $# != 1 -a $# != 2 ]; then - echo "Usage: $0 [hostname [path]]" 1>&2 - exit 1 - fi - - local=0 - hostname=$1 - if [ $# = 1 ]; then - rempath=`sh -c "cd $TOP && pwd"` - else - rempath=$2 - fi -fi - -if [ $local = 0 ]; then - - # Fix up the local krb5.conf to point to the remote - sed -e "s/__REALM__/$REALM/g" -e "s#__K5ROOT__#$K5ROOT#g" \ - -e "s/__HOSTNAME__/$HOSTNAME/g" \ - -e "s#__MODDIR__#$TOP/../plugins/kdb#g"\ - -e "s#__PLUGIN_DIR__#$TOP/../plugins#g"\ - < $STESTDIR/proto/krb5.conf.proto > $K5ROOT/krb5.conf - -# Using /usr/ucb/rsh and getting rid of "-k $REALM" until we get -# around to fixing the fact that Kerberos rsh doesn't strip out "-k -# REALM" when falling back. - - START_SERVERS_LOCAL=`echo $START_SERVERS_LOCAL|sed "s%$TOP%$rempath%"` - CMD="$RSH_CMD $hostname -n \ - \"sh -c 'VERBOSE_TEST=$VERBOSE_TEST TOP=$rempath \ - $rempath/testing/scripts/env-setup.sh \ - $START_SERVERS_LOCAL $rempath'\"" - - if $VERBOSE; then - echo "+++" - echo "+++ Begin execution of start_servers_local on $hostname" - echo "+++" - echo $CMD - fi - eval $CMD - if $VERBOSE; then - echo "+++" - echo "+++ End execution of start_servers_local on $hostname" - echo "+++" - fi -else - $START_SERVERS_LOCAL -fi - diff --git a/src/kadmin/testing/scripts/start_servers_local b/src/kadmin/testing/scripts/start_servers_local deleted file mode 100755 index 858e88031..000000000 --- a/src/kadmin/testing/scripts/start_servers_local +++ /dev/null @@ -1,157 +0,0 @@ -#!/bin/sh - -DUMMY=${TESTDIR=$TOP/testing} -DUMMY=${STESTDIR=$STOP/testing} -DUMMY=${INITDB=$STESTDIR/scripts/init_db} -DUMMY=${SRVTCL=$TESTDIR/util/kadm5_srv_tcl}; export SRVTCL -DUMMY=${STOP_SERVERS_LOCAL=$STESTDIR/scripts/stop_servers_local} -DUMMY=${KRB5RCACHEDIR=$TESTDIR} ; export KRB5RCACHEDIR - -. ./runenv.sh - -if [ -d /usr/tmp ]; then - usrtmp=/usr/tmp -else - usrtmp=/var/tmp -fi - -$STOP_SERVERS_LOCAL -start_servers - -if $VERBOSE; then - REDIRECT= -else - REDIRECT='>/dev/null' -fi - -while :; do - case $1 in - -keysalt) - shift - if [ $# -gt 0 ]; then - keysalts="$keysalts $1" - else - break - fi - ;; - -kdcport) - shift - if [ $# -gt 0 ]; then - kdcport=$1 - else - break - fi - ;; - *) - break - ;; - esac - shift -done - -if [ $# -gt 1 ]; then - echo "Usage: $0 [-kdcport port] [-keysalts tuple] ... [top]" 1>&2 - exit 1 -elif [ $# = 1 ]; then - TOP=$1 - export TOP -fi - -# create a fresh db - -$INITDB "$keysalts" || exit 1 - -# Post-process the config files based on our arguments -if [ "$keysalts" != "" ]; then - sedcmd="s/\([ ]*supported_enctypes =\).*/\1 $keysalts/" - sed -e "$sedcmd" < $K5ROOT/kdc.conf > $K5ROOT/kdc.conf.new - mv $K5ROOT/kdc.conf.new $K5ROOT/kdc.conf -fi -if [ "$kdcport" != "" ] ; then - sedcmd="s/\(kdc_ports = .*\)[ ]*/\1, $kdcport/" - sed -e "$sedcmd" < $K5ROOT/kdc.conf > $K5ROOT/kdc.conf.new - mv $K5ROOT/kdc.conf.new $K5ROOT/kdc.conf -fi - -# allow admin to krlogin as root (for cleanup) -DUMMY=${REALM=SECURE-TEST.OV.COM}; export REALM - -cat - > /tmp/start_servers_local$$ <<\EOF -if { [catch { - source $env(STOP)/testing/tcl/util.t - set r $env(REALM) - set q $env(HOSTNAME) - puts stdout [kadm5_init $env(SRVTCL) mrroot null \ - [config_params {KADM5_CONFIG_REALM} $r] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 server_handle] - puts stdout [kadm5_create_principal $server_handle \ - [simple_principal host/$q@$r] {KADM5_PRINCIPAL} notathena] - puts stdout [kadm5_destroy $server_handle] -} err]} { - puts stderr "initialization error: $err" - exit 1 -} -exit 0 -EOF -eval "$SRVTCL < /tmp/start_servers_local$$ $REDIRECT" -x=$? -rm /tmp/start_servers_local$$ -if test $x != 0 ; then exit 1 ; fi - -# run the servers (from the build tree) - -adm_start_file=/tmp/adm_server_start.$$ -kdc_start_file=/tmp/kdc_server_start.$$ - -rm -f $kdc_start_file - -if test "x$USER" = x ; then - USER=$LOGNAME ; export USER -fi - -kdc_args="-R dfl:kdc_rcache.$USER" - -(trap "" 2; $TOP/../kdc/krb5kdc $kdc_args; touch $kdc_start_file) \ - < /dev/null > $usrtmp/kdc-log.$USER 2>&1 & - -s=1 -max_s=60 -sofar_s=0 -timewait_s=300 - -ovadm_args=-W - -rm -f $adm_start_file - -(sleep 1; $TOP/server/kadmind $ovadm_args; \ - touch $adm_start_file) < /dev/null > $usrtmp/kadm-log.$USER 2>&1 & - -# wait until they start - -while [ $sofar_s -le $max_s ]; do - if $VERBOSE; then - echo "Sleeping for $s seconds to allow servers" \ - "to start..." - fi - - sofar_s=`expr $sofar_s + $s` - - sleep $s - - if [ -f $adm_start_file -a -f $kdc_start_file ]; then - break - fi -done - -if [ $sofar_s -gt $max_s ]; then - echo "Admin server or KDC failed to start after $sofar_s" \ - "seconds." 1>&2 - if [ ! -f $adm_start_file ]; then - echo " No admin server start file $adm_start_file." 1>&2 - fi - if [ ! -f $kdc_start_file ]; then - echo " No KDC start file $adm_start_file." 1>&2 - fi - exit 1 -fi - -rm -f $kdc_start_file $adm_start_file diff --git a/src/kadmin/testing/scripts/stop_servers b/src/kadmin/testing/scripts/stop_servers deleted file mode 100755 index b7f8384ca..000000000 --- a/src/kadmin/testing/scripts/stop_servers +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/sh -# -# Usage: stop_servers [hostname [path]] -# -# This script turns a host into a OpenV*Secure primary server for the -# realm SECURE-TEST.OV.COM. If no arguments are specified, -# the local host is affected. Otherwise, the host hostname is -# affected; the path argument is the top of the Secure install tree on -# that host, and if it is not specified the current canonical value of -# TOP is used. - -DUMMY=${TESTDIR=$TOP/testing} -DUMMY=${STESTDIR=$STOP/testing} -DUMMY=${STOP_SERVERS_LOCAL=$STESTDIR/scripts/stop_servers_local} -# This'll be wrong sometimes -DUMMY=${RSH_CMD=rsh} - -local=1 - -if [ $# -gt 0 ]; then - if [ $# != 1 -a $# != 2 ]; then - echo "Usage: $0 [hostname [path]]" 1>&2 - exit 1 - fi - - local=0 - hostname=$1 - if [ $# = 1 ]; then - rempath=`sh -c "cd $TOP && pwd"` - else - rempath=$2 - fi -fi - -if [ $local = 0 ]; then - if $VERBOSE; then - echo "+++ Stopping servers on remote host $hostname..." - fi - - STOP_SERVERS_LOCAL=`echo $STOP_SERVERS_LOCAL | sed "s%$TOP%$rempath%"` - CMD="$RSH_CMD $hostname -n \ - \"sh -c 'VERBOSE_TEST=$VERBOSE_TEST TOP=$rempath \ - $rempath/testing/scripts/env-setup.sh \ - $STOP_SERVERS_LOCAL $rempath'\"" - - if $VERBOSE; then - echo "+++" - echo "+++ Begin execution of stop_servers_local on $hostname" - echo "+++" - echo $CMD - fi - eval $CMD - if $VERBOSE; then - echo "+++" - echo "+++ End execution of stop_servers_local on $hostname" - echo "+++" - fi -else - $STOP_SERVERS_LOCAL -fi diff --git a/src/kadmin/testing/scripts/stop_servers_local b/src/kadmin/testing/scripts/stop_servers_local deleted file mode 100755 index 24a9de7b3..000000000 --- a/src/kadmin/testing/scripts/stop_servers_local +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh - -DUMMY=${TESTDIR=$TOP/testing} -DUMMY=${KRB5RCACHEDIR=$TESTDIR} - -while [ $# -gt 0 ] ; do - case $1 in - -start_servers) - start_servers=$1 - ;; - *) - TOP=$1 - export TOP - ;; - esac - shift -done - -# kill any running servers. - -if $VERBOSE; then echo "Killing servers:"; fi - -for pid in xxx \ - `$PS_ALL | grep krb5kdc | grep -v grep | awk '{print $2}'` \ - `$PS_ALL | grep kadmind | grep -v grep | awk '{print $2}'` \ - ; do - case "$pid" in - xxx) - ;; - *) - if $VERBOSE; then $PS_PID$pid | grep -v COMMAND; fi - kill $pid - ;; - esac -done - -# Destroy the kdc replay cache so we don't lose if we try to run the -# KDC as another unix user. -if test "x$USER" = x ; then - USER=$LOGNAME -fi -rm -f $KRB5RCACHEDIR/krb5kdc_rcache.$USER - -exit 0 diff --git a/src/kadmin/testing/tcl/util.t b/src/kadmin/testing/tcl/util.t deleted file mode 100644 index 6751f89e6..000000000 --- a/src/kadmin/testing/tcl/util.t +++ /dev/null @@ -1,58 +0,0 @@ -proc simple_principal {name} { - return "{$name} 0 0 0 0 {$name} 0 0 0 0 null 0" -} - -proc princ_w_pol {name policy} { - return "{$name} 0 0 0 0 {$name} 0 0 0 0 {$policy} 0" -} - -proc simple_policy {name} { - return "{$name} 0 0 0 0 0 0 0 0 0" -} - -proc config_params {masks values} { - if {[llength $masks] != [llength $values]} { - error "config_params: length of mask and values differ" - } - - set params [list $masks 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 {}] - for {set i 0} {$i < [llength $masks]} {incr i} { - set mask [lindex $masks $i] - set value [lindex $values $i] - switch -glob -- $mask { - "KADM5_CONFIG_REALM" {set params [lreplace $params 1 1 $value]} - "KADM5_CONFIG_KADMIND_PORT" { - set params [lreplace $params 2 2 $value]} - "KADM5_CONFIG_ADMIN_SERVER" { - set params [lreplace $params 3 3 $value]} - "KADM5_CONFIG_DBNAME" {set params [lreplace $params 4 4 $value]} - "KADM5_CONFIG_ADBNAME" {set params [lreplace $params 5 5 $value]} - "KADM5_CONFIG_ADB_LOCKFILE" { - set params [lreplace $params 6 6 $value]} - "KADM5_CONFIG_ACL_FILE" {set params [lreplace $params 8 8 $value]} - "KADM5_CONFIG_DICT_FILE" { - set params [lreplace $params 9 9 $value]} - "KADM5_CONFIG_MKEY_FROM_KBD" { - set params [lreplace $params 10 10 $value]} - "KADM5_CONFIG_STASH_FILE" { - set params [lreplace $params 11 11 $value]} - "KADM5_CONFIG_MKEY_NAME" { - set params [lreplace $params 12 12 $value]} - "KADM5_CONFIG_ENCTYPE" {set params [lreplace $params 13 13 $value]} - "KADM5_CONFIG_MAX_LIFE" { - set params [lreplace $params 14 14 $value]} - "KADM5_CONFIG_MAX_RLIFE" { - set params [lreplace $params 15 15 $value]} - "KADM5_CONFIG_EXPIRATION" { - set params [lreplace $params 16 16 $value]} - "KADM5_CONFIG_FLAGS" {set params [lreplace $params 17 17 $value]} - "KADM5_CONFIG_ENCTYPES" { - set params [lreplace $params 18 19 [llength $value] $value]} - "*" {error "config_params: unknown mask $mask"} - } - } - return $params -} - - - diff --git a/src/kadmin/testing/util/Makefile.in b/src/kadmin/testing/util/Makefile.in deleted file mode 100644 index 7785c742e..000000000 --- a/src/kadmin/testing/util/Makefile.in +++ /dev/null @@ -1,42 +0,0 @@ -mydir=kadmin$(S)testing$(S)util -BUILDTOP=$(REL)..$(S)..$(S).. -LOCALINCLUDES = $(TCL_INCLUDES) -I$(BUILDTOP)/lib/kdb/ -# Force Tcl headers to use stdarg.h, because krb5 does too, and if -# Tcl uses varargs.h it'll just mess things up. -DEFINES= -DHAS_STDARG -KRB5_PTHREAD_LIB=$(THREAD_LINKOPTS) - -PROG_LIBPATH=-L$(TOPLIBD) $(TCL_LIBPATH) -PROG_RPATH=$(KRB5_LIBDIR)$(TCL_RPATH) - -SRCS = $(srcdir)/tcl_kadm5.c $(srcdir)/test.c -OBJS = tcl_kadm5.o test.o - -CLNTPROG= kadm5_clnt_tcl -SRVPROG = kadm5_srv_tcl - -DO_ALL=@DO_ALL@ - -all: all-$(DO_ALL) - -all-: - @echo "+++" - @echo "+++ WARNING: Tcl not available. The kadm5 tests will not be run." - @echo "+++" - @echo 'Skipped kadm5 tests: Tcl not found' >> $(SKIPTESTS) - -all-tcl: $(CLNTPROG) $(SRVPROG) - -$(SRVPROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o $(SRVPROG) $(OBJS) $(TCL_MAYBE_RPATH) \ - $(KADMSRV_LIBS) $(KRB5_PTHREAD_LIB) $(KRB5_BASE_LIBS) $(TCL_LIBS) - -$(CLNTPROG): $(OBJS) $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o $(CLNTPROG) $(OBJS) $(TCL_MAYBE_RPATH) \ - $(KRB5_PTHREAD_LIB) $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS) $(TCL_LIBS) - -bsddb_dump: bsddb_dump.o - $(CC_LINK) -o bsddb_dump bsddb_dump.o $(KADMSRV_LIBS) - -clean: - $(RM) $(CLNTPROG) $(SRVPROG) diff --git a/src/kadmin/testing/util/bsddb_dump.c b/src/kadmin/testing/util/bsddb_dump.c deleted file mode 100644 index 5dbe7ae9c..000000000 --- a/src/kadmin/testing/util/bsddb_dump.c +++ /dev/null @@ -1,65 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * $Id$ - */ - -#include <sys/file.h> -#include <fcntl.h> -#include <db.h> -#include <stdio.h> - -main(int argc, char *argv[]) -{ - char *file; - DB *db; - DBT dbkey, dbdata; - int code, i; - - HASHINFO info; - - info.hash = NULL; - info.bsize = 256; - info.ffactor = 8; - info.nelem = 25000; - info.lorder = 0; - - if (argc != 2) { - fprintf(stderr, "usage: argv[0] dbfile\n"); - exit(2); - } - - file = argv[1]; - - if((db = dbopen(file, O_RDWR, 0666, DB_HASH, &info)) == NULL) { - perror("Opening db file"); - exit(1); - } - - if ((code = (*db->seq)(db, &dbkey, &dbdata, R_FIRST)) == -1) { - perror("starting db iteration"); - exit(1); - } - - while (code == 0) { - for (i=0; i<dbkey.size; i++) - printf("%02x", (int) ((unsigned char *) dbkey.data)[i]); - printf("\t"); - for (i=0; i<dbdata.size; i++) - printf("%02x", (int) ((unsigned char *) dbdata.data)[i]); - printf("\n"); - - code = (*db->seq)(db, &dbkey, &dbdata, R_NEXT); - } - - if (code == -1) { - perror("during db iteration"); - exit(1); - } - - if ((*db->close)(db) == -1) { - perror("closing db"); - exit(1); - } - - exit(0); -} diff --git a/src/kadmin/testing/util/deps b/src/kadmin/testing/util/deps deleted file mode 100644 index ca828a85c..000000000 --- a/src/kadmin/testing/util/deps +++ /dev/null @@ -1,16 +0,0 @@ -# -# Generated makefile dependencies follow. -# -$(OUTPRE)tcl_kadm5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ - $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/lib/kdb/adb_err.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ - $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ - $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ - $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ - $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ - $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ - $(top_srcdir)/include/krb5.h tcl_kadm5.c tcl_kadm5.h -$(OUTPRE)test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - tcl_kadm5.h test.c diff --git a/src/kadmin/testing/util/tcl_kadm5.c b/src/kadmin/testing/util/tcl_kadm5.c deleted file mode 100644 index 864a929c8..000000000 --- a/src/kadmin/testing/util/tcl_kadm5.c +++ /dev/null @@ -1,2566 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include "autoconf.h" -#include <stdio.h> -#include <string.h> -#if HAVE_TCL_H -#include <tcl.h> -#elif HAVE_TCL_TCL_H -#include <tcl/tcl.h> -#endif -#define USE_KADM5_API_VERSION 2 -#include <kadm5/admin.h> -#include <com_err.h> -#include <errno.h> -#include <stdlib.h> -#include <adb_err.h> -#include "tcl_kadm5.h" - -struct flagval { - char *name; - krb5_flags val; -}; - -/* XXX This should probably be in the hash table like server_handle */ -static krb5_context context; - -static struct flagval krb5_flags_array[] = { - {"KRB5_KDB_DISALLOW_POSTDATED", KRB5_KDB_DISALLOW_POSTDATED}, - {"KRB5_KDB_DISALLOW_FORWARDABLE", KRB5_KDB_DISALLOW_FORWARDABLE}, - {"KRB5_KDB_DISALLOW_TGT_BASED", KRB5_KDB_DISALLOW_TGT_BASED}, - {"KRB5_KDB_DISALLOW_RENEWABLE", KRB5_KDB_DISALLOW_RENEWABLE}, - {"KRB5_KDB_DISALLOW_PROXIABLE", KRB5_KDB_DISALLOW_PROXIABLE}, - {"KRB5_KDB_DISALLOW_DUP_SKEY", KRB5_KDB_DISALLOW_DUP_SKEY}, - {"KRB5_KDB_DISALLOW_ALL_TIX", KRB5_KDB_DISALLOW_ALL_TIX}, - {"KRB5_KDB_REQUIRES_PRE_AUTH", KRB5_KDB_REQUIRES_PRE_AUTH}, - {"KRB5_KDB_REQUIRES_HW_AUTH", KRB5_KDB_REQUIRES_HW_AUTH}, - {"KRB5_KDB_REQUIRES_PWCHANGE", KRB5_KDB_REQUIRES_PWCHANGE}, - {"KRB5_KDB_DISALLOW_SVR", KRB5_KDB_DISALLOW_SVR}, - {"KRB5_KDB_PWCHANGE_SERVICE", KRB5_KDB_PWCHANGE_SERVICE} -}; - -static struct flagval aux_attributes[] = { - {"KADM5_POLICY", KADM5_POLICY} -}; - -static struct flagval principal_mask_flags[] = { - {"KADM5_PRINCIPAL", KADM5_PRINCIPAL}, - {"KADM5_PRINC_EXPIRE_TIME", KADM5_PRINC_EXPIRE_TIME}, - {"KADM5_PW_EXPIRATION", KADM5_PW_EXPIRATION}, - {"KADM5_LAST_PWD_CHANGE", KADM5_LAST_PWD_CHANGE}, - {"KADM5_ATTRIBUTES", KADM5_ATTRIBUTES}, - {"KADM5_MAX_LIFE", KADM5_MAX_LIFE}, - {"KADM5_MOD_TIME", KADM5_MOD_TIME}, - {"KADM5_MOD_NAME", KADM5_MOD_NAME}, - {"KADM5_KVNO", KADM5_KVNO}, - {"KADM5_MKVNO", KADM5_MKVNO}, - {"KADM5_AUX_ATTRIBUTES", KADM5_AUX_ATTRIBUTES}, - {"KADM5_POLICY", KADM5_POLICY}, - {"KADM5_POLICY_CLR", KADM5_POLICY_CLR}, - {"KADM5_MAX_RLIFE", KADM5_MAX_RLIFE}, - {"KADM5_LAST_SUCCESS", KADM5_LAST_SUCCESS}, - {"KADM5_LAST_FAILED", KADM5_LAST_FAILED}, - {"KADM5_FAIL_AUTH_COUNT", KADM5_FAIL_AUTH_COUNT}, - {"KADM5_KEY_DATA", KADM5_KEY_DATA}, - {"KADM5_TL_DATA", KADM5_TL_DATA}, - {"KADM5_PRINCIPAL_NORMAL_MASK", KADM5_PRINCIPAL_NORMAL_MASK} -}; - -static struct flagval policy_mask_flags[] = { - {"KADM5_POLICY", KADM5_POLICY}, - {"KADM5_PW_MAX_LIFE", KADM5_PW_MAX_LIFE}, - {"KADM5_PW_MIN_LIFE", KADM5_PW_MIN_LIFE}, - {"KADM5_PW_MIN_LENGTH", KADM5_PW_MIN_LENGTH}, - {"KADM5_PW_MIN_CLASSES", KADM5_PW_MIN_CLASSES}, - {"KADM5_PW_HISTORY_NUM", KADM5_PW_HISTORY_NUM}, - {"KADM5_REF_COUNT", KADM5_REF_COUNT}, - {"KADM5_PW_MAX_FAILURE", KADM5_PW_MAX_FAILURE}, - {"KADM5_PW_FAILURE_COUNT_INTERVAL", KADM5_PW_FAILURE_COUNT_INTERVAL}, - {"KADM5_PW_LOCKOUT_DURATION", KADM5_PW_LOCKOUT_DURATION}, -}; - -static struct flagval config_mask_flags[] = { - {"KADM5_CONFIG_REALM", KADM5_CONFIG_REALM}, - {"KADM5_CONFIG_DBNAME", KADM5_CONFIG_DBNAME}, - {"KADM5_CONFIG_MKEY_NAME", KADM5_CONFIG_MKEY_NAME}, - {"KADM5_CONFIG_MAX_LIFE", KADM5_CONFIG_MAX_LIFE}, - {"KADM5_CONFIG_MAX_RLIFE", KADM5_CONFIG_MAX_RLIFE}, - {"KADM5_CONFIG_EXPIRATION", KADM5_CONFIG_EXPIRATION}, - {"KADM5_CONFIG_FLAGS", KADM5_CONFIG_FLAGS}, - {"KADM5_CONFIG_STASH_FILE", KADM5_CONFIG_STASH_FILE}, - {"KADM5_CONFIG_ENCTYPE", KADM5_CONFIG_ENCTYPE}, - {"KADM5_CONFIG_ADBNAME", KADM5_CONFIG_ADBNAME}, - {"KADM5_CONFIG_ADB_LOCKFILE", KADM5_CONFIG_ADB_LOCKFILE}, - {"KADM5_CONFIG_ACL_FILE", KADM5_CONFIG_ACL_FILE}, - {"KADM5_CONFIG_KADMIND_PORT", KADM5_CONFIG_KADMIND_PORT}, - {"KADM5_CONFIG_ENCTYPES", KADM5_CONFIG_ENCTYPES}, - {"KADM5_CONFIG_ADMIN_SERVER", KADM5_CONFIG_ADMIN_SERVER}, - {"KADM5_CONFIG_DICT_FILE", KADM5_CONFIG_DICT_FILE}, - {"KADM5_CONFIG_MKEY_FROM_KBD", KADM5_CONFIG_MKEY_FROM_KBD}, -}; - -static struct flagval priv_flags[] = { - {"KADM5_PRIV_GET", KADM5_PRIV_GET}, - {"KADM5_PRIV_ADD", KADM5_PRIV_ADD}, - {"KADM5_PRIV_MODIFY", KADM5_PRIV_MODIFY}, - {"KADM5_PRIV_DELETE", KADM5_PRIV_DELETE} -}; - - -static char *arg_error = "wrong # args"; - -static Tcl_HashTable *struct_table = 0; - -static int put_server_handle(Tcl_Interp *interp, void *handle, char **name) -{ - int i = 1, newPtr = 0; - static char buf[20]; - Tcl_HashEntry *entry; - - if (! struct_table) { - if (! (struct_table = - malloc(sizeof(*struct_table)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - Tcl_InitHashTable(struct_table, TCL_STRING_KEYS); - } - - do { - sprintf(buf, "kadm5_handle%d", i); - entry = Tcl_CreateHashEntry(struct_table, buf, &newPtr); - i++; - } while (! newPtr); - - Tcl_SetHashValue(entry, handle); - - *name = buf; - - return TCL_OK; -} - -static int get_server_handle(Tcl_Interp *interp, const char *name, - void **handle) -{ - Tcl_HashEntry *entry; - - if(!strcasecmp(name, "null")) - *handle = 0; - else { - if (! (struct_table && - (entry = Tcl_FindHashEntry(struct_table, name)))) { - Tcl_AppendResult(interp, "unknown server handle ", name, 0); - return TCL_ERROR; - } - *handle = (void *) Tcl_GetHashValue(entry); - } - return TCL_OK; -} - -static int remove_server_handle(Tcl_Interp *interp, const char *name) -{ - Tcl_HashEntry *entry; - - if (! (struct_table && - (entry = Tcl_FindHashEntry(struct_table, name)))) { - Tcl_AppendResult(interp, "unknown server handle ", name, 0); - return TCL_ERROR; - } - - Tcl_SetHashValue(entry, NULL); - return TCL_OK; -} - -#define GET_HANDLE(num_args, ignored) \ - void *server_handle; \ - const char *whoami = argv[0]; \ - argv++, argc--; \ - if (argc != num_args + 1) { \ - Tcl_AppendResult(interp, whoami, ": ", arg_error, 0); \ - return TCL_ERROR; \ - } \ - { \ - int ltcl_ret; \ - if ((ltcl_ret = get_server_handle(interp, argv[0], &server_handle)) \ - != TCL_OK) { \ - return ltcl_ret; \ - } \ - } \ - argv++, argc--; - -static Tcl_HashTable *create_flag_table(struct flagval *flags, int size) -{ - Tcl_HashTable *table; - Tcl_HashEntry *entry; - int i; - - if (! (table = (Tcl_HashTable *) malloc(sizeof(Tcl_HashTable)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_InitHashTable(table, TCL_STRING_KEYS); - - for (i = 0; i < size; i++) { - int newPtr; - - if (! (entry = Tcl_CreateHashEntry(table, flags[i].name, &newPtr))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_SetHashValue(entry, &flags[i].val); - } - - return table; -} - - -static Tcl_DString *unparse_str(char *in_str) -{ - Tcl_DString *str; - - if (! (str = malloc(sizeof(*str)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_DStringInit(str); - - if (! in_str) { - Tcl_DStringAppend(str, "null", -1); - } - else { - Tcl_DStringAppend(str, in_str, -1); - } - - return str; -} - - - -static int parse_str(Tcl_Interp *interp, const char *in_str, char **out_str) -{ - if (! in_str) { - *out_str = 0; - } - else if (! strcasecmp(in_str, "null")) { - *out_str = 0; - } - else { - *out_str = (char *) in_str; - } - return TCL_OK; -} - - -static void set_ok(Tcl_Interp *interp, char *string) -{ - Tcl_SetResult(interp, "OK", TCL_STATIC); - Tcl_AppendElement(interp, "KADM5_OK"); - Tcl_AppendElement(interp, string); -} - - - -static Tcl_DString *unparse_err(kadm5_ret_t code) -{ - char *code_string; - const char *error_string; - Tcl_DString *dstring; - - switch (code) { - case KADM5_FAILURE: code_string = "KADM5_FAILURE"; break; - case KADM5_AUTH_GET: code_string = "KADM5_AUTH_GET"; break; - case KADM5_AUTH_ADD: code_string = "KADM5_AUTH_ADD"; break; - case KADM5_AUTH_MODIFY: - code_string = "KADM5_AUTH_MODIFY"; break; - case KADM5_AUTH_DELETE: - code_string = "KADM5_AUTH_DELETE"; break; - case KADM5_AUTH_INSUFFICIENT: - code_string = "KADM5_AUTH_INSUFFICIENT"; break; - case KADM5_BAD_DB: code_string = "KADM5_BAD_DB"; break; - case KADM5_DUP: code_string = "KADM5_DUP"; break; - case KADM5_RPC_ERROR: code_string = "KADM5_RPC_ERROR"; break; - case KADM5_NO_SRV: code_string = "KADM5_NO_SRV"; break; - case KADM5_BAD_HIST_KEY: - code_string = "KADM5_BAD_HIST_KEY"; break; - case KADM5_NOT_INIT: code_string = "KADM5_NOT_INIT"; break; - case KADM5_INIT: code_string = "KADM5_INIT"; break; - case KADM5_BAD_PASSWORD: - code_string = "KADM5_BAD_PASSWORD"; break; - case KADM5_UNK_PRINC: code_string = "KADM5_UNK_PRINC"; break; - case KADM5_UNK_POLICY: code_string = "KADM5_UNK_POLICY"; break; - case KADM5_BAD_MASK: code_string = "KADM5_BAD_MASK"; break; - case KADM5_BAD_CLASS: code_string = "KADM5_BAD_CLASS"; break; - case KADM5_BAD_LENGTH: code_string = "KADM5_BAD_LENGTH"; break; - case KADM5_BAD_POLICY: code_string = "KADM5_BAD_POLICY"; break; - case KADM5_BAD_HISTORY: code_string = "KADM5_BAD_HISTORY"; break; - case KADM5_BAD_PRINCIPAL: - code_string = "KADM5_BAD_PRINCIPAL"; break; - case KADM5_BAD_AUX_ATTR: - code_string = "KADM5_BAD_AUX_ATTR"; break; - case KADM5_PASS_Q_TOOSHORT: - code_string = "KADM5_PASS_Q_TOOSHORT"; break; - case KADM5_PASS_Q_CLASS: - code_string = "KADM5_PASS_Q_CLASS"; break; - case KADM5_PASS_Q_DICT: - code_string = "KADM5_PASS_Q_DICT"; break; - case KADM5_PASS_REUSE: code_string = "KADM5_PASS_REUSE"; break; - case KADM5_PASS_TOOSOON: - code_string = "KADM5_PASS_TOOSOON"; break; - case KADM5_POLICY_REF: - code_string = "KADM5_POLICY_REF"; break; - case KADM5_PROTECT_PRINCIPAL: - code_string = "KADM5_PROTECT_PRINCIPAL"; break; - case KADM5_BAD_SERVER_HANDLE: - code_string = "KADM5_BAD_SERVER_HANDLE"; break; - case KADM5_BAD_STRUCT_VERSION: - code_string = "KADM5_BAD_STRUCT_VERSION"; break; - case KADM5_OLD_STRUCT_VERSION: - code_string = "KADM5_OLD_STRUCT_VERSION"; break; - case KADM5_NEW_STRUCT_VERSION: - code_string = "KADM5_NEW_STRUCT_VERSION"; break; - case KADM5_BAD_API_VERSION: - code_string = "KADM5_BAD_API_VERSION"; break; - case KADM5_OLD_LIB_API_VERSION: - code_string = "KADM5_OLD_LIB_API_VERSION"; break; - case KADM5_OLD_SERVER_API_VERSION: - code_string = "KADM5_OLD_SERVER_API_VERSION"; break; - case KADM5_NEW_LIB_API_VERSION: - code_string = "KADM5_NEW_LIB_API_VERSION"; break; - case KADM5_NEW_SERVER_API_VERSION: - code_string = "KADM5_NEW_SERVER_API_VERSION"; break; - case KADM5_SECURE_PRINC_MISSING: - code_string = "KADM5_SECURE_PRINC_MISSING"; break; - case KADM5_NO_RENAME_SALT: - code_string = "KADM5_NO_RENAME_SALT"; break; - case KADM5_BAD_CLIENT_PARAMS: - code_string = "KADM5_BAD_CLIENT_PARAMS"; break; - case KADM5_BAD_SERVER_PARAMS: - code_string = "KADM5_BAD_SERVER_PARAMS"; break; - case KADM5_AUTH_LIST: - code_string = "KADM5_AUTH_LIST"; break; - case KADM5_AUTH_CHANGEPW: - code_string = "KADM5_AUTH_CHANGEPW"; break; - case KADM5_GSS_ERROR: code_string = "KADM5_GSS_ERROR"; break; - case KADM5_BAD_TL_TYPE: code_string = "KADM5_BAD_TL_TYPE"; break; - case KADM5_MISSING_CONF_PARAMS: - code_string = "KADM5_MISSING_CONF_PARAMS"; break; - case KADM5_BAD_SERVER_NAME: - code_string = "KADM5_BAD_SERVER_NAME"; break; - case KADM5_MISSING_KRB5_CONF_PARAMS: - code_string = "KADM5_MISSING_KRB5_CONF_PARAMS"; break; - case KADM5_XDR_FAILURE: code_string = "KADM5_XDR_FAILURE"; break; - case KADM5_CANT_RESOLVE: code_string = "KADM5_CANT_RESOLVE"; break; - - - case OSA_ADB_DUP: code_string = "OSA_ADB_DUP"; break; - case OSA_ADB_NOENT: code_string = "ENOENT"; break; - case OSA_ADB_DBINIT: code_string = "OSA_ADB_DBINIT"; break; - case OSA_ADB_BAD_POLICY: code_string = "Bad policy name"; break; - case OSA_ADB_BAD_PRINC: code_string = "Bad principal name"; break; - case OSA_ADB_BAD_DB: code_string = "Invalid database."; break; - case OSA_ADB_XDR_FAILURE: code_string = "OSA_ADB_XDR_FAILURE"; break; - case OSA_ADB_BADLOCKMODE: code_string = "OSA_ADB_BADLOCKMODE"; break; - case OSA_ADB_CANTLOCK_DB: code_string = "OSA_ADB_CANTLOCK_DB"; break; - case OSA_ADB_NOTLOCKED: code_string = "OSA_ADB_NOTLOCKED"; break; - case OSA_ADB_NOLOCKFILE: code_string = "OSA_ADB_NOLOCKFILE"; break; - case OSA_ADB_NOEXCL_PERM: code_string = "OSA_ADB_NOEXCL_PERM"; break; - - case KRB5_KDB_INUSE: code_string = "KRB5_KDB_INUSE"; break; - case KRB5_KDB_UK_SERROR: code_string = "KRB5_KDB_UK_SERROR"; break; - case KRB5_KDB_UK_RERROR: code_string = "KRB5_KDB_UK_RERROR"; break; - case KRB5_KDB_UNAUTH: code_string = "KRB5_KDB_UNAUTH"; break; - case KRB5_KDB_NOENTRY: code_string = "KRB5_KDB_NOENTRY"; break; - case KRB5_KDB_ILL_WILDCARD: code_string = "KRB5_KDB_ILL_WILDCARD"; break; - case KRB5_KDB_DB_INUSE: code_string = "KRB5_KDB_DB_INUSE"; break; - case KRB5_KDB_DB_CHANGED: code_string = "KRB5_KDB_DB_CHANGED"; break; - case KRB5_KDB_TRUNCATED_RECORD: - code_string = "KRB5_KDB_TRUNCATED_RECORD"; break; - case KRB5_KDB_RECURSIVELOCK: - code_string = "KRB5_KDB_RECURSIVELOCK"; break; - case KRB5_KDB_NOTLOCKED: code_string = "KRB5_KDB_NOTLOCKED"; break; - case KRB5_KDB_BADLOCKMODE: code_string = "KRB5_KDB_BADLOCKMODE"; break; - case KRB5_KDB_DBNOTINITED: code_string = "KRB5_KDB_DBNOTINITED"; break; - case KRB5_KDB_DBINITED: code_string = "KRB5_KDB_DBINITED"; break; - case KRB5_KDB_ILLDIRECTION: code_string = "KRB5_KDB_ILLDIRECTION"; break; - case KRB5_KDB_NOMASTERKEY: code_string = "KRB5_KDB_NOMASTERKEY"; break; - case KRB5_KDB_BADMASTERKEY: code_string = "KRB5_KDB_BADMASTERKEY"; break; - case KRB5_KDB_INVALIDKEYSIZE: - code_string = "KRB5_KDB_INVALIDKEYSIZE"; break; - case KRB5_KDB_CANTREAD_STORED: - code_string = "KRB5_KDB_CANTREAD_STORED"; break; - case KRB5_KDB_BADSTORED_MKEY: - code_string = "KRB5_KDB_BADSTORED_MKEY"; break; - case KRB5_KDB_CANTLOCK_DB: code_string = "KRB5_KDB_CANTLOCK_DB"; break; - case KRB5_KDB_DB_CORRUPT: code_string = "KRB5_KDB_DB_CORRUPT"; break; - - case KRB5_PARSE_ILLCHAR: code_string = "KRB5_PARSE_ILLCHAR"; break; - case KRB5_PARSE_MALFORMED: code_string = "KRB5_PARSE_MALFORMED"; break; - case KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN: code_string = "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN"; break; - case KRB5_REALM_UNKNOWN: code_string = "KRB5_REALM_UNKNOWN"; break; - case KRB5_KDC_UNREACH: code_string = "KRB5_KDC_UNREACH"; break; - case KRB5_KDCREP_MODIFIED: code_string = "KRB5_KDCREP_MODIFIED"; break; - case KRB5KRB_AP_ERR_BAD_INTEGRITY: code_string = "KRB5KRB_AP_ERR_BAD_INTEGRITY"; break; - case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN: code_string = "KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN"; break; - case KRB5_CONFIG_BADFORMAT: code_string = "KRB5_CONFIG_BADFORMAT"; break; - - case KRB5_CC_NOTFOUND: code_string = "KRB5_CC_NOTFOUND"; break; - case KRB5_FCC_NOFILE: code_string = "KRB5_FCC_NOFILE"; break; - - case EINVAL: code_string = "EINVAL"; break; - case ENOENT: code_string = "ENOENT"; break; - - default: - fprintf(stderr, "**** CODE %ld (%s) ***\n", (long) code, - error_message (code)); - code_string = "UNKNOWN"; - break; - } - - error_string = error_message(code); - - if (! (dstring = (Tcl_DString *) malloc(sizeof(Tcl_DString)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX Do we really want to exit? Ok if this is */ - /* just a test program, but what about if it gets */ - /* used for other things later? */ - } - - Tcl_DStringInit(dstring); - - if (! (Tcl_DStringAppendElement(dstring, "ERROR") && - Tcl_DStringAppendElement(dstring, code_string) && - Tcl_DStringAppendElement(dstring, error_string))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - return dstring; -} - - - -static void stash_error(Tcl_Interp *interp, krb5_error_code code) -{ - Tcl_DString *dstring = unparse_err(code); - Tcl_DStringResult(interp, dstring); - Tcl_DStringFree(dstring); - free(dstring); -} - -static Tcl_DString *unparse_key_data(krb5_key_data *key_data, int n_key_data) -{ - Tcl_DString *str; - char buf[2048]; - int i, j; - - if (! (str = malloc(sizeof(*str)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_DStringInit(str); - for (i = 0; i < n_key_data; i++) { - krb5_key_data *key = &key_data[i]; - - Tcl_DStringStartSublist(str); - sprintf(buf, "%d", key->key_data_type[0]); - Tcl_DStringAppendElement(str, buf); - sprintf(buf, "%d", key->key_data_ver > 1 ? - key->key_data_type[1] : -1); - Tcl_DStringAppendElement(str, buf); - if (key->key_data_contents[0]) { - sprintf(buf, "0x"); - for (j = 0; j < key->key_data_length[0]; j++) { - sprintf(buf + 2*(j+1), "%02x", - key->key_data_contents[0][j]); - } - } else *buf = '\0'; - Tcl_DStringAppendElement(str, buf); - Tcl_DStringEndSublist(str); - } - - return str; -} - -static Tcl_DString *unparse_tl_data(krb5_tl_data *tl_data, int n_tl_data) -{ - Tcl_DString *str; - char buf[2048]; - - if (! (str = malloc(sizeof(*str)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_DStringInit(str); - Tcl_DStringStartSublist(str); - for (; tl_data; tl_data = tl_data->tl_data_next) { - Tcl_DStringStartSublist(str); - sprintf(buf, "%d", tl_data->tl_data_type); - Tcl_DStringAppendElement(str, buf); - sprintf(buf, "%d", tl_data->tl_data_length); - Tcl_DStringAppendElement(str, buf); - Tcl_DStringAppend(str, " ", 1); - Tcl_DStringAppend(str, (char *) tl_data->tl_data_contents, - tl_data->tl_data_length); - Tcl_DStringEndSublist(str); - } - Tcl_DStringEndSublist(str); - - return str; -} - -static Tcl_DString *unparse_flags(struct flagval *array, int size, - krb5_int32 flags) -{ - int i; - Tcl_DString *str; - - if (! (str = malloc(sizeof(*str)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_DStringInit(str); - - for (i = 0; i < size; i++) { - if (flags & array[i].val) { - Tcl_DStringAppendElement(str, array[i].name); - } - } - - return str; -} - - -static int parse_flags(Tcl_Interp *interp, Tcl_HashTable *table, - struct flagval *array, int size, const char *str, - krb5_flags *flags) -{ - int tmp, argc, i, retcode = TCL_OK; - const char **argv; - Tcl_HashEntry *entry; - - if (Tcl_GetInt(interp, str, &tmp) == TCL_OK) { - *flags = tmp; - return TCL_OK; - } - Tcl_ResetResult(interp); - - if (Tcl_SplitList(interp, str, &argc, &argv) != TCL_OK) { - return TCL_ERROR; - } - - if (! table) { - table = create_flag_table(array, size); - } - - *flags = 0; - - for (i = 0; i < argc; i++) { - if (! (entry = Tcl_FindHashEntry(table, argv[i]))) { - Tcl_AppendResult(interp, "unknown krb5 flag ", argv[i], 0); - retcode = TCL_ERROR; - break; - } - *flags |= *(krb5_flags *) Tcl_GetHashValue(entry); - } - - Tcl_Free((char *) argv); - return(retcode); -} - -static Tcl_DString *unparse_privs(krb5_flags flags) -{ - return unparse_flags(priv_flags, sizeof(priv_flags) / - sizeof(struct flagval), flags); -} - - -static Tcl_DString *unparse_krb5_flags(krb5_flags flags) -{ - return unparse_flags(krb5_flags_array, sizeof(krb5_flags_array) / - sizeof(struct flagval), flags); -} - -static int parse_krb5_flags(Tcl_Interp *interp, const char *str, - krb5_flags *flags) -{ - krb5_flags tmp; - static Tcl_HashTable *table = 0; - int tcl_ret; - - if ((tcl_ret = parse_flags(interp, table, krb5_flags_array, - sizeof(krb5_flags_array) / - sizeof(struct flagval), - str, &tmp)) != TCL_OK) { - return tcl_ret; - } - - *flags = tmp; - return TCL_OK; -} - -static Tcl_DString *unparse_aux_attributes(krb5_int32 flags) -{ - return unparse_flags(aux_attributes, sizeof(aux_attributes) / - sizeof(struct flagval), flags); -} - - -static int parse_aux_attributes(Tcl_Interp *interp, const char *str, - long *flags) -{ - krb5_flags tmp; - static Tcl_HashTable *table = 0; - int tcl_ret; - - if ((tcl_ret = parse_flags(interp, table, aux_attributes, - sizeof(aux_attributes) / - sizeof(struct flagval), - str, &tmp)) != TCL_OK) { - return tcl_ret; - } - - *flags = tmp; - return TCL_OK; -} - -static int parse_principal_mask(Tcl_Interp *interp, const char *str, - krb5_int32 *flags) -{ - krb5_flags tmp; - static Tcl_HashTable *table = 0; - int tcl_ret; - - if ((tcl_ret = parse_flags(interp, table, principal_mask_flags, - sizeof(principal_mask_flags) / - sizeof(struct flagval), - str, &tmp)) != TCL_OK) { - return tcl_ret; - } - - *flags = tmp; - return TCL_OK; -} - -static int parse_policy_mask(Tcl_Interp *interp, const char *str, - krb5_int32 *flags) -{ - krb5_flags tmp; - static Tcl_HashTable *table = 0; - int tcl_ret; - - if ((tcl_ret = parse_flags(interp, table, policy_mask_flags, - sizeof(policy_mask_flags) / - sizeof(struct flagval), - str, &tmp)) != TCL_OK) { - return tcl_ret; - } - - *flags = tmp; - return TCL_OK; -} - - -static Tcl_DString *unparse_principal_ent(kadm5_principal_ent_t princ, - krb5_int32 mask) -{ - Tcl_DString *str, *tmp_dstring; - char *tmp; - char buf[20]; - krb5_error_code krb5_ret; - - if (! (str = malloc(sizeof(*str)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_DStringInit(str); - - tmp = 0; /* It looks to me from looking at the library source */ - /* code for krb5_parse_name that the pointer passed into */ - /* it should be initialized to 0 if I want it do be */ - /* allocated automatically. */ - if (mask & KADM5_PRINCIPAL) { - krb5_ret = krb5_unparse_name(context, princ->principal, &tmp); - if (krb5_ret) { - /* XXX Do we want to return an error? Not sure. */ - Tcl_DStringAppendElement(str, "[unparsable principal]"); - } - else { - Tcl_DStringAppendElement(str, tmp); - free(tmp); - } - } else - Tcl_DStringAppendElement(str, "null"); - - sprintf(buf, "%u", (unsigned int)princ->princ_expire_time); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%u", (unsigned int)princ->last_pwd_change); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%u", (unsigned int)princ->pw_expiration); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%d", princ->max_life); - Tcl_DStringAppendElement(str, buf); - - tmp = 0; - if (mask & KADM5_MOD_NAME) { - if ((krb5_ret = krb5_unparse_name(context, princ->mod_name, &tmp))) { - /* XXX */ - Tcl_DStringAppendElement(str, "[unparsable principal]"); - } - else { - Tcl_DStringAppendElement(str, tmp); - free(tmp); - } - } else - Tcl_DStringAppendElement(str, "null"); - - sprintf(buf, "%u", (unsigned int)princ->mod_date); - Tcl_DStringAppendElement(str, buf); - - if (mask & KADM5_ATTRIBUTES) { - tmp_dstring = unparse_krb5_flags(princ->attributes); - Tcl_DStringAppendElement(str, tmp_dstring->string); - Tcl_DStringFree(tmp_dstring); - free(tmp_dstring); - } else - Tcl_DStringAppendElement(str, "null"); - - sprintf(buf, "%d", princ->kvno); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%d", princ->mkvno); - Tcl_DStringAppendElement(str, buf); - - /* XXX This may be dangerous, because the contents of the policy */ - /* field are undefined if the POLICY bit isn't set. However, I */ - /* think it's a bug for the field not to be null in that case */ - /* anyway, so we should assume that it will be null so that we'll */ - /* catch it if it isn't. */ - - tmp_dstring = unparse_str(princ->policy); - Tcl_DStringAppendElement(str, tmp_dstring->string); - Tcl_DStringFree(tmp_dstring); - free(tmp_dstring); - - tmp_dstring = unparse_aux_attributes(princ->aux_attributes); - Tcl_DStringAppendElement(str, tmp_dstring->string); - Tcl_DStringFree(tmp_dstring); - free(tmp_dstring); - - sprintf(buf, "%d", princ->max_renewable_life); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%u", (unsigned int)princ->last_success); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%u", (unsigned int)princ->last_failed); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%d", princ->fail_auth_count); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%d", princ->n_key_data); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%d", princ->n_tl_data); - Tcl_DStringAppendElement(str, buf); - - tmp_dstring = unparse_key_data(princ->key_data, princ->n_key_data); - Tcl_DStringAppendElement(str, tmp_dstring->string); - Tcl_DStringFree(tmp_dstring); - free(tmp_dstring); - - tmp_dstring = unparse_tl_data(princ->tl_data, princ->n_tl_data); - Tcl_DStringAppendElement(str, tmp_dstring->string); - Tcl_DStringFree(tmp_dstring); - free(tmp_dstring); - - return str; -} - -static int parse_keysalts(Tcl_Interp *interp, const char *list, - krb5_key_salt_tuple **keysalts, - int num_keysalts) -{ - const char **argv, **argv1 = NULL; - int i, tmp, argc, argc1, retcode; - - *keysalts = NULL; - if (list == NULL) - return TCL_OK; - - if ((retcode = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) { - return retcode; - } - if (argc != num_keysalts) { - Tcl_SetResult(interp, "wrong number of keysalts", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - *keysalts = (krb5_key_salt_tuple *) - malloc(sizeof(krb5_key_salt_tuple)*num_keysalts); - for (i = 0; i < num_keysalts; i++) { - if ((retcode = Tcl_SplitList(interp, argv[i], &argc1, &argv1)) != - TCL_OK) { - goto finished; - } - if (argc1 != 2) { - Tcl_SetResult(interp, "wrong # of fields in keysalt", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - /* XXX this used to be argv1[1] too! */ - if ((retcode = Tcl_GetInt(interp, argv1[0], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing ks_enctype"); - retcode = TCL_ERROR; - goto finished; - } - (*keysalts)[i].ks_enctype = tmp; - if ((retcode = Tcl_GetInt(interp, argv1[1], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing ks_salttype"); - goto finished; - } - (*keysalts)[i].ks_salttype = tmp; - - Tcl_Free((char *) argv1); - argv1 = NULL; - } - -finished: - if (argv1) { - Tcl_Free((char *) argv1); - } - Tcl_Free((char *) argv); - return retcode; -} - -static int parse_key_data(Tcl_Interp *interp, const char *list, - krb5_key_data **key_data, - int n_key_data) -{ - const char **argv = NULL; - int argc, retcode; - - *key_data = NULL; - if (list == NULL) { - if (n_key_data != 0) { - Tcl_SetResult(interp, "wrong number of key_datas", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } else - return TCL_OK; - } - - if ((retcode = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) { - return retcode; - } - if (argc != n_key_data) { - Tcl_SetResult(interp, "wrong number of key_datas", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - - if (argc != 0) { - Tcl_SetResult(interp, "cannot parse key_data yet", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - -finished: - Tcl_Free((char *) argv); - return retcode; -} - -static int parse_tl_data(Tcl_Interp *interp, const char *list, - krb5_tl_data **tlp, - int n_tl_data) -{ - krb5_tl_data *tl, *tl2; - const char **argv = NULL, **argv1 = NULL; - int i, tmp, argc, argc1, retcode; - - *tlp = NULL; - if (list == NULL) { - if (n_tl_data != 0) { - Tcl_SetResult(interp, "wrong number of tl_datas", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } else - return TCL_OK; - } - - if ((retcode = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) { - return retcode; - } - if (argc != n_tl_data) { - Tcl_SetResult(interp, "wrong number of tl_datas", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - - tl = tl2 = NULL; - for (i = 0; i < n_tl_data; i++) { - tl2 = (krb5_tl_data *) malloc(sizeof(krb5_tl_data)); - memset(tl2, 0, sizeof(krb5_tl_data)); - tl2->tl_data_next = tl; - tl = tl2; - } - tl2 = tl; - - for (i = 0; i < n_tl_data; i++) { - if ((retcode = Tcl_SplitList(interp, argv[i], &argc1, &argv1)) != - TCL_OK) { - goto finished; - } - if (argc1 != 3) { - Tcl_SetResult(interp, "wrong # of fields in tl_data", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - if ((retcode = Tcl_GetInt(interp, argv1[0], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing tl_data_type"); - retcode = TCL_ERROR; - goto finished; - } - tl->tl_data_type = tmp; - if ((retcode = Tcl_GetInt(interp, argv1[1], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing tl_data_length"); - retcode = TCL_ERROR; - goto finished; - } - tl->tl_data_length = tmp; - if (tl->tl_data_length != strlen(argv1[2])) { - Tcl_SetResult(interp, "length != string length", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - tl->tl_data_contents = (krb5_octet *) strdup(argv1[2]); - - Tcl_Free((char *) argv1); - argv1 = NULL; - tl = tl->tl_data_next; - } - if (tl != NULL) { - Tcl_SetResult(interp, "tl is not NULL!", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - *tlp = tl2; - -finished: - if (argv1) { - Tcl_Free((char *) argv1); - } - Tcl_Free((char *) argv); - return retcode; -} - -static int parse_config_params(Tcl_Interp *interp, char *list, - kadm5_config_params *params) -{ - static Tcl_HashTable *table = 0; - const char **argv = NULL; - int tmp, argc, retcode; - - memset(params, 0, sizeof(kadm5_config_params)); - if (list == NULL) - return TCL_OK; - - if ((retcode = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) { - return retcode; - } - - if (argc != 20) { - Tcl_SetResult(interp, "wrong # args in config params structure", - TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - - if ((retcode = parse_flags(interp, table, config_mask_flags, - sizeof(config_mask_flags) / - sizeof(struct flagval), - argv[0], &tmp)) != TCL_OK) { - goto finished; - } - params->mask = tmp; - - if ((retcode = parse_str(interp, argv[1], ¶ms->realm)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing realm name"); - retcode = TCL_ERROR; - goto finished; - } - if ((retcode = Tcl_GetInt(interp, argv[2], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing kadmind_port"); - retcode = TCL_ERROR; - goto finished; - } - params->kadmind_port = tmp; - if ((retcode = parse_str(interp, argv[3], ¶ms->admin_server)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing profile name"); - retcode = TCL_ERROR; - goto finished; - } - if ((retcode = parse_str(interp, argv[4], ¶ms->dbname)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing profile name"); - retcode = TCL_ERROR; - goto finished; - } - /* Ignore argv[5], which used to set the admin_dbname field. */ - /* Ignore argv[6], which used to set the admin_lockfile field. */ - /* Ignore argv[7], which used to set the admin_keytab field. */ - if ((retcode = parse_str(interp, argv[8], ¶ms->acl_file)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing acl_file name"); - retcode = TCL_ERROR; - goto finished; - } - if ((retcode = parse_str(interp, argv[9], ¶ms->dict_file)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing dict_file name"); - retcode = TCL_ERROR; - goto finished; - } - if ((retcode = Tcl_GetInt(interp, argv[10], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing mkey_from_kbd"); - retcode = TCL_ERROR; - goto finished; - } - params->mkey_from_kbd = tmp; - if ((retcode = parse_str(interp, argv[11], ¶ms->stash_file)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing stash_file name"); - retcode = TCL_ERROR; - goto finished; - } - if ((retcode = parse_str(interp, argv[12], ¶ms->mkey_name)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing mkey_name name"); - retcode = TCL_ERROR; - goto finished; - } - if ((retcode = Tcl_GetInt(interp, argv[13], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing enctype"); - retcode = TCL_ERROR; - goto finished; - } - params->enctype = tmp; - if ((retcode = Tcl_GetInt(interp, argv[14], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing max_life"); - retcode = TCL_ERROR; - goto finished; - } - params->max_life = tmp; - if ((retcode = Tcl_GetInt(interp, argv[15], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing max_rlife"); - retcode = TCL_ERROR; - goto finished; - } - params->max_rlife = tmp; - if ((retcode = Tcl_GetInt(interp, argv[16], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing expiration"); - retcode = TCL_ERROR; - goto finished; - } - params->expiration = tmp; - if ((retcode = parse_krb5_flags(interp, argv[17], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing flags"); - retcode = TCL_ERROR; - goto finished; - } - params->flags = tmp; - if ((retcode = Tcl_GetInt(interp, argv[18], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing num_keysalts"); - retcode = TCL_ERROR; - goto finished; - } - params->num_keysalts = tmp; - if ((retcode = parse_keysalts(interp, argv[19], ¶ms->keysalts, - params->num_keysalts)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing keysalts"); - retcode = TCL_ERROR; - goto finished; - } - -finished: - return retcode; -} - -static int parse_principal_ent(Tcl_Interp *interp, char *list, - kadm5_principal_ent_t *out_princ) -{ - kadm5_principal_ent_t princ = 0; - krb5_error_code krb5_ret; - int tcl_ret; - int argc; - const char **argv; - int tmp; - int retcode = TCL_OK; - - if ((tcl_ret = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) { - return tcl_ret; - } - - if (argc != 12 && argc != 20) { - Tcl_SetResult(interp, "wrong # args in principal structure", - TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - - if (! (princ = malloc(sizeof *princ))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - memset(princ, 0, sizeof(*princ)); - - if ((krb5_ret = krb5_parse_name(context, argv[0], &princ->principal)) != 0) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing principal"); - retcode = TCL_ERROR; - goto finished; - } - - /* - * All of the numerical values parsed here are parsed into an - * "int" and then assigned into the structure in case the actual - * width of the field in the Kerberos structure is different from - * the width of an integer. - */ - - if ((tcl_ret = Tcl_GetInt(interp, argv[1], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing princ_expire_time"); - retcode = TCL_ERROR; - goto finished; - } - princ->princ_expire_time = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[2], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing last_pwd_change"); - retcode = TCL_ERROR; - goto finished; - } - princ->last_pwd_change = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[3], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_expiration"); - retcode = TCL_ERROR; - goto finished; - } - princ->pw_expiration = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[4], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing max_life"); - retcode = TCL_ERROR; - goto finished; - } - princ->max_life = tmp; - - if ((krb5_ret = krb5_parse_name(context, argv[5], &princ->mod_name)) != 0) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing mod_name"); - retcode = TCL_ERROR; - goto finished; - } - - if ((tcl_ret = Tcl_GetInt(interp, argv[6], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing mod_date"); - retcode = TCL_ERROR; - goto finished; - } - princ->mod_date = tmp; - - if ((tcl_ret = parse_krb5_flags(interp, argv[7], &princ->attributes)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing attributes"); - retcode = TCL_ERROR; - goto finished; - } - - if ((tcl_ret = Tcl_GetInt(interp, argv[8], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing kvno"); - retcode = TCL_ERROR; - goto finished; - } - princ->kvno = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[9], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing mkvno"); - retcode = TCL_ERROR; - goto finished; - } - princ->mkvno = tmp; - - if ((tcl_ret = parse_str(interp, argv[10], &princ->policy)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing policy"); - retcode = TCL_ERROR; - goto finished; - } - if(princ->policy != NULL) { - if(!(princ->policy = strdup(princ->policy))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); - } - } - - if ((tcl_ret = parse_aux_attributes(interp, argv[11], - &princ->aux_attributes)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing aux_attributes"); - retcode = TCL_ERROR; - goto finished; - } - - if (argc == 12) goto finished; - - if ((tcl_ret = Tcl_GetInt(interp, argv[12], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing max_renewable_life"); - retcode = TCL_ERROR; - goto finished; - } - princ->max_renewable_life = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[13], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing last_success"); - retcode = TCL_ERROR; - goto finished; - } - princ->last_success = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[14], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing last_failed"); - retcode = TCL_ERROR; - goto finished; - } - princ->last_failed = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[15], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing fail_auth_count"); - retcode = TCL_ERROR; - goto finished; - } - princ->fail_auth_count = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[16], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing n_key_data"); - retcode = TCL_ERROR; - goto finished; - } - princ->n_key_data = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[17], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing n_tl_data"); - retcode = TCL_ERROR; - goto finished; - } - princ->n_tl_data = tmp; - - if ((tcl_ret = parse_key_data(interp, argv[18], - &princ->key_data, - princ->n_key_data)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing key_data"); - retcode = TCL_ERROR; - goto finished; - } - - if ((tcl_ret = parse_tl_data(interp, argv[19], - &princ->tl_data, - princ->n_tl_data)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing tl_data"); - retcode = TCL_ERROR; - goto finished; - } - princ->n_tl_data = tmp; - -finished: - Tcl_Free((char *) argv); - *out_princ = princ; - return retcode; -} - - -static void free_principal_ent(kadm5_principal_ent_t *princ) -{ - krb5_free_principal(context, (*princ)->principal); - krb5_free_principal(context, (*princ)->mod_name); - free((*princ)->policy); - free(*princ); - *princ = 0; -} - -static Tcl_DString *unparse_policy_ent(kadm5_policy_ent_t policy) -{ - Tcl_DString *str, *tmp_dstring; - char buf[20]; - - if (! (str = malloc(sizeof(*str)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_DStringInit(str); - - tmp_dstring = unparse_str(policy->policy); - Tcl_DStringAppendElement(str, tmp_dstring->string); - Tcl_DStringFree(tmp_dstring); - free(tmp_dstring); - - sprintf(buf, "%ld", policy->pw_min_life); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%ld", policy->pw_max_life); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%ld", policy->pw_min_length); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%ld", policy->pw_min_classes); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%ld", policy->pw_history_num); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%ld", policy->policy_refcnt); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%d", policy->pw_max_fail); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%d", policy->pw_failcnt_interval); - Tcl_DStringAppendElement(str, buf); - - sprintf(buf, "%d", policy->pw_lockout_duration); - Tcl_DStringAppendElement(str, buf); - - return str; -} - - - -static int parse_policy_ent(Tcl_Interp *interp, char *list, - kadm5_policy_ent_t *out_policy) -{ - kadm5_policy_ent_t policy = 0; - int tcl_ret; - int argc; - const char **argv; - int tmp; - int retcode = TCL_OK; - - if ((tcl_ret = Tcl_SplitList(interp, list, &argc, &argv)) != TCL_OK) { - return tcl_ret; - } - - if (argc != 7 && argc != 10) { - Tcl_SetResult(interp, "wrong # args in policy structure", TCL_STATIC); - retcode = TCL_ERROR; - goto finished; - } - - if (! (policy = malloc(sizeof *policy))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - if ((tcl_ret = parse_str(interp, argv[0], &policy->policy)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing policy name"); - retcode = TCL_ERROR; - goto finished; - } - - if(policy->policy != NULL) { - if (! (policy->policy = strdup(policy->policy))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - } - - /* - * All of the numerical values parsed here are parsed into an - * "int" and then assigned into the structure in case the actual - * width of the field in the Kerberos structure is different from - * the width of an integer. - */ - - if ((tcl_ret = Tcl_GetInt(interp, argv[1], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_min_life"); - retcode = TCL_ERROR; - goto finished; - } - policy->pw_min_life = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[2], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_max_life"); - retcode = TCL_ERROR; - goto finished; - } - policy->pw_max_life = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[3], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_min_length"); - retcode = TCL_ERROR; - goto finished; - } - policy->pw_min_length = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[4], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_min_classes"); - retcode = TCL_ERROR; - goto finished; - } - policy->pw_min_classes = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[5], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_history_num"); - retcode = TCL_ERROR; - goto finished; - } - policy->pw_history_num = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[6], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing policy_refcnt"); - retcode = TCL_ERROR; - goto finished; - } - policy->policy_refcnt = tmp; - - if (argc == 7) goto finished; - - if ((tcl_ret = Tcl_GetInt(interp, argv[7], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_max_fail"); - retcode = TCL_ERROR; - goto finished; - } - policy->pw_max_fail = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[8], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_failcnt_interval"); - retcode = TCL_ERROR; - goto finished; - } - policy->pw_failcnt_interval = tmp; - - if ((tcl_ret = Tcl_GetInt(interp, argv[9], &tmp)) - != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_lockout_duration"); - retcode = TCL_ERROR; - goto finished; - } - policy->pw_lockout_duration = tmp; - -finished: - Tcl_Free((char *) argv); - *out_policy = policy; - return retcode; -} - - -static void free_policy_ent(kadm5_policy_ent_t *policy) -{ - free((*policy)->policy); - free(*policy); - *policy = 0; -} - -static Tcl_DString *unparse_keytype(krb5_enctype enctype) -{ - Tcl_DString *str; - char buf[50]; - - if (! (str = malloc(sizeof(*str)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_DStringInit(str); - - switch (enctype) { - /* XXX is this right? */ - case ENCTYPE_NULL: Tcl_DStringAppend(str, "ENCTYPE_NULL", -1); break; - default: - sprintf(buf, "UNKNOWN KEYTYPE (0x%x)", enctype); - Tcl_DStringAppend(str, buf, -1); - break; - } - - return str; -} - - -static Tcl_DString *unparse_keyblocks(krb5_keyblock *keyblocks, int num_keys) -{ - Tcl_DString *str; - Tcl_DString *keytype; - unsigned int i; - int j; - - if (! (str = malloc(sizeof(*str)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - - Tcl_DStringInit(str); - - for (j = 0; j < num_keys; j++) { - krb5_keyblock *keyblock = &keyblocks[j]; - - Tcl_DStringStartSublist(str); - - keytype = unparse_keytype(keyblock->enctype); - Tcl_DStringAppendElement(str, keytype->string); - Tcl_DStringFree(keytype); - free(keytype); - if (keyblock->length == 0) { - Tcl_DStringAppendElement(str, "0x00"); - } - else { - Tcl_DStringAppendElement(str, "0x"); - for (i = 0; i < keyblock->length; i++) { - char buf[3]; - sprintf(buf, "%02x", (int) keyblock->contents[i]); - Tcl_DStringAppend(str, buf, -1); - } - } - - Tcl_DStringEndSublist(str); - } - - - return str; -} - -enum init_type { INIT_NONE, INIT_PASS, INIT_CREDS }; - -static int _tcl_kadm5_init_any(enum init_type init_type, ClientData clientData, - Tcl_Interp *interp, int argc, const char *argv[]) -{ - kadm5_ret_t ret; - char *client_name, *pass, *service_name; - int tcl_ret; - krb5_ui_4 struct_version, api_version; - const char *handle_var; - void *server_handle; - char *handle_name, *params_str; - const char *whoami = argv[0]; - kadm5_config_params params; - - argv++, argc--; - - kadm5_init_krb5_context(&context); - - if (argc != 7) { - Tcl_AppendResult(interp, whoami, ": ", arg_error, 0); - return TCL_ERROR; - } - - if (((tcl_ret = parse_str(interp, argv[0], &client_name)) != TCL_OK) || - ((tcl_ret = parse_str(interp, argv[1], &pass)) != TCL_OK) || - ((tcl_ret = parse_str(interp, argv[2], &service_name)) != TCL_OK) || - ((tcl_ret = parse_str(interp, argv[3], ¶ms_str)) != TCL_OK) || - ((tcl_ret = parse_config_params(interp, params_str, ¶ms)) - != TCL_OK) || - ((tcl_ret = Tcl_GetInt(interp, argv[4], (int *) &struct_version)) != - TCL_OK) || - ((tcl_ret = Tcl_GetInt(interp, argv[5], (int *) &api_version)) != - TCL_OK)) { - return tcl_ret; - } - - handle_var = argv[6]; - - if (! (handle_var && *handle_var)) { - Tcl_SetResult(interp, "must specify server handle variable name", - TCL_STATIC); - return TCL_ERROR; - } - - if (init_type == INIT_CREDS) { - krb5_ccache cc; - - if (pass == NULL) { - if ((ret = krb5_cc_default(context, &cc))) { - stash_error(interp, ret); - return TCL_ERROR; - } - } else { - if ((ret = krb5_cc_resolve(context, pass, &cc))) { - stash_error(interp, ret); - return TCL_ERROR; - } - } - - ret = kadm5_init_with_creds(context, client_name, cc, service_name, - ¶ms, struct_version, - api_version, NULL, &server_handle); - - (void) krb5_cc_close(context, cc); - } else - ret = kadm5_init(context, client_name, pass, service_name, ¶ms, - struct_version, api_version, NULL, &server_handle); - - /* The string fields of params are aliases into argv[3], but - * params.keysalts is allocated, so clean it up. */ - free(params.keysalts); - - if (ret != KADM5_OK) { - stash_error(interp, ret); - return TCL_ERROR; - } - - if ((tcl_ret = put_server_handle(interp, server_handle, &handle_name)) - != TCL_OK) { - return tcl_ret; - } - - if (! Tcl_SetVar(interp, handle_var, handle_name, TCL_LEAVE_ERR_MSG)) { - return TCL_ERROR; - } - - set_ok(interp, "KADM5 API initialized."); - return TCL_OK; -} - -static int tcl_kadm5_init(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - return _tcl_kadm5_init_any(INIT_PASS, clientData, interp, argc, argv); -} - -static int tcl_kadm5_init_with_creds(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - return _tcl_kadm5_init_any(INIT_CREDS, clientData, interp, argc, argv); -} - -static int tcl_kadm5_destroy(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - kadm5_ret_t ret; - int tcl_ret; - - GET_HANDLE(0, 0); - - ret = kadm5_destroy(server_handle); - - if (ret != KADM5_OK) { - stash_error(interp, ret); - return TCL_ERROR; - } - - if ((tcl_ret = remove_server_handle(interp, argv[-1])) != TCL_OK) { - return tcl_ret; - } - - set_ok(interp, "KADM5 API deinitialized."); - return TCL_OK; -} - -static int tcl_kadm5_create_principal(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - int tcl_ret; - kadm5_ret_t ret; - int retcode = TCL_OK; - char *princ_string; - kadm5_principal_ent_t princ = 0; - krb5_int32 mask; - char *pw; -#ifdef OVERRIDE - int override_qual; -#endif - - GET_HANDLE(3, 0); - - if ((tcl_ret = parse_str(interp, argv[0], &princ_string)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing principal"); - return tcl_ret; - } - - if (princ_string && - ((tcl_ret = parse_principal_ent(interp, princ_string, &princ)) - != TCL_OK)) { - return tcl_ret; - } - - if ((tcl_ret = parse_principal_mask(interp, argv[1], &mask)) != TCL_OK) { - retcode = tcl_ret; - goto finished; - } - - if ((tcl_ret = parse_str(interp, argv[2], &pw)) != TCL_OK) { - retcode = tcl_ret; - goto finished; - } -#ifdef OVERRIDE - if ((tcl_ret = Tcl_GetBoolean(interp, argv[3], &override_qual)) != - TCL_OK) { - retcode = tcl_ret; - goto finished; - } -#endif - -#ifdef OVERRIDE - ret = kadm5_create_principal(server_handle, princ, mask, pw, - override_qual); -#else - ret = kadm5_create_principal(server_handle, princ, mask, pw); -#endif - - if (ret != KADM5_OK) { - stash_error(interp, ret); - retcode = TCL_ERROR; - goto finished; - } - else { - set_ok(interp, "Principal created."); - } - -finished: - if (princ) { - free_principal_ent(&princ); - } - return retcode; -} - - - -static int tcl_kadm5_delete_principal(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - krb5_principal princ; - krb5_error_code krb5_ret; - kadm5_ret_t ret; - int tcl_ret; - char *name; - - GET_HANDLE(1, 0); - - if((tcl_ret = parse_str(interp, argv[0], &name)) != TCL_OK) - return tcl_ret; - if(name != NULL) { - if ((krb5_ret = krb5_parse_name(context, name, &princ))) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing principal"); - return TCL_ERROR; - } - } else princ = NULL; - ret = kadm5_delete_principal(server_handle, princ); - - if(princ != NULL) - krb5_free_principal(context, princ); - - if (ret != KADM5_OK) { - stash_error(interp, ret); - return TCL_ERROR; - } - else { - set_ok(interp, "Principal deleted."); - return TCL_OK; - } -} - - - -static int tcl_kadm5_modify_principal(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - char *princ_string; - kadm5_principal_ent_t princ = 0; - int tcl_ret; - krb5_int32 mask; - int retcode = TCL_OK; - kadm5_ret_t ret; - - GET_HANDLE(2, 0); - - if ((tcl_ret = parse_str(interp, argv[0], &princ_string)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing principal"); - return tcl_ret; - } - - if (princ_string && - ((tcl_ret = parse_principal_ent(interp, princ_string, &princ)) - != TCL_OK)) { - return tcl_ret; - } - - if ((tcl_ret = parse_principal_mask(interp, argv[1], &mask)) != TCL_OK) { - retcode = TCL_ERROR; - goto finished; - } - - ret = kadm5_modify_principal(server_handle, princ, mask); - - if (ret != KADM5_OK) { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - else { - set_ok(interp, "Principal modified."); - } - -finished: - if (princ) { - free_principal_ent(&princ); - } - return retcode; -} - - -static int tcl_kadm5_rename_principal(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - krb5_principal source, target; - krb5_error_code krb5_ret; - kadm5_ret_t ret; - int retcode = TCL_OK; - - GET_HANDLE(2, 0); - - if ((krb5_ret = krb5_parse_name(context, argv[0], &source)) != 0) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing source"); - return TCL_ERROR; - } - - if ((krb5_ret = krb5_parse_name(context, argv[1], &target)) != 0) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing target"); - krb5_free_principal(context, source); - return TCL_ERROR; - } - - ret = kadm5_rename_principal(server_handle, source, target); - - if (ret == KADM5_OK) { - set_ok(interp, "Principal renamed."); - } - else { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - - krb5_free_principal(context, source); - krb5_free_principal(context, target); - return retcode; -} - - - -static int tcl_kadm5_chpass_principal(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - krb5_principal princ; - char *pw; -#ifdef OVERRIDE - int override_qual; -#endif - krb5_error_code krb5_ret; - int retcode = TCL_OK; - kadm5_ret_t ret; - - GET_HANDLE(2, 0); - - if ((krb5_ret = krb5_parse_name(context, argv[0], &princ)) != 0) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing principal name"); - return TCL_ERROR; - } - - if (parse_str(interp, argv[1], &pw) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing password"); - retcode = TCL_ERROR; - goto finished; - } - -#ifdef OVERRIDE - if (Tcl_GetBoolean(interp, argv[2], &override_qual) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing override_qual"); - retcode = TCL_ERROR; - goto finished; - } - - ret = kadm5_chpass_principal(server_handle, - princ, pw, override_qual); -#else - ret = kadm5_chpass_principal(server_handle, princ, pw); -#endif - - if (ret == KADM5_OK) { - set_ok(interp, "Password changed."); - goto finished; - } - else { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - -finished: - krb5_free_principal(context, princ); - return retcode; -} - - - -static int tcl_kadm5_chpass_principal_util(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - krb5_principal princ; - char *new_pw; -#ifdef OVERRIDE - int override_qual; -#endif - char *pw_ret, *pw_ret_var; - char msg_ret[1024], *msg_ret_var; - krb5_error_code krb5_ret; - kadm5_ret_t ret; - int retcode = TCL_OK; - - GET_HANDLE(4, 0); - - if ((krb5_ret = krb5_parse_name(context, argv[0], &princ)) != 0) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing principal name"); - return TCL_ERROR; - } - - if (parse_str(interp, argv[1], &new_pw) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing new password"); - retcode = TCL_ERROR; - goto finished; - } -#ifdef OVERRIDE - if (Tcl_GetBoolean(interp, argv[2], &override_qual) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing override_qual"); - retcode = TCL_ERROR; - goto finished; - } -#endif - if (parse_str(interp, argv[3], &pw_ret_var) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing pw_ret variable name"); - retcode = TCL_ERROR; - goto finished; - } - - if (parse_str(interp, argv[4], &msg_ret_var) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing msg_ret variable name"); - retcode = TCL_ERROR; - goto finished; - } - - ret = kadm5_chpass_principal_util(server_handle, princ, new_pw, -#ifdef OVERRIDE - override_qual, -#endif - pw_ret_var ? &pw_ret : 0, - msg_ret_var ? msg_ret : 0, - msg_ret_var ? sizeof(msg_ret) : 0); - - if (ret == KADM5_OK) { - if (pw_ret_var && - (! Tcl_SetVar(interp, pw_ret_var, pw_ret, - TCL_LEAVE_ERR_MSG))) { - Tcl_AppendElement(interp, "while setting pw_ret variable"); - retcode = TCL_ERROR; - goto finished; - } - if (msg_ret_var && - (! Tcl_SetVar(interp, msg_ret_var, msg_ret, - TCL_LEAVE_ERR_MSG))) { - Tcl_AppendElement(interp, - "while setting msg_ret variable"); - retcode = TCL_ERROR; - goto finished; - } - set_ok(interp, "Password changed."); - } - else { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - -finished: - krb5_free_principal(context, princ); - return retcode; -} - - - -static int tcl_kadm5_randkey_principal(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - krb5_principal princ; - krb5_keyblock *keyblocks; - int num_keys; - char *keyblock_var, *num_var, buf[50]; - Tcl_DString *keyblock_dstring = 0; - krb5_error_code krb5_ret; - kadm5_ret_t ret; - int retcode = TCL_OK; - - GET_HANDLE(3, 0); - - if ((krb5_ret = krb5_parse_name(context, argv[0], &princ)) != 0) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing principal name"); - return TCL_ERROR; - } - - if (parse_str(interp, argv[1], &keyblock_var) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing keyblock variable name"); - retcode = TCL_ERROR; - goto finished; - } - if (parse_str(interp, argv[2], &num_var) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing keyblock variable name"); - retcode = TCL_ERROR; - goto finished; - } - - ret = kadm5_randkey_principal(server_handle, - princ, keyblock_var ? &keyblocks : 0, - &num_keys); - - if (ret == KADM5_OK) { - if (keyblock_var) { - keyblock_dstring = unparse_keyblocks(keyblocks, num_keys); - if (! Tcl_SetVar(interp, keyblock_var, - keyblock_dstring->string, - TCL_LEAVE_ERR_MSG)) { - Tcl_AppendElement(interp, - "while setting keyblock variable"); - retcode = TCL_ERROR; - goto finished; - } - } - if (num_var) { - sprintf(buf, "%d", num_keys); - if (! Tcl_SetVar(interp, num_var, buf, - TCL_LEAVE_ERR_MSG)) { - Tcl_AppendElement(interp, - "while setting num_keys variable"); - } - } - set_ok(interp, "Key randomized."); - } - else { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - -finished: - krb5_free_principal(context, princ); - if (keyblock_dstring) { - Tcl_DStringFree(keyblock_dstring); - free(keyblock_dstring); - } - return retcode; -} - - - -static int tcl_kadm5_get_principal(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - krb5_principal princ; - kadm5_principal_ent_rec ent; - Tcl_DString *ent_dstring = 0; - char *ent_var; - char *name; - krb5_error_code krb5_ret; - int tcl_ret; - kadm5_ret_t ret = -1; - krb5_int32 mask; - int retcode = TCL_OK; - - GET_HANDLE(3, 1); - - if((tcl_ret = parse_str(interp, argv[0], &name)) != TCL_OK) - return tcl_ret; - if(name != NULL) { - if ((krb5_ret = krb5_parse_name(context, name, &princ)) != 0) { - stash_error(interp, krb5_ret); - Tcl_AppendElement(interp, "while parsing principal name"); - return TCL_ERROR; - } - } else princ = NULL; - - if ((tcl_ret = parse_str(interp, argv[1], &ent_var)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing entry variable name"); - retcode = TCL_ERROR; - goto finished; - } - if ((tcl_ret = parse_principal_mask(interp, argv[2], &mask)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing principal mask"); - retcode = TCL_ERROR; - goto finished; - } - - ret = kadm5_get_principal(server_handle, princ, ent_var ? &ent : 0, - mask); - - if (ret == KADM5_OK) { - if (ent_var) { - ent_dstring = unparse_principal_ent(&ent, mask); - if (! Tcl_SetVar(interp, ent_var, ent_dstring->string, - TCL_LEAVE_ERR_MSG)) { - Tcl_AppendElement(interp, - "while setting entry variable"); - retcode = TCL_ERROR; - goto finished; - } - set_ok(interp, "Principal retrieved."); - } - } - else { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - -finished: - if (ent_dstring) { - Tcl_DStringFree(ent_dstring); - free(ent_dstring); - } - if(princ != NULL) - krb5_free_principal(context, princ); - if (ret == KADM5_OK && ent_var && - (ret = kadm5_free_principal_ent(server_handle, &ent)) && - (retcode == TCL_OK)) { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - return retcode; -} - -static int tcl_kadm5_create_policy(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - int tcl_ret; - kadm5_ret_t ret; - int retcode = TCL_OK; - char *policy_string; - kadm5_policy_ent_t policy = 0; - krb5_int32 mask; - - GET_HANDLE(2, 0); - - if ((tcl_ret = parse_str(interp, argv[0], &policy_string)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing policy"); - return tcl_ret; - } - - if (policy_string && - ((tcl_ret = parse_policy_ent(interp, policy_string, &policy)) - != TCL_OK)) { - return tcl_ret; - } - - if ((tcl_ret = parse_policy_mask(interp, argv[1], &mask)) != TCL_OK) { - retcode = tcl_ret; - goto finished; - } - - ret = kadm5_create_policy(server_handle, policy, mask); - - if (ret != KADM5_OK) { - stash_error(interp, ret); - retcode = TCL_ERROR; - goto finished; - } - else { - set_ok(interp, "Policy created."); - } - -finished: - if (policy) { - free_policy_ent(&policy); - } - return retcode; -} - - - -static int tcl_kadm5_delete_policy(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - kadm5_ret_t ret; - char *policy; - - GET_HANDLE(1, 0); - - if (parse_str(interp, argv[0], &policy) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing policy name"); - return TCL_ERROR; - } - - ret = kadm5_delete_policy(server_handle, policy); - - if (ret != KADM5_OK) { - stash_error(interp, ret); - return TCL_ERROR; - } - else { - set_ok(interp, "Policy deleted."); - return TCL_OK; - } -} - - - -static int tcl_kadm5_modify_policy(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - char *policy_string; - kadm5_policy_ent_t policy = 0; - int tcl_ret; - krb5_int32 mask; - int retcode = TCL_OK; - kadm5_ret_t ret; - - GET_HANDLE(2, 0); - - if ((tcl_ret = parse_str(interp, argv[0], &policy_string)) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing policy"); - return tcl_ret; - } - - if (policy_string && - ((tcl_ret = parse_policy_ent(interp, policy_string, &policy)) - != TCL_OK)) { - return tcl_ret; - } - - if ((tcl_ret = parse_policy_mask(interp, argv[1], &mask)) != TCL_OK) { - retcode = TCL_ERROR; - goto finished; - } - - ret = kadm5_modify_policy(server_handle, policy, mask); - - if (ret != KADM5_OK) { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - else { - set_ok(interp, "Policy modified."); - } - -finished: - if (policy) { - free_policy_ent(&policy); - } - return retcode; -} - - -static int tcl_kadm5_get_policy(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - kadm5_policy_ent_rec ent; - Tcl_DString *ent_dstring = 0; - char *policy; - char *ent_var; - kadm5_ret_t ret; - int retcode = TCL_OK; - - GET_HANDLE(2, 1); - - if (parse_str(interp, argv[0], &policy) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing policy name"); - return TCL_ERROR; - } - - if (parse_str(interp, argv[1], &ent_var) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing entry variable name"); - return TCL_ERROR; - } - - ret = kadm5_get_policy(server_handle, policy, ent_var ? &ent : 0); - - if (ret == KADM5_OK) { - if (ent_var) { - ent_dstring = unparse_policy_ent(&ent); - if (! Tcl_SetVar(interp, ent_var, ent_dstring->string, - TCL_LEAVE_ERR_MSG)) { - Tcl_AppendElement(interp, - "while setting entry variable"); - retcode = TCL_ERROR; - goto finished; - } - set_ok(interp, "Policy retrieved."); - } - } - else { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - -finished: - if (ent_dstring) { - Tcl_DStringFree(ent_dstring); - free(ent_dstring); - } - if (ent_var && ret == KADM5_OK && - (ret = kadm5_free_policy_ent(server_handle, &ent)) && - (retcode == TCL_OK)) { - stash_error(interp, ret); - retcode = TCL_ERROR; - } - return retcode; -} - - - -static int tcl_kadm5_free_principal_ent(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - char *ent_name; - kadm5_principal_ent_t ent; - kadm5_ret_t ret; - - GET_HANDLE(1, 0); - - if (parse_str(interp, argv[0], &ent_name) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing entry name"); - return TCL_ERROR; - } - - if ((! ent_name) && - (ret = kadm5_free_principal_ent(server_handle, 0))) { - stash_error(interp, ret); - return TCL_ERROR; - } - else { - Tcl_HashEntry *entry; - - if (strncmp(ent_name, "principal", sizeof("principal")-1)) { - Tcl_AppendResult(interp, "invalid principal handle \"", - ent_name, "\"", 0); - return TCL_ERROR; - } - if (! struct_table) { - if (! (struct_table = malloc(sizeof(*struct_table)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - Tcl_InitHashTable(struct_table, TCL_STRING_KEYS); - } - - if (! (entry = Tcl_FindHashEntry(struct_table, ent_name))) { - Tcl_AppendResult(interp, "principal handle \"", ent_name, - "\" not found", 0); - return TCL_ERROR; - } - - ent = (kadm5_principal_ent_t) Tcl_GetHashValue(entry); - - ret = kadm5_free_principal_ent(server_handle, ent); - if (ret != KADM5_OK) { - stash_error(interp, ret); - return TCL_ERROR; - } - Tcl_DeleteHashEntry(entry); - } - set_ok(interp, "Principal freed."); - return TCL_OK; -} - - -static int tcl_kadm5_free_policy_ent(ClientData clientData, - Tcl_Interp *interp, - int argc, const char *argv[]) -{ - char *ent_name; - kadm5_policy_ent_t ent; - kadm5_ret_t ret; - - GET_HANDLE(1, 0); - - if (parse_str(interp, argv[0], &ent_name) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing entry name"); - return TCL_ERROR; - } - - if ((! ent_name) && - (ret = kadm5_free_policy_ent(server_handle, 0))) { - stash_error(interp, ret); - return TCL_ERROR; - } - else { - Tcl_HashEntry *entry; - - if (strncmp(ent_name, "policy", sizeof("policy")-1)) { - Tcl_AppendResult(interp, "invalid principal handle \"", - ent_name, "\"", 0); - return TCL_ERROR; - } - if (! struct_table) { - if (! (struct_table = malloc(sizeof(*struct_table)))) { - fprintf(stderr, "Out of memory!\n"); - exit(1); /* XXX */ - } - Tcl_InitHashTable(struct_table, TCL_STRING_KEYS); - } - - if (! (entry = Tcl_FindHashEntry(struct_table, ent_name))) { - Tcl_AppendResult(interp, "policy handle \"", ent_name, - "\" not found", 0); - return TCL_ERROR; - } - - ent = (kadm5_policy_ent_t) Tcl_GetHashValue(entry); - - if ((ret = kadm5_free_policy_ent(server_handle, ent)) != KADM5_OK) { - stash_error(interp, ret); - return TCL_ERROR; - } - Tcl_DeleteHashEntry(entry); - } - set_ok(interp, "Policy freed."); - return TCL_OK; -} - - -static int tcl_kadm5_get_privs(ClientData clientData, Tcl_Interp *interp, - int argc, const char *argv[]) -{ - const char *set_ret; - kadm5_ret_t ret; - char *priv_var; - long privs; - - GET_HANDLE(1, 0); - - if (parse_str(interp, argv[0], &priv_var) != TCL_OK) { - Tcl_AppendElement(interp, "while parsing privs variable name"); - return TCL_ERROR; - } - - ret = kadm5_get_privs(server_handle, priv_var ? &privs : 0); - - if (ret == KADM5_OK) { - if (priv_var) { - Tcl_DString *str = unparse_privs(privs); - set_ret = Tcl_SetVar(interp, priv_var, str->string, - TCL_LEAVE_ERR_MSG); - Tcl_DStringFree(str); - free(str); - if (! set_ret) { - Tcl_AppendElement(interp, "while setting priv variable"); - return TCL_ERROR; - } - } - set_ok(interp, "Privileges retrieved."); - return TCL_OK; - } - else { - stash_error(interp, ret); - return TCL_ERROR; - } -} - - -void Tcl_kadm5_init(Tcl_Interp *interp) -{ - char buf[20]; - - Tcl_SetVar(interp, "KADM5_ADMIN_SERVICE", - KADM5_ADMIN_SERVICE, TCL_GLOBAL_ONLY); - Tcl_SetVar(interp, "KADM5_CHANGEPW_SERVICE", - KADM5_CHANGEPW_SERVICE, TCL_GLOBAL_ONLY); - (void) sprintf(buf, "%d", KADM5_STRUCT_VERSION); - Tcl_SetVar(interp, "KADM5_STRUCT_VERSION", buf, TCL_GLOBAL_ONLY); - (void) sprintf(buf, "%d", KADM5_API_VERSION_2); - Tcl_SetVar(interp, "KADM5_API_VERSION_2", buf, TCL_GLOBAL_ONLY); - (void) sprintf(buf, "%d", KADM5_API_VERSION_3); - Tcl_SetVar(interp, "KADM5_API_VERSION_3", buf, TCL_GLOBAL_ONLY); - (void) sprintf(buf, "%d", KADM5_API_VERSION_4); - Tcl_SetVar(interp, "KADM5_API_VERSION_4", buf, TCL_GLOBAL_ONLY); - (void) sprintf(buf, "%d", KADM5_API_VERSION_MASK); - Tcl_SetVar(interp, "KADM5_API_VERSION_MASK", buf, TCL_GLOBAL_ONLY); - (void) sprintf(buf, "%d", KADM5_STRUCT_VERSION_MASK); - Tcl_SetVar(interp, "KADM5_STRUCT_VERSION_MASK", buf, - TCL_GLOBAL_ONLY); - - Tcl_CreateCommand(interp, "kadm5_init", tcl_kadm5_init, 0, 0); - Tcl_CreateCommand(interp, "kadm5_init_with_creds", - tcl_kadm5_init_with_creds, 0, 0); - Tcl_CreateCommand(interp, "kadm5_destroy", tcl_kadm5_destroy, 0, - 0); - Tcl_CreateCommand(interp, "kadm5_create_principal", - tcl_kadm5_create_principal, 0, 0); - Tcl_CreateCommand(interp, "kadm5_delete_principal", - tcl_kadm5_delete_principal, 0, 0); - Tcl_CreateCommand(interp, "kadm5_modify_principal", - tcl_kadm5_modify_principal, 0, 0); - Tcl_CreateCommand(interp, "kadm5_rename_principal", - tcl_kadm5_rename_principal, 0, 0); - Tcl_CreateCommand(interp, "kadm5_chpass_principal", - tcl_kadm5_chpass_principal, 0, 0); - Tcl_CreateCommand(interp, "kadm5_chpass_principal_util", - tcl_kadm5_chpass_principal_util, 0, 0); - Tcl_CreateCommand(interp, "kadm5_randkey_principal", - tcl_kadm5_randkey_principal, 0, 0); - Tcl_CreateCommand(interp, "kadm5_get_principal", - tcl_kadm5_get_principal, 0, 0); - Tcl_CreateCommand(interp, "kadm5_create_policy", - tcl_kadm5_create_policy, 0, 0); - Tcl_CreateCommand(interp, "kadm5_delete_policy", - tcl_kadm5_delete_policy, 0, 0); - Tcl_CreateCommand(interp, "kadm5_modify_policy", - tcl_kadm5_modify_policy, 0, 0); - Tcl_CreateCommand(interp, "kadm5_get_policy", - tcl_kadm5_get_policy, 0, 0); - Tcl_CreateCommand(interp, "kadm5_free_principal_ent", - tcl_kadm5_free_principal_ent, 0, 0); - Tcl_CreateCommand(interp, "kadm5_free_policy_ent", - tcl_kadm5_free_policy_ent, 0, 0); - Tcl_CreateCommand(interp, "kadm5_get_privs", - tcl_kadm5_get_privs, 0, 0); -} diff --git a/src/kadmin/testing/util/tcl_kadm5.h b/src/kadmin/testing/util/tcl_kadm5.h deleted file mode 100644 index 1f91a11a1..000000000 --- a/src/kadmin/testing/util/tcl_kadm5.h +++ /dev/null @@ -1,3 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ - -void Tcl_kadm5_init(Tcl_Interp *interp); diff --git a/src/kadmin/testing/util/tcl_kadm5_syntax b/src/kadmin/testing/util/tcl_kadm5_syntax deleted file mode 100644 index 5f16e58e0..000000000 --- a/src/kadmin/testing/util/tcl_kadm5_syntax +++ /dev/null @@ -1,57 +0,0 @@ -Here's a brief summary of the syntax of the tcl versions of the -kadm5 functions: - -string Can be a string or "null" which will turn into a null pointer -principal_ent A 12-field list in the order of the principal_ent - structure: {string number number number number string - number mask number number string mask} - It can also be "null", like a string, to indicate that - a null structure pointer should be used. -mask Either a number, representing the actual value of the - mask, or a sequence of symbols in a list. Example: - {PRINCIPAL ATTRIBUTES} is a valid principal mask. -boolean "1", "0", "true", "false", etc. -varname The name of a Tcl variable, or "null" to not assign. -policy_ent Similar to principal_ent, but with seven fields, - instead of 12. The first is a string, and the rest - are numbers. - -init - client_name:string pass:string service_name:string - realm:string struct_version:int api_version:int - server_handle_ret:varname -destroy - server_handle:string -create_principal - server_handle:string principal:principal_ent - mask:principal_mask password:string -delete_principal - server_handle:string name:string -modify_principal - server_handle:string principal_principal_ent - mask:principal_mask -rename_principal - server_handle:string source:string target:string -chpass_principal - server_handle:string name:string password:string -chpass_principal_util - server_handle:string name:string password:string - pw_ret:varname msg_ret:varname -randkey_principal - server_handle:string name:string keyblock_var:varname -get_principal [-struct] - server_handle:string name:string princ_var:varname -create_policy - server_handle:string policy:policy_ent mask:policy_mask -delete_policy - server_handle:string name:string -modify_policy - server_handle:string policy:policy_ent mask:policy_mask -get_policy [-struct] - server_handle:string name:string policy_var:varname -free_principal_ent - server_handle:string handle:string -free_policy_ent - server_handle:string handle:string -get_privs - server_handle:string privs:priv_var diff --git a/src/kadmin/testing/util/tcl_krb5_hash.c b/src/kadmin/testing/util/tcl_krb5_hash.c deleted file mode 100644 index 35c6bb0b3..000000000 --- a/src/kadmin/testing/util/tcl_krb5_hash.c +++ /dev/null @@ -1,167 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * All of the TCL krb5 functions which return (or place into output - * variables) structures or pointers to structures that can't be - * represented as tcl native types, do so by returning a handle for - * the appropriate structure. The handle is a string of the form - * "type$id", where "type" is the type of datum represented by the - * handle and "id" is a unique identifier for it. This handle can - * then be used later by the caller to refer to the object, and - * internally to retrieve the actually datum from the appropriate hash - * table. - * - * The functions in this file do four things: - * - * 1) Given a pointer to a datum and a string representing the type of - * datum to which the pointer refers, create a new handle for the - * datum, store the datum in the hash table using the new handle as - * its key, and return the new handle. - * - * 2) Given a handle, locate and return the appropriate hash table - * datum. - * - * 3) Given a handle, look through a table of types and unparse - * functions to figure out what function to call to get a string - * representation of the datum, call it with the appropriate pointer - * (obtained from the hash table) as an argument, and return the - * resulting string as the unparsed form of the datum. - * - * 4) Given a handle, remove that handle and its associated datum from - * the hash table (but don't free it -- it's assumed to have already - * been freed by the caller). - */ - -#if HAVE_TCL_H -#include <tcl.h> -#elif HAVE_TCL_TCL_H -#include <tcl/tcl.h> -#endif -#include <assert.h> - -#define SEP_STR "$" - -static char *memory_error = "out of memory"; - -/* - * Right now, we're only using one hash table. However, at some point - * in the future, we might decide to use a separate hash table for - * every type. Therefore, I'm putting this function in as an - * abstraction so it's the only thing we'll have to change if we - * decide to do that. - * - * Also, this function allows us to put in just one place the code for - * checking to make sure that the hash table exists and initializing - * it if it doesn't. - */ - -static TclHashTable *get_hash_table(Tcl_Interp *interp, - char *type) -{ - static Tcl_HashTable *hash_table = 0; - - if (! hash_table) { - if (! (hash_table = malloc(sizeof(*hash_table)))) { - Tcl_SetResult(interp, memory_error, TCL_STATIC); - return 0; - } - Tcl_InitHashTable(hash_table, TCL_STRING_KEYS); - } - return hash_table; -} - -#define MAX_ID 999999999 -#define ID_BUF_SIZE 10 - -static Tcl_HashEntry *get_new_handle(Tcl_Interp *interp, - char *type) -{ - static unsigned long int id_counter = 0; - Tcl_DString *handle; - char int_buf[ID_BUF_SIZE]; - - if (! (handle = malloc(sizeof(*handle)))) { - Tcl_SetResult(interp, memory_error, TCL_STATIC); - return 0; - } - Tcl_DStringInit(handle); - - assert(id_counter <= MAX_ID); - - sprintf(int_buf, "%d", id_counter++); - - Tcl_DStringAppend(handle, type, -1); - Tcl_DStringAppend(handle, SEP_STR, -1); - Tcl_DStringAppend(handle, int_buf, -1); - - return handle; -} - - -Tcl_DString *tcl_krb5_create_object(Tcl_Interp *interp, - char *type, - ClientData datum) -{ - Tcl_HashTable *table; - Tcl_DString *handle; - Tcl_HashEntry *entry; - int entry_created = 0; - - if (! (table = get_hash_table(interp, type))) { - return 0; - } - - if (! (handle = get_new_handle(interp, type))) { - return 0; - } - - if (! (entry = Tcl_CreateHashEntry(table, handle, &entry_created))) { - Tcl_SetResult(interp, "error creating hash entry", TCL_STATIC); - Tcl_DStringFree(handle); - return TCL_ERROR; - } - - assert(entry_created); - - Tcl_SetHashValue(entry, datum); - - return handle; -} - -ClientData tcl_krb5_get_object(Tcl_Interp *interp, - char *handle) -{ - char *myhandle, *id_ptr; - Tcl_HashTable *table; - Tcl_HashEntry *entry; - - if (! (myhandle = strdup(handle))) { - Tcl_SetResult(interp, memory_error, TCL_STATIC); - return 0; - } - - if (! (id_ptr = index(myhandle, *SEP_STR))) { - free(myhandle); - Tcl_ResetResult(interp); - Tcl_AppendResult(interp, "malformatted handle \"", handle, - "\"", 0); - return 0; - } - - *id_ptr = '\0'; - - if (! (table = get_hash_table(interp, myhandle))) { - free(myhandle); - return 0; - } - - free(myhandle); - - if (! (entry = Tcl_FindHashEntry(table, handle))) { - Tcl_ResetResult(interp); - Tcl_AppendResult(interp, "no object corresponding to handle \"", - handle, "\"", 0); - return 0; - } - - return(Tcl_GetHashValue(entry)); -} diff --git a/src/kadmin/testing/util/test.c b/src/kadmin/testing/util/test.c deleted file mode 100644 index 37e49d680..000000000 --- a/src/kadmin/testing/util/test.c +++ /dev/null @@ -1,38 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include "autoconf.h" -#if HAVE_TCL_H -#include <tcl.h> -#elif HAVE_TCL_TCL_H -#include <tcl/tcl.h> -#endif -#include "tcl_kadm5.h" - -#define _TCL_MAIN ((TCL_MAJOR_VERSION * 100 + TCL_MINOR_VERSION) >= 704) - -#if _TCL_MAIN -int -main(argc, argv) - int argc; /* Number of command-line arguments. */ - char **argv; /* Values of command-line arguments. */ -{ - Tcl_Main(argc, argv, Tcl_AppInit); - return 0; /* Needed only to prevent compiler warning. */ -} -#else -/* - * The following variable is a special hack that allows applications - * to be linked using the procedure "main" from the Tcl library. The - * variable generates a reference to "main", which causes main to - * be brought in from the library (and all of Tcl with it). - */ - -extern int main(); -int *tclDummyMainPtr = (int *) main; -#endif - -int Tcl_AppInit(Tcl_Interp *interp) -{ - Tcl_kadm5_init(interp); - - return(TCL_OK); -} diff --git a/src/lib/kadm5/Makefile.in b/src/lib/kadm5/Makefile.in index f94c0a7da..3ff71c42b 100644 --- a/src/lib/kadm5/Makefile.in +++ b/src/lib/kadm5/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)kadm5 BUILDTOP=$(REL)..$(S).. -SUBDIRS = clnt srv unit-test +SUBDIRS = clnt srv ##DOSBUILDTOP = ..\.. @@ -98,6 +98,7 @@ generate-files-mac-prerecurse: includes check-windows: clean-unix:: clean-libobjs + $(RM) t_kadm5clnt t_kadm5srv t_kadm5.o clean-windows:: diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/unit-test/Makefile.in deleted file mode 100644 index 68fa097ff..000000000 --- a/src/lib/kadm5/unit-test/Makefile.in +++ /dev/null @@ -1,143 +0,0 @@ -mydir=lib$(S)kadm5$(S)unit-test -BUILDTOP=$(REL)..$(S)..$(S).. -KDB_DEP_LIB=$(DL_LIB) $(THREAD_LINKOPTS) - -SRCS= init-test.c destroy-test.c handle-test.c iter-test.c setkey-test.c \ - randkey-test.c lock-test.c - -# -# The client-side test programs. -# - -init-test: init-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o init-test init-test.o \ - $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS) - -destroy-test: destroy-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o destroy-test destroy-test.o \ - $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS) - -client-handle-test: client-handle-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o client-handle-test client-handle-test.o \ - $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS) - -client-handle-test.o: handle-test.c - $(CC) $(ALL_CFLAGS) -DCLIENT_TEST -o client-handle-test.o -c $(srcdir)/handle-test.c - -client-iter-test: iter-test.o $(KADMLCNT_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o client-iter-test iter-test.o \ - $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS) - -client-setkey-test: setkey-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o client-setkey-test setkey-test.o \ - $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS) - -# -# The server-side test programs. -# - -randkey-test: randkey-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o randkey-test randkey-test.o \ - $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS) - -server-handle-test: handle-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o server-handle-test handle-test.o \ - $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS) - -lock-test: lock-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o lock-test lock-test.o \ - $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS) - -server-iter-test: iter-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o server-iter-test iter-test.o \ - $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS) - -server-setkey-test: setkey-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o server-setkey-test setkey-test.o \ - $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS) - -runenv.exp: Makefile - $(RUN_SETUP); for i in $(RUN_VARS); do \ - eval echo "set env\($$i\) \$$$$i"; done > runenv.exp - -# -# The unit-test targets -# - -check: check-@DO_TEST@ - -check-: - @echo "+++" - @echo "+++ WARNING: lib/kadm5 unit tests not run." - @echo "+++ Either tcl, runtest, or Perl is unavailable." - @echo "+++" - -check-ok unit-test: unit-test-client unit-test-server - -unit-test-client: unit-test-client-setup unit-test-client-body \ - unit-test-client-cleanup - -unit-test-server: unit-test-server-setup unit-test-server-body \ - unit-test-server-cleanup - -test-randkey: randkey-test - $(ENV_SETUP) $(VALGRIND) ./randkey-test - -test-handle-server: server-handle-test - $(ENV_SETUP) $(VALGRIND) ./server-handle-test - -test-handle-client: client-handle-test - $(ENV_SETUP) $(VALGRIND) ./client-handle-test - -test-noauth: init-test - $(ENV_SETUP) $(VALGRIND) ./init-test - -test-destroy: destroy-test - $(ENV_SETUP) $(VALGRIND) ./destroy-test - -test-setkey-client: client-setkey-test - $(ENV_SETUP) $(VALGRIND) ./client-setkey-test testkeys admin admin - -unit-test-client-setup: runenv.sh - $(ENV_SETUP) $(VALGRIND) $(START_SERVERS) - -unit-test-client-cleanup: - $(ENV_SETUP) $(STOP_SERVERS) - -unit-test-server-setup: runenv.sh - $(ENV_SETUP) $(VALGRIND) $(START_SERVERS_LOCAL) - -unit-test-server-cleanup: - $(ENV_SETUP) $(STOP_SERVERS_LOCAL) - -unit-test-client-body: site.exp test-noauth test-destroy test-handle-client \ - test-setkey-client runenv.exp - $(ENV_SETUP) $(RUNTEST) --tool api RPC=1 API=$(CLNTTCL) \ - KINIT=$(BUILDTOP)/clients/kinit/kinit \ - KDESTROY=$(BUILDTOP)/clients/kdestroy/kdestroy \ - KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local \ - PRIOCNTL_HACK=@PRIOCNTL_HACK@ VALGRIND="$(VALGRIND)" \ - $(RUNTESTFLAGS) - -mv api.log capi.log - -mv api.sum capi.sum - -unit-test-server-body: site.exp test-handle-server lock-test - $(ENV_SETUP) $(RUNTEST) --tool api RPC=0 API=$(SRVTCL) \ - LOCKTEST=./lock-test \ - KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local \ - PRIOCNTL_HACK=@PRIOCNTL_HACK@ VALGRIND="$(VALGRIND)" \ - $(RUNTESTFLAGS) - -mv api.log sapi.log - -mv api.sum sapi.sum - -clean: - $(RM) init-test client_init.o init-test.o - $(RM) destroy-test destroy-test.o - $(RM) client-handle-test handle-test.o client-handle-test.o - $(RM) client-iter-test iter-test.o - $(RM) randkey-test randkey-test.o - $(RM) server-handle-test handle-test.o - $(RM) lock-test lock-test.o - $(RM) server-iter-test iter-test.o - $(RM) server-setkey-test client-setkey-test setkey-test.o - $(RM) *.log *.plog *.sum *.psum unit-test-log.* runenv.exp diff --git a/src/lib/kadm5/unit-test/api.2/crte-policy.exp b/src/lib/kadm5/unit-test/api.2/crte-policy.exp deleted file mode 100644 index 4902ea59f..000000000 --- a/src/lib/kadm5/unit-test/api.2/crte-policy.exp +++ /dev/null @@ -1,927 +0,0 @@ -load_lib lib.t -api_exit -api_start - -# Description: (1) Fails for mask with undefined bit set. -# 01/24/94: pshuang: untried. -test "create-policy 1" -proc test1 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete policy \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - 0xF01000 - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test1 - -# Description: (2) Fails if caller connected with CHANGEPW_SERVICE. -test "create-policy 2" -proc test2 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy"; - return - } -} -if {$RPC} { test2 } - -# Description: (3) Fails for mask without POLICY bit set. -# 01/24/94: pshuang: untried. -test "create-policy 3" -proc test3 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete policy \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - 0x000000 - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test3 - -# Description: (5) Fails for invalid policy name. -# 01/24/94: pshuang: untried. -test "create-policy 5" -proc test5 {} { - global test - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/"] \ - {KADM5_POLICY} - } $test] "BAD_POLICY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test5 - -# Description: (6) Fails for existing policy name. -test "create-policy 6" -proc test6 {} { - global test -# set prms_id 777 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_policy $server_handle [simple_policy test-pol] \ - {KADM5_POLICY} - } "DUP" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test6 - -# Description: (7) Fails for null policy name. -# 01/24/94: pshuang: untried. -test "create-policy 7" -proc test7 {} { - global test -# set prms_id 1977 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_policy $server_handle [simple_policy null] \ - {KADM5_POLICY} - } "EINVAL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test7 - -# Description: (8) Fails for empty-string policy name. -test "create-policy 8" -proc test8 {} { - global test - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_policy $server_handle [simple_policy ""] \ - {KADM5_POLICY} - } "BAD_POLICY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test8 - -# Description: (9) Accepts 0 for pw_min_life. -test "create-policy 9" -proc test9 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_MIN_LIFE} - } $test]]} { - fail "$test: create failed" - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -# Description: (10) Accepts non-zero for pw_min_life. -test "create-policy 10" -proc test10 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 32 0 0 0 0 0 } \ - {KADM5_POLICY KADM5_PW_MIN_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - -# Description: (11) Accepts 0 for pw_max_life. -test "create-policy 11" -proc test11 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_MAX_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -# Description: (12) Accepts non-zero for pw_max_life. -test "create-policy 12" -proc test12 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 32 0 0 0 0 } \ - {KADM5_POLICY KADM5_PW_MAX_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -# Description: (13) Rejects 0 for pw_min_length. -test "create-policy 13" -proc test13 {} { - global test - global prompt - - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_MIN_LENGTH} - } $test] "BAD_LENGTH" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -# Description: (14) Accepts non-zero for pw_min_length. -test "create-policy 14" -proc test14 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 8 0 0 0 } \ - {KADM5_POLICY KADM5_PW_MIN_LENGTH} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 3\n" - expect { - -re "8\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -# Description: (15) Rejects 0 for pw_min_classes. -test "create-policy 15" -proc test15 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -# Description: (16) Accepts 1 for pw_min_classes. -test "create-policy 16" -proc test16 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 1 0 0 } \ - {KADM5_POLICY KADM5_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -# Description: (17) Accepts 4 for pw_min_classes. -test "create-policy 17" -proc test17 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 5 0 0} \ - {KADM5_POLICY KADM5_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "5\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -# Description: (18) Rejects 5 for pw_min_classes. -test "create-policy 18" -proc test18 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 6 0 0} \ - {KADM5_POLICY KADM5_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test18 - -# Description: (19) Rejects 0 for pw_history_num. -test "create-policy 19" -proc test19 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_HISTORY_NUM} - } $test] "BAD_HISTORY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test19 - -# Description: (20) Accepts 1 for pw_history_num. -test "create-policy 20" -proc test20 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 0 1 0} \ - {KADM5_POLICY KADM5_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test20 - -# Description: (21) Accepts 10 for pw_history_num. -test "create-policy 21" -proc test21 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 0 10 0} \ - {KADM5_POLICY KADM5_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "10\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21 - -# Description: (22) Fails for user with no access bits. -test "create-policy 22" -proc test22 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test22 - -# Description: (23) Fails for user with "get" but not "add". -test "create-policy 23" -proc test23 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test23 - -# Description: (24) Fails for user with "modify" but not "add". -# 01/24/94: pshuang: untried. -test "create-policy 24" -proc test24 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test24 - -# Description: (25) Fails for user with "delete" but not "add". -# 01/24/94: pshuang: untried. -test "create-policy 25" -proc test25 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test25 - -# Description: Succeeds for user with "add". -test "create-policy 26" -proc test26 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test26 - -# Description: Succeeds for user with "get" and "add". -# 01/24/94: pshuang: untried. -test "create-policy 27" -proc test27 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/get-add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test27 - -# Description: (28) Rejects null policy argument. -# 01/24/94: pshuang: untried. -test "create-policy 28" -proc test28 {} { - global test - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_policy $server_handle null {KADM5_POLICY} - } "EINVAL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "create-policy 30" -proc test30 {} { - global test - one_line_fail_test [format { - kadm5_create_policy null [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "BAD_SERVER_HANDLE" -} -test30 - -return "" diff --git a/src/lib/kadm5/unit-test/api.2/get-policy.exp b/src/lib/kadm5/unit-test/api.2/get-policy.exp deleted file mode 100644 index 83aef80e8..000000000 --- a/src/lib/kadm5/unit-test/api.2/get-policy.exp +++ /dev/null @@ -1,199 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "get-policy 3" -proc test3 {} { - global test -# set prms_id 744 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {kadm5_get_policy $server_handle "" p} "BAD_POLICY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test3 - -test "get-policy 6" -proc test6 {} { - global test - - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test6 - -test "get-policy 7" -proc test7 {} { - global test - - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test7 - -test "get-policy 11" -proc test11 {} { - global test - - if {! [cmd { - kadm5_init admin/get-pol StupidAdmin $KADM5_ADMIN_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_get_policy $server_handle test-pol p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -test "get-policy 12" -proc test12 {} { - global test - - if {! [cmd { - kadm5_init admin/get-pol StupidAdmin \ - $KADM5_CHANGEPW_SERVICE null $KADM5_STRUCT_VERSION \ - $KADM5_API_VERSION_2 server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {kadm5_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "get-policy 15" -proc test15 {} { - global test - - if {! [cmd { - kadm5_init admin/pol StupidAdmin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {kadm5_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "get-policy 16" -proc test16 {} { - global test - - if {! [cmd { - kadm5_init admin/pol StupidAdmin $KADM5_CHANGEPW_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {kadm5_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -test "get-policy 17" -proc test17 {} { - global test - - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_get_policy $server_handle test-pol p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -test "get-policy 18" -proc test18 {} { - global test - - if {! [cmd { - kadm5_init admin/get admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test18 - -test "get-policy 21" -proc test21 {} { - global test - - one_line_fail_test {kadm5_get_policy null "pol1" p} "BAD_SERVER_HANDLE" -} -test21 diff --git a/src/lib/kadm5/unit-test/api.2/mod-policy.exp b/src/lib/kadm5/unit-test/api.2/mod-policy.exp deleted file mode 100644 index 904edca8a..000000000 --- a/src/lib/kadm5/unit-test/api.2/mod-policy.exp +++ /dev/null @@ -1,675 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "modify-policy 2" -proc test2 {} { - global test - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test2 } - -test "modify-policy 8" -proc test8 {} { - global test -# set prms_id 744 -# setup_xfail {*-*-*} $prms_id - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_modify_policy $server_handle [simple_policy ""] \ - {KADM5_PW_MAX_LIFE} - } "BAD_POLICY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test8 - -test "modify-policy 9" -proc test9 {} { - global test - global prompt - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MIN_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -test "modify-policy 10" -proc test10 {} { - global test - global prompt - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 32 0 0 0 0 0} \ - {KADM5_PW_MIN_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - - -test "modify-policy 11" -proc test11 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -test "modify-policy 12" -proc test12 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 32 0 0 0 0} \ - {KADM5_PW_MAX_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "modify-policy 13" -proc test13 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MIN_LENGTH} - } $test] "BAD_LENGTH" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -test "modify-policy 14" -proc test14 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 8 0 0 0} \ - {KADM5_PW_MIN_LENGTH} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 3\n" - expect { - -re "8\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -test "modify-policy 15" -proc test15 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "modify-policy 16" -proc test16 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0} \ - {KADM5_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -test "modify-policy 17" -proc test17 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 5 0 0} \ - {KADM5_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "5\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -test "modify-policy 18" -proc test18 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 6 0 0} \ - {KADM5_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test18 - -test "modify-policy 19" -proc test19 {} { - global test - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_HISTORY_NUM} - } $test] "BAD_HISTORY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test19 - -test "modify-policy 20" -proc test20 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 1 0} \ - {KADM5_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test20 - -test "modify-policy 21" -proc test21 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 10 0} \ - {KADM5_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "10\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21 - -test "modify-policy 22" -proc test22 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test22 - -test "modify-policy 23" -proc test23 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test23 - -test "modify-policy 26" -proc test26 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test26 - -test "modify-policy 30" -proc test30 {} { - global test - - one_line_fail_test [format { - kadm5_modify_policy null [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] "BAD_SERVER_HANDLE" -} -test30 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp deleted file mode 100644 index 740425c69..000000000 --- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp +++ /dev/null @@ -1,68 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "chpass-principal 200" -proc test200 {} { - global test prompt - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal "$test/a"]} { - error_and_restart "$test: creating principal" - return - } - - # I'd like to specify a long list of keysalt tuples and make sure - # that chpass does the right thing, but we can only use those - # enctypes that krbtgt has a key for: the AES enctypes, according to - # the prototype kdc.conf. - if {! [cmd [format { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_chpass_principal $server_handle "%s/a" newpassword - } $test]]} { - perror "$test: unexpected failure in chpass_principal" - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" p \ - {KADM5_PRINCIPAL_NORMAL_MASK KADM5_KEY_DATA} - } $test]]} { - perror "$test: unexpected failure in get_principal" - } - send "lindex \$p 16\n" - expect { - -re "(\[0-9\]+)\n$prompt" { set num_keys $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting num_keys" - return - } - eof { - error_and_restart "$test: eof getting num_keys" - return - } - } - - # XXX Perhaps I should actually check the key type returned. - if {$num_keys == 5} { - pass "$test" - } else { - fail "$test: $num_keys keys, should be 5" - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test200 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal.exp deleted file mode 100644 index 47a19dc20..000000000 --- a/src/lib/kadm5/unit-test/api.current/chpass-principal.exp +++ /dev/null @@ -1,176 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "chpass-principal 180" -proc test180 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_chpass_principal $server_handle "%s/a" FoobarBax - } $test] - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test180 } - -test "chpass-principal 180.5" -proc test1805 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_chpass_principal $server_handle "%s/a" FoobarBax - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test1805 } - -# -# admin with changepw service tickets try to change other principals -# password, fails with AUTH error -test "chpass-principal 180.625" -proc test180625 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_chpass_principal $server_handle "%s/a" password - } $test] "AUTH" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test180625 } - -test "chpass-principal 180.75" -proc test18075 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_chpass_principal $server_handle "%s/a" Foobar - } $test] "AUTH_CHANGEPW" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test18075 } - -test "chpass-principal 182" -proc test182 {} { - global test - - if { ! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_chpass_principal $server_handle kadmin/history password - } "PROTECT" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test182 - -test "chpass-principal 183" -proc test183 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if { ! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_chpass_principal null "%s/a" password - } $test] "BAD_SERVER_HANDLE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test183 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/crte-policy.exp b/src/lib/kadm5/unit-test/api.current/crte-policy.exp deleted file mode 100644 index 7e1eda63f..000000000 --- a/src/lib/kadm5/unit-test/api.current/crte-policy.exp +++ /dev/null @@ -1,927 +0,0 @@ -load_lib lib.t -api_exit -api_start - -# Description: (1) Fails for mask with undefined bit set. -# 01/24/94: pshuang: untried. -test "create-policy 1" -proc test1 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete policy \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - 0xF01000 - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test1 - -# Description: (2) Fails if caller connected with CHANGEPW_SERVICE. -test "create-policy 2" -proc test2 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy"; - return - } -} -if {$RPC} { test2 } - -# Description: (3) Fails for mask without POLICY bit set. -# 01/24/94: pshuang: untried. -test "create-policy 3" -proc test3 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete policy \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - 0x000000 - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test3 - -# Description: (5) Fails for invalid policy name. -# 01/24/94: pshuang: untried. -test "create-policy 5" -proc test5 {} { - global test - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/"] \ - {KADM5_POLICY} - } $test] "BAD_POLICY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test5 - -# Description: (6) Fails for existing policy name. -test "create-policy 6" -proc test6 {} { - global test -# set prms_id 777 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_policy $server_handle [simple_policy test-pol] \ - {KADM5_POLICY} - } "DUP" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test6 - -# Description: (7) Fails for null policy name. -# 01/24/94: pshuang: untried. -test "create-policy 7" -proc test7 {} { - global test -# set prms_id 1977 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_policy $server_handle [simple_policy null] \ - {KADM5_POLICY} - } "EINVAL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test7 - -# Description: (8) Fails for empty-string policy name. -test "create-policy 8" -proc test8 {} { - global test - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_policy $server_handle [simple_policy ""] \ - {KADM5_POLICY} - } "BAD_POLICY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test8 - -# Description: (9) Accepts 0 for pw_min_life. -test "create-policy 9" -proc test9 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_MIN_LIFE} - } $test]]} { - fail "$test: create failed" - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -# Description: (10) Accepts non-zero for pw_min_life. -test "create-policy 10" -proc test10 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 32 0 0 0 0 0 } \ - {KADM5_POLICY KADM5_PW_MIN_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - -# Description: (11) Accepts 0 for pw_max_life. -test "create-policy 11" -proc test11 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_MAX_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -# Description: (12) Accepts non-zero for pw_max_life. -test "create-policy 12" -proc test12 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 32 0 0 0 0 } \ - {KADM5_POLICY KADM5_PW_MAX_LIFE} - } $test]]} { - fail "$test" - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -# Description: (13) Rejects 0 for pw_min_length. -test "create-policy 13" -proc test13 {} { - global test - global prompt - - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_MIN_LENGTH} - } $test] "BAD_LENGTH" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -# Description: (14) Accepts non-zero for pw_min_length. -test "create-policy 14" -proc test14 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 8 0 0 0 } \ - {KADM5_POLICY KADM5_PW_MIN_LENGTH} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 3\n" - expect { - -re "8\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -# Description: (15) Rejects 0 for pw_min_classes. -test "create-policy 15" -proc test15 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -# Description: (16) Accepts 1 for pw_min_classes. -test "create-policy 16" -proc test16 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 1 0 0 } \ - {KADM5_POLICY KADM5_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -# Description: (17) Accepts 4 for pw_min_classes. -test "create-policy 17" -proc test17 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 5 0 0} \ - {KADM5_POLICY KADM5_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "5\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -# Description: (18) Rejects 5 for pw_min_classes. -test "create-policy 18" -proc test18 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 6 0 0} \ - {KADM5_POLICY KADM5_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test18 - -# Description: (19) Rejects 0 for pw_history_num. -test "create-policy 19" -proc test19 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY KADM5_PW_HISTORY_NUM} - } $test] "BAD_HISTORY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test19 - -# Description: (20) Accepts 1 for pw_history_num. -test "create-policy 20" -proc test20 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 0 1 0} \ - {KADM5_POLICY KADM5_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retreuve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test20 - -# Description: (21) Accepts 10 for pw_history_num. -test "create-policy 21" -proc test21 {} { - global test - global prompt - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_policy $server_handle {"%s/a" 0 0 0 0 10 0} \ - {KADM5_POLICY KADM5_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "10\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21 - -# Description: (22) Fails for user with no access bits. -test "create-policy 22" -proc test22 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test22 - -# Description: (23) Fails for user with "get" but not "add". -test "create-policy 23" -proc test23 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test23 - -# Description: (24) Fails for user with "modify" but not "add". -# 01/24/94: pshuang: untried. -test "create-policy 24" -proc test24 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test24 - -# Description: (25) Fails for user with "delete" but not "add". -# 01/24/94: pshuang: untried. -test "create-policy 25" -proc test25 {} { - global test - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test25 - -# Description: Succeeds for user with "add". -test "create-policy 26" -proc test26 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test26 - -# Description: Succeeds for user with "get" and "add". -# 01/24/94: pshuang: untried. -test "create-policy 27" -proc test27 {} { - global test - - if {! (( ! [policy_exists "$test/a"]) || - [delete_policy "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/get-add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_create_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test27 - -# Description: (28) Rejects null policy argument. -# 01/24/94: pshuang: untried. -test "create-policy 28" -proc test28 {} { - global test - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_policy $server_handle null {KADM5_POLICY} - } "EINVAL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "create-policy 30" -proc test30 {} { - global test - one_line_fail_test [format { - kadm5_create_policy null [simple_policy "%s/a"] \ - {KADM5_POLICY} - } $test] "BAD_SERVER_HANDLE" -} -test30 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/crte-principal.exp b/src/lib/kadm5/unit-test/api.current/crte-principal.exp deleted file mode 100644 index d6d6809ec..000000000 --- a/src/lib/kadm5/unit-test/api.current/crte-principal.exp +++ /dev/null @@ -1,1336 +0,0 @@ -load_lib lib.t -api_exit -api_start - -#test "create-principal 1" -# -#proc test1 {} { -# global test -# begin_dump -# one_line_fail_test [format { -# kadm5_create_principal $server_handle \ -# [simple_principal "%s/a"] {KADM5_PRINCIPAL} "%s/a" -# } $test $test] "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test1 - -# v2 create-principal 3 test, to avoid name conflict -test "create-principal 1" -proc test1 {} { - global test -# set prms_id 777 -# setup_xfail {*-*-*} $prms_id - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} null - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test1 - -test "create-principal 2" - -proc test2 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_create_principal $server_handle null \ - {KADM5_PRINCIPAL} testpass - } "EINVAL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test2 - -test "create-principal 4" -proc test4 {} { - global test - - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} "" - } $test] "_Q_TOOSHORT" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test4 - -test "create-principal 5" -proc test5 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle \ - [simple_principal "%s/a"] {0x100001} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test5 - -test "create-principal 6" -proc test6 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_LAST_PWD_CHANGE} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test6 - -test "create-principal 7" -proc test7 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_MOD_TIME} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test7 - -test "create-principal 8" -proc test8 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_MOD_NAME} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test8 - -test "create-principal 9" -proc test9 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_MKVNO} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test9 - -test "create-principal 10" -proc test10 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_AUX_ATTRIBUTES} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test10 - -test "create-principal 11" -proc test11 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_POLICY_CLR} "%s/a" - } $test $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test11 - -test "create-principal 12" -proc test12 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" - -} -if {$RPC} { test12 } - -test "create-principal 13" -proc test13 {} { - global test - begin_dump - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -if {$RPC} { test13 } - -test "create-principal 14" -proc test14 {} { - global test - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -if {$RPC} { test14 } - -test "create-principal 15" -proc test15 {} { - global test - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -if {$RPC} { test15 } - -test "create-principal 16" -proc test16 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test] "AUTH_ADD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -if {$RPC} { test16 } - -test "create-principal 17" -proc test17 {} { - global test - - begin_dump - if {! (( [principal_exists "$test/a"]) || [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test] "DUP" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test17 - -test "create-principal 18" -proc test18 {} { - global test - - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {KADM5_PRINCIPAL KADM5_POLICY} tP - } $test] "_Q_TOOSHORT" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test18 - -test "create-principal 19" -proc test19 {} { - global test - - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {KADM5_PRINCIPAL KADM5_POLICY} testpassword - } $test] "_Q_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test19 - -test "create-principal 20" -proc test20 {} { - global test - - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {KADM5_PRINCIPAL KADM5_POLICY} Abyssinia - } $test] "_Q_DICT" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test20 - -test "create-principal 21" -proc test21 {} { - global test - - begin_dump - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_create_principal $server_handle \ - [princ_w_pol "%s/a" non-existant-pol] \ - {KADM5_PRINCIPAL KADM5_POLICY} NotinTheDictionary - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - end_dump_compare "no-diffs" -} -test21 - -test "create-principal 23" -proc test23 {} { - global test - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - one_line_succeed_test \ - [format {kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK} $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test23 - -test "create-principal 24" -proc test24 {} { - global test - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/rename admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - one_line_succeed_test \ - [format {kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK} $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test24 } - - -test "create-principal 28" -proc test28 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - - if {! [cmd [format { - kadm5_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {KADM5_PRINCIPAL KADM5_POLICY} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return - } - send "lindex \$principal 10\n" - expect { - -re "test-pol.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "create-principal 29" -proc test29 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL KADM5_PRINC_EXPIRE_TIME} \ - inTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 1\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test29 - -test "create-principal 30" -proc test30 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL KADM5_PW_EXPIRATION} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test30 - -test "create-principal 31" -proc test31 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol-nopw] \ - {KADM5_PRINCIPAL KADM5_POLICY \ - KADM5_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test31 - -test "create-principal 32" -proc test32 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle \ - [princ_w_pol "%s/a" test-pol] \ - {KADM5_PRINCIPAL KADM5_POLICY \ - KADM5_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} { - error_and_restart "$test: cannot retrieve policy" - return - } - - send "lindex \$principal 6\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting mod_date" - return - } - eof { - error_and_restart "$test: eof getting mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { $pw_expire != 0 } { - fail "$test: pw_expire $pw_expire should be 0" - return - } else { - pass "$test" - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test32 - -test "create-principal 33" -proc test33 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle \ - {"%s/a" 0 0 1234 0 null 0 0 0 0 null 0} \ - {KADM5_PRINCIPAL KADM5_PW_EXPIRATION} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "1234.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test33 - -test "create-principal 34" -proc test34 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle \ - { "%s/a" 0 0 1234 0 null 0 0 0 0 test-pol-nopw 0} \ - {KADM5_PRINCIPAL KADM5_POLICY \ - KADM5_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "1234.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test34 - -test "create-principal 35" -proc test35 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle \ - {"%s/a" 0 0 1234 0 null 0 0 0 0 test-pol 0} \ - {KADM5_PRINCIPAL KADM5_POLICY \ - KADM5_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "1234.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test35 - -test "create-principal 36" -proc test36 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle \ - {"%s/a" 0 0 999999999 0 null 0 0 0 0 test-pol 0} \ - {KADM5_PRINCIPAL KADM5_POLICY \ - KADM5_PW_EXPIRATION} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - if { ! [cmd {kadm5_get_policy $server_handle test-pol policy} ]} { - error_and_restart "$test: cannot retrieve policy" - return - } - - send "lindex \$principal 6\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting mod_date" - return - } - eof { - error_and_restart "$test: eof getting mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { $pw_expire != 999999999 } { - fail "$test: pw_expire is wrong" - return - } else { - pass "$test" - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test36 - -test "create-principal 37" -proc test37 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test37 - -test "create-principal 38" -proc test38 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [princ_w_pol "%s/a" \ - test-pol-nopw] {KADM5_PRINCIPAL KADM5_POLICY} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 3\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test38 - -test "create-principal 39" -proc test39 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {KADM5_PRINCIPAL KADM5_POLICY} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if { ! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: cannot not retrieve principal" - return - } - if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} { - error_and_restart "$test: cannot retrieve policy" - return - } - send "lindex \$principal 6\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting mod_date" - return - } - eof { - error_and_restart "$test: eof getting mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { [expr "$mod_date + $pw_max_life - $pw_expire"] > 5 } { - fail "$test: pw_expire is wrong" - return - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test39 - -test "create-principal 40" -proc test40 {} { - global test - global prompt - - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL KADM5_PW_EXPIRATION} \ - NotinTheDictionary - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - fail "$test: can not retrieve principal" - return; - } - send "lindex \$principal 4\n" - expect { - -re "0.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test40 - -test "create-principal 43" -proc test43 {} { - global test - one_line_fail_test [format { - kadm5_create_principal null \ - [simple_principal "%s/a"] {KADM5_PRINCIPAL} "%s/a" - } $test $test] "BAD_SERVER_HANDLE" -} -test43 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/destroy.exp b/src/lib/kadm5/unit-test/api.current/destroy.exp deleted file mode 100644 index a3e2bfc59..000000000 --- a/src/lib/kadm5/unit-test/api.current/destroy.exp +++ /dev/null @@ -1,203 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "destroy 1" - -proc test1 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_destroy $server_handle} - end_dump_compare "no-diffs" -} -test1 - -#test "destroy 2" -# -#proc test2 {} { -# global test -# begin_dump -# if {! [cmd { -# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# }]} { -# perror "$test: unexpected failure on init" -# return -# } -# if {! [cmd {kadm5_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# return -# } -# one_line_fail_test \ -# {kadm5_get_principal $server_handle admin principal} \ -# "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test2 - -#test "destroy 3" -#proc test3 {} { -# global test -# -# begin_dump -# if {! (( ! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} { -# error_and_restart "$test couldn't delete principal \"$test/a\"" -# return -# } -# if {! [cmd { -# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# }]} { -# perror "$test: unexpected failure on init" -# return -# } -# if {! [cmd {kadm5_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# return -# } -# one_line_fail_test [format { -# kadm5_create_principal $server_handle \ -# [simple_principal "%s/a"] {KADM5_PRINCIPAL} "%s/a" -# } $test $test] "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test3 - -#test "destroy 4" -#proc test4 {} { -# global test prompt -# -# if {! (([principal_exists "$test/a"]) || [create_principal "$test/a"])} { -# error_and_restart "$test: couldn't create principal \"$test/a\"" -# return -# } -# begin_dump -# if {! ([cmd { -# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# }] && -# [cmd [format { -# kadm5_get_principal $server_handle "%s/a" principal -# } $test]])} { -# error_and_restart "$test: error getting principal" -# return; -# } -# if {! [cmd {kadm5_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# return -# } -# one_line_fail_test [format { -# kadm5_modify_principal $server_handle \ -# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {KADM5_KVNO} -# } $test "77"] "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test4 - -#test "destroy 5" -# -#proc test5 {} { -# global test -# -# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { -# error_and_restart "$test: couldn't create principal \"$test/a\"" -# return -# } -# begin_dump -# if {! [cmd { -# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# }]} { -# perror "$test: unexpected failure on init" -# return -# } -# if {! [cmd {kadm5_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# return -# } -# one_line_fail_test [format { -# kadm5_delete_principal $server_handle "%s/a" -# } $test] "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test5 - -#test "destroy 6" -# -#proc test6 {} { -# global test -# begin_dump -# one_line_fail_test {kadm5_destroy $server_handle} "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test6 - - -#test "destroy 7" -# -#proc test7 {} { -# global test -# begin_dump -# if {! [cmd { -# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# }]} { -# perror "$test: unexpected failure in init" -# return -# } -# if {! [cmd {kadm5_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# } -# one_line_fail_test {kadm5_destroy $server_handle} "NOT_INIT" -# end_dump_compare "no-diffs" -#} -#test7 - -test "destroy 8" -proc test8 {} { - global test - begin_dump - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } - one_line_succeed_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } - end_dump_compare "no-diffs" -} -test8 - -test "destroy 9" -proc test9 {} { - global test - one_line_fail_test {kadm5_destroy null} "BAD_SERVER_HANDLE" -} -test9 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/dlte-policy.exp b/src/lib/kadm5/unit-test/api.current/dlte-policy.exp deleted file mode 100644 index ad2863d0f..000000000 --- a/src/lib/kadm5/unit-test/api.current/dlte-policy.exp +++ /dev/null @@ -1,208 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "delete-policy 2" -proc test2 {} { - global test -# set prms_id 744 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test \ - {kadm5_delete_policy $server_handle ""} "BAD_POL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test2 - -test "delete-policy 5" -proc test5 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_policy $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if ${RPC} test5 - -test "delete-policy 6" -proc test6 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_policy $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if ${RPC} test6 - -test "delete-policy 7" -proc test7 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_policy $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test7 - -test "delete-policy 10" -proc test10 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_delete_policy $server_handle "%s/a" - } $test]]} { - fail "$test" - return - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - if { [policy_exists "$test/a"]} { - fail "$test" - return - } -} -test10 - -test "delete-policy 12" -proc test12 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [princ_w_pol "%s/a" \ - "%s/a"] {KADM5_PRINCIPAL KADM5_POLICY} \ - NotinTheDictionary - } $test $test]]} { - fail "$test: can not create principal" - return; - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_delete_policy $server_handle "%s/a" - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "delete-policy 13" -proc test13 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - one_line_fail_test [format { - kadm5_delete_policy null "%s/a" - } $test] "BAD_SERVER_HANDLE" -} -test13 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/dlte-principal.exp b/src/lib/kadm5/unit-test/api.current/dlte-principal.exp deleted file mode 100644 index 660468534..000000000 --- a/src/lib/kadm5/unit-test/api.current/dlte-principal.exp +++ /dev/null @@ -1,253 +0,0 @@ -load_lib lib.t - -api_exit -api_start - -#test "delete-principal 1" -#proc test1 {} { -# global test -# one_line_fail_test [format { -# kadm5_delete_principal $server_handle "%s/a" -# } $test] "NOT_INIT" -#} -#test1 - -test "delete-principal 2" -proc test2 {} { - global test - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test \ - {kadm5_delete_principal $server_handle null} "EINVAL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: unexpected failure in destroy" - return - } -} -test2 - -test "delete-principal 5" -proc test5 {} { - global test - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_principal $server_handle "%s/a" - } $test] "UNK_PRINC" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test5 - -test "delete-principal 6" -proc test6 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" test-pol])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/delete admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test6 } - - -test "delete-principal 7" -proc test7 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test7 } - - -test "delete-principal 8" -proc test8 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test8 } - -test "delete-principal 9" -proc test9 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test9 } - -test "delete-principal 10" -proc test10 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_delete_principal $server_handle "%s/a" - } $test] "AUTH_DELETE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test10 } - -test "delete-principal 11" -proc test11 {} { - global test - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_delete_principal $server_handle "%s/a" - } $test]]} { - fail "$test: delete failed" - return; - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - if { [principal_exists "$test/a"] } { - fail "$test" - return - } -} -test11 - -test "delete-principal 13" -proc test13 {} { - global test - one_line_fail_test [format { - kadm5_delete_principal null "%s/a" - } $test] "BAD_SERVER_HANDLE" -} -test13 - -return "" - - - - - diff --git a/src/lib/kadm5/unit-test/api.current/get-policy.exp b/src/lib/kadm5/unit-test/api.current/get-policy.exp deleted file mode 100644 index c15ef0ca2..000000000 --- a/src/lib/kadm5/unit-test/api.current/get-policy.exp +++ /dev/null @@ -1,199 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "get-policy 3" -proc test3 {} { - global test -# set prms_id 744 -# setup_xfail {*-*-*} $prms_id - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {kadm5_get_policy $server_handle "" p} "BAD_POLICY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test3 - -test "get-policy 6" -proc test6 {} { - global test - - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test6 - -test "get-policy 7" -proc test7 {} { - global test - - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test7 - -test "get-policy 11" -proc test11 {} { - global test - - if {! [cmd { - kadm5_init admin/get-pol StupidAdmin $KADM5_ADMIN_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_get_policy $server_handle test-pol p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -test "get-policy 12" -proc test12 {} { - global test - - if {! [cmd { - kadm5_init admin/get-pol StupidAdmin \ - $KADM5_CHANGEPW_SERVICE null $KADM5_STRUCT_VERSION \ - $KADM5_API_VERSION_3 server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {kadm5_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "get-policy 15" -proc test15 {} { - global test - - if {! [cmd { - kadm5_init admin/pol StupidAdmin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {kadm5_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "get-policy 16" -proc test16 {} { - global test - - if {! [cmd { - kadm5_init admin/pol StupidAdmin $KADM5_CHANGEPW_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {kadm5_get_policy $server_handle test-pol-nopw p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -test "get-policy 17" -proc test17 {} { - global test - - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_get_policy $server_handle test-pol p} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -test "get-policy 18" -proc test18 {} { - global test - - if {! [cmd { - kadm5_init admin/get admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test {kadm5_get_policy $server_handle test-pol p} \ - "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } test18 - -test "get-policy 21" -proc test21 {} { - global test - - one_line_fail_test {kadm5_get_policy null "pol1" p} "BAD_SERVER_HANDLE" -} -test21 diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp deleted file mode 100644 index 3ea1ba29b..000000000 --- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp +++ /dev/null @@ -1,250 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "get-principal 100" -proc test100 {} { - global test prompt - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd { - kadm5_get_principal $server_handle testuser p \ - {KADM5_PRINCIPAL_NORMAL_MASK} - }]} { - perror "$test: unexpected failure in get_principal" - } - send "lindex \$p 16\n" - expect { - -re "(\[0-9\]+)\n$prompt" { set num_keys $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting num_keys" - return - } - eof { - error_and_restart "$test: eof getting num_keys" - return - } - } - send "lindex \$p 17\n" - expect { - -re "(\[0-9\]+)\n$prompt" { set num_tl $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting num_tl" - return - } - eof { - error_and_restart "$test: eof getting num_tl" - return - } - } - send "lindex \$p 18\n" - expect { - -re "({.*})\n$prompt" {set key_data $expect_out(1,string) } - -re "\n$prompt" { set key_data {} } - timeout { - error_and_restart "$test: timeout getting key_data" - return - } - eof { - error_and_restart "$test: eof getting key_data" - return - } - } - send "lindex \$p 19\n" - expect { - -re "({.*})\n$prompt" {set tl_data $expect_out(1,string) } - -re "\n$prompt" { set tl_data {} } - timeout { - error_and_restart "$test: timeout getting tl_data" - return - } - eof { - error_and_restart "$test: eof getting tl_data" - return - } - } - - set failed 0 - if {$num_keys != 0} { - fail "$test: num_keys $num_keys should be 0" - set failed 1 - } - if {$num_tl != 0} { - fail "$test: num_tl $num_tl should be 0" - set failed 1 - } - if {$key_data != {}} { - fail "$test: key_data $key_data should be {}" - set failed 1 - } - if {$tl_data != "{}"} { - fail "$test: tl_data $tl_data should be empty" - set failed 1 - } - if {$failed == 0} { - pass "$test" - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test100 - -proc test101_102 {rpc} { - global test prompt - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd { - kadm5_get_principal $server_handle testuser p \ - {KADM5_PRINCIPAL_NORMAL_MASK KADM5_KEY_DATA} - }]} { - perror "$test: unexpected failure in get_principal" - } - send "lindex \$p 16\n" - expect { - -re "(\[0-9\]+)\n$prompt" { set num_keys $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting num_keys" - return - } - eof { - error_and_restart "$test: eof getting num_keys" - return - } - } - send "lindex \$p 18\n" - expect { - -re "({.*})\n$prompt" {set key_data $expect_out(1,string) } - -re "\n$prompt" { set key_data {} } - timeout { - error_and_restart "$test: timeout getting key_data" - return - } - eof { - error_and_restart "$test: eof getting key_data" - return - } - } - - set failed 0 - if {$num_keys != 5} { - fail "$test: num_keys $num_keys should be 5" - set failed 1 - } - for {set i 0} {$i < $num_keys} {incr i} { - set key "[lindex [lindex $key_data $i] 2]" - if {($rpc && [string compare $key ""] != 0) || - ((! $rpc) && [string compare $key ""] == 0)} { - fail "$test: key_data $key is wrong" - set failed 1 - - } - } - if {$failed == 0} { pass "$test" } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test "get-principal 101" -if {$RPC} {test101_102 $RPC} -test "get-principal 102" -if {! $RPC} {test101_102 $RPC} - -test "get-principal 103" -proc test103 {} { - global test prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - - if { ! [cmd [format { - kadm5_modify_principal $server_handle \ - "{%s/a} 0 0 0 0 {%s/a} 0 0 0 0 null 0 0 0 0 0 0 1 {} {{999 6 foobar}}" \ - {KADM5_TL_DATA} - } $test $test]]} { - fail "$test: cannot set TL_DATA" - return - } - - if {! [cmd [format { - kadm5_get_principal $server_handle {%s/a} p \ - {KADM5_PRINCIPAL_NORMAL_MASK KADM5_TL_DATA} - } $test]]} { - perror "$test: unexpected failure in get_principal" - } - send "lindex \$p 17\n" - expect { - -re "(\[0-9\]+)\n$prompt" { set num_tl $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting num_tl" - return - } - eof { - error_and_restart "$test: eof getting num_tl" - return - } - } - send "lindex \$p 19\n" - expect { - -re "({.*})\n$prompt" {set tl_data $expect_out(1,string) } - -re "\n$prompt" { set tl_data {} } - timeout { - error_and_restart "$test: timeout getting tl_data" - return - } - eof { - error_and_restart "$test: eof getting tl_data" - return - } - } - - if {$num_tl == 0} { - fail "$test: num_tl $num_tl should not be 0" - } elseif {$tl_data == "{{999 6 foobar}}"} { - pass "$test" - } else { - fail "$test: tl_data $tl_data should be {{999 6 foobar}}" - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test103 - -return "" - - - - diff --git a/src/lib/kadm5/unit-test/api.current/get-principal.exp b/src/lib/kadm5/unit-test/api.current/get-principal.exp deleted file mode 100644 index a33fdfe8c..000000000 --- a/src/lib/kadm5/unit-test/api.current/get-principal.exp +++ /dev/null @@ -1,346 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "get-principal 1" -proc test1 {} { - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test \ - {kadm5_get_principal $server_handle null p KADM5_PRINCIPAL_NORMAL_MASK} "EINVAL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test1 - -test "get-principal 2" -proc test2 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK - } $test] "UNK_PRINC" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test2 - -test "get-principal 3" -proc test3 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK - } $test] "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test3 } - -test "get-principal 4" -proc test4 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK - } $test] "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test4 } - -test "get-principal 5" -proc test5 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK - } $test] "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test5 } - -test "get-principal 6" -proc test6 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK - } $test] "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test6 } - -test "get-principal 7" -proc test7 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/delete admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK - } $test] "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test7 } - - -test "get-principal 8" -proc test8 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/get admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_get_principal $server_handle "%s/a" p KADM5_PRINCIPAL_NORMAL_MASK - } $test] "AUTH_GET" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test8 } - - -test "get-principal 9" -proc test9 {} { - global test - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {kadm5_get_principal $server_handle admin/none p KADM5_PRINCIPAL_NORMAL_MASK} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -test "get-principal 10" -proc test10 {} { - global test - if {! [cmd { - kadm5_init admin/none admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test \ - {kadm5_get_principal $server_handle admin/none p KADM5_PRINCIPAL_NORMAL_MASK} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - -test "get-principal 11" -proc test11 {} { - global test - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_get_principal $server_handle admin/get p KADM5_PRINCIPAL_NORMAL_MASK} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -test "get-principal 12" -proc test12 {} { - global test - if {! [cmd { - kadm5_init admin/get admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_get_principal $server_handle admin/get p KADM5_PRINCIPAL_NORMAL_MASK} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "get-principal 13" -proc test13 {} { - global test - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_get_principal $server_handle admin/add p KADM5_PRINCIPAL_NORMAL_MASK} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -test "get-principal 14" -proc test14 {} { - global test - if {! [cmd { - kadm5_init admin/get-mod admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test {kadm5_get_principal $server_handle admin/add p KADM5_PRINCIPAL_NORMAL_MASK} - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -test "get-principal 15" -proc test15 {} { - one_line_fail_test \ - {kadm5_get_principal null "admin" p KADM5_PRINCIPAL_NORMAL_MASK} "BAD_SERVER_HANDLE" -} -test15 - -return "" - - - - diff --git a/src/lib/kadm5/unit-test/api.current/init-v2.exp b/src/lib/kadm5/unit-test/api.current/init-v2.exp deleted file mode 100644 index 47764c212..000000000 --- a/src/lib/kadm5/unit-test/api.current/init-v2.exp +++ /dev/null @@ -1,506 +0,0 @@ -load_lib lib.t - -api_exit -api_start - -proc get_hostname { } { - global hostname - - if {[info exists hostname]} { - return 1 - } - - catch "exec hostname >myname" exec_output - if ![string match "" $exec_output] { - send_log "$exec_output\n" - verbose $exec_output - send_error "ERROR: can't get hostname\n" - return 0 - } - set file [open myname r] - if { [ gets $file hostname ] == -1 } { - send_error "ERROR: no output from hostname\n" - return 0 - } - close $file - catch "exec rm -f myname" exec_output - - set hostname [string tolower $hostname] - verbose "hostname: $hostname" - - return 1 -} - - -test "init 101" -proc test101 {} { - global test - global hostname - - get_hostname - tcl_cmd "set hostname $hostname" - - # XXX Fix to work with a remote TEST_SERVER. For now, make sure - # it fails in that case. - one_line_succeed_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} [list $hostname 1751]] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} [list $hostname 4]] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } "RPC_ERROR" -} -if {$RPC} test101 - -test "init 102" -proc test102 {} { - global test - - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_ADMIN_SERVER} does.not.exist] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } "CANT_RESOLVE" -} -if {$RPC} test102 - -test "init 103" -proc test103 {} { - global test - - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_DBNAME} /does-not-exist] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } "ENOENT" -} -#if {! $RPC} test103 -if {! $RPC} { - send_user "UNTESTED: test103: test needs updating for DAL changes (see MIT RT ticket 3202)\n" - untested "test103: test needs updating for DAL changes (see MIT RT ticket 3202)" -} - - -test "init 106" -proc test106 {} { - global test prompt - - set prompting 0 - send [string trim { - kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_MKEY_FROM_KBD} 1] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }] - send "\n" - expect { - -re "\n\[^\n\]+:\[^\n\]*$" { set prompting 1} - -re "\nOK .*$prompt$" { fail "$test: premature success" } - -re "\nERROR .*$prompt$" { fail "$test: premature failure" } - timeout { fail "$test: timeout" } - eof { fail "$test: eof" } - } - if {$prompting} { - one_line_succeed_test mrroot - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} test106 - -test "init 107" -proc test107 {} { - global test - - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_STASH_FILE} /does-not-exist] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } "KDB_CANTREAD_STORED" -} -if {! $RPC} test107 - -test "init 108" -proc test108 {} { - global test - - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_MKEY_NAME} does/not/exist] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } "KRB5_KDB_CANTREAD_STORED" -} -if {! $RPC} test108 - -test "init 109-113" -proc test109 {} { - global test prompt - - delete_principal "$test/a" - - # I'd like to specify flags explicitly and check them, as in the - # following config_params, but tcl gets mighty confused if I do and - # I have no idea why. -# [config_params {KADM5_CONFIG_MAX_LIFE KADM5_CONFIG_MAX_RLIFE KADM5_CONFIG_EXPIRATION KADM5_CONFIG_FLAGS KADM5_CONFIG_ENCTYPES} {10 20 30 KRB5_KDB_DISALLOW_TGT_BASED {}} ] - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_MAX_LIFE KADM5_CONFIG_MAX_RLIFE KADM5_CONFIG_EXPIRATION KADM5_CONFIG_ENCTYPES} {10 20 30 {}} ] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - fail "$test: cannot init with max_life" - return - } - if {! [cmd [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test]]} { - fail "$test: can not create principal" - return; - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" p \ - {KADM5_PRINCIPAL_NORMAL_MASK KADM5_KEY_DATA} - } $test]]} { - fail "$test: can not get principal" - return; - } - send "puts \$p\n" - expect { - -re "$prompt" { } - timeout { - error_and_restart "$test: timeout getting prompt" - return - } - eof { - error_and_restart "$test: eof getting prompt" - return - } - } - send "lindex \$p 4\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting max_life" - return - } - eof { - error_and_restart "$test: eof getting max_life" - return - } - } - send "lindex \$p 12\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set max_rlife $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting max_rlife" - return - } - eof { - error_and_restart "$test: eof getting max_rlife" - return - } - } - send "lindex \$p 1\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set expiration $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting expiration" - return - } - eof { - error_and_restart "$test: eof getting expiration" - return - } - } - send "lindex \$p 7\n" - expect { - -re "(\[A-Z_\]*)\n$prompt" {set flags $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting flags" - return - } - eof { - error_and_restart "$test: eof getting flags" - return - } - } - # This sorta worries me. Since the test is setting ENCTYPES to - # nothing, the principal has no keys. That means that nothing is - # printed for the keys in the correct case; but it feels too - # likely that nothing will be printed in the case of some problem. - send "lindex \$p 18\n" - expect { - -re "({.*})\n$prompt" {set key_data $expect_out(1,string) } - -re "\n$prompt" { set key_data {} } - timeout { - error_and_restart "$test: timeout getting flags" - return - } - eof { - error_and_restart "$test: eof getting flags" - return - } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } - if {$max_life == 10} { - pass "$test" - } else { - fail "$test: $max_life is not 10" - } - if {$max_rlife == 20} { - pass "$test" - } else { - fail "$test: $max_rlife is not 20" - } - if {$expiration == 30} { - pass "$test" - } else { - fail "$test: $expiration is not 30" - } - if {$flags == ""} { - pass "$test" - } else { - fail "$test: flags $flags are wrong" - } - if {$key_data == {}} { - pass "$test" - } else { - fail "$test: key_data $key_data is wrong" - } -} -if {! $RPC} test109 - -test "init 116" -proc test116 {} { - global test - - delete_principal "$test/a" - - if {! [cmd {kadm5_init admin/get-add admin $KADM5_ADMIN_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - get_add_handle}]} { - error_and_restart "$test: couldn't init with admin/get-add" - } - - if {! [cmd {kadm5_init admin/mod-delete admin $KADM5_ADMIN_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - mod_delete_handle}]} { - error_and_restart "$test: couldn't init with admin/get-add" - } - - one_line_succeed_test { - kadm5_get_principal $get_add_handle testuser p \ - KADM5_PRINCIPAL_NORMAL_MASK - } - one_line_succeed_test [format { - kadm5_create_principal $get_add_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test] - one_line_fail_test { - kadm5_modify_principal $get_add_handle [simple_principal testuser] \ - {KADM5_PRINC_EXPIRE_TIME} - } "AUTH_MODIFY" - one_line_fail_test { - kadm5_delete_principal $get_add_handle testuser - } "AUTH_DELETE" - - one_line_fail_test { - kadm5_get_principal $mod_delete_handle testuser p \ - KADM5_PRINCIPAL_NORMAL_MASK - } "AUTH_GET" - one_line_fail_test [format { - kadm5_create_principal $mod_delete_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} testpass - } $test] "AUTH_ADD" - one_line_succeed_test { - kadm5_modify_principal $mod_delete_handle [simple_principal testuser] \ - {KADM5_PRINC_EXPIRE_TIME} - } - one_line_succeed_test [format { - kadm5_delete_principal $mod_delete_handle "%s/a" - } $test] - - if {! [cmd {kadm5_destroy $get_add_handle}]} { - error_and_restart "$test: couldn't close get_add_handle" - } - if {! [cmd {kadm5_destroy $mod_delete_handle}]} { - error_and_restart "$test: couldn't close mod_delete_handle" - } -} -if {$RPC} test116 - -test "init 117" -proc test117 {} { - global test env prompt - - if {[catch "exec grep max_life $env(KRB5_KDC_PROFILE)"] != 1} { - warning \ - "$test: max_life in $env(KRB5_KDC_PROFILE), cannot perform test" - return - } - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - fail "$test: unexpected failure in init" - return - } - - if {! [cmd [format { - kadm5_create_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} "%s/a" - } $test $test]]} { - perror "$test: unexpected failure creating principal" - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_MAX_LIFE - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 4\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting max_life" - return - } - eof { - error_and_restart "$test: eof getting max_life" - return - } - } - - if {$max_life == 86400} { - pass "$test" - } else { - fail "$test: max_life $max_life should be 86400" - } - - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close server_handle" - } -} -test117 - -send "puts \$KADM5_ADMIN_SERVICE\n" -expect { - -re "(\[a-zA-Z/@\]+)\n$prompt" { - set KADM5_ADMIN_SERVICE $expect_out(1,string) - } - default { - error_and_restart "$test: timeout/eof getting admin_service" - return - } -} - -send "puts \$KADM5_CHANGEPW_SERVICE\n" -expect { - -re "(\[a-zA-Z/@\]+)\n$prompt" { - set KADM5_CHANGEPW_SERVICE $expect_out(1,string) - } - default { - error_and_restart "$test: timeout/eof getting changepw_service" - return - } -} - -test "init 150" -proc test150 {} { - global test KADM5_ADMIN_SERVICE - - kdestroy - kinit testuser notathena "-S $KADM5_ADMIN_SERVICE" - one_line_succeed_test { - kadm5_init_with_creds testuser null $KADM5_ADMIN_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - kdestroy -} -if {$RPC} test150 - -test "init 151" -proc test151 {} { - global test KADM5_CHANGEPW_SERVICE - - kdestroy - kinit testuser notathena "-S $KADM5_CHANGEPW_SERVICE" - one_line_succeed_test { - kadm5_init_with_creds testuser null $KADM5_CHANGEPW_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - kdestroy -} -if {$RPC} test151 - -test "init 152" -proc test152 {} { - global test KADM5_ADMIN_SERVICE - - kdestroy - one_line_fail_test { - kadm5_init_with_creds testuser null $KADM5_ADMIN_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } "KRB5_FCC_NOFILE" -} -if {$RPC} test152 - -test "init 153" -proc test153 {} { - global test KADM5_ADMIN_SERVICE - - kinit testuser notathena - one_line_fail_test { - kadm5_init_with_creds testuser null $KADM5_ADMIN_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } "KRB5_CC_NOTFOUND" -} -if {$RPC} test153 - -test "init 154" -proc test154 {} { - global test env - - set orig $env(KRB5_KDC_PROFILE) - set env(KRB5_KDC_PROFILE) /does-not-exist - api_exit; api_start - set env(KRB5_KDC_PROFILE) $orig - - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } "ENOENT" - - api_exit; lib_start_api -} -if {0 && ! $RPC} test154 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/init.exp b/src/lib/kadm5/unit-test/api.current/init.exp deleted file mode 100644 index 8390b9cfa..000000000 --- a/src/lib/kadm5/unit-test/api.current/init.exp +++ /dev/null @@ -1,699 +0,0 @@ -load_lib lib.t - -# Assumptions: -# -# Principal "admin" exists, with "get", "add", "modify" and "delete" -# access bits and password "admin". -# The string "not-the-password" isn't the password of any user in the database. -# Database master password is "mrroot". - -api_exit -api_start -test "init 1" - -one_line_fail_test_nochk \ - {kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_REALM} {""}] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 server_handle} - -test "init 2" - -one_line_fail_test_nochk \ - {kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_REALM} {@}] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 server_handle} - -test "init 2.5" - -one_line_fail_test_nochk \ - {kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_REALM} {BAD.REALM}] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 server_handle} - -test "init 3" - -proc test3 {} { - global test - if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - one_line_fail_test_nochk [format { - kadm5_init admin admin "%s/a" null $KADM5_STRUCT_VERSION \ - $KADM5_API_VERSION_3 server_handle - } $test] -} -if {$RPC} { test3 } - -test "init 4" - -proc test4 {} { - global test - if {! ((! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - - one_line_fail_test_nochk [format { - kadm5_init admin admin "%s/a" null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } $test] -} -if {$RPC} { test4 } - -test "init 5" - -if {$RPC} { - one_line_fail_test_nochk { - kadm5_init admin admin admin null $KADM5_STRUCT_VERSION \ - $KADM5_API_VERSION_3 server_handle - } -} - -test "init 6" - -proc test6 {} { - global test - - send "kadm5_init admin null \$KADM5_ADMIN_SERVICE null \$KADM5_STRUCT_VERSION \$KADM5_API_VERSION_3 server_handle\n" - - expect { - -re "assword\[^\r\n\]*:" { } - eof { - fail "$test: eof instead of password prompt" - api_exit - api_start - return - } - timeout { - fail "$test: timeout instead of password prompt" - return - } - } - one_line_succeed_test "admin" - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if { $RPC } { test6 } - -test "init 8" - -proc test8 {} { - global test - if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - one_line_fail_test_nochk [format { - kadm5_init "%s/a" admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } $test] -} -if {$RPC} { test8 } - -test "init 9" - -if {$RPC} { - global test - one_line_fail_test_nochk { - kadm5_init admin not-the-password $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } -} - -test "init 10" - -proc test10 {} { - global test -# set prms_id 562 -# setup_xfail {*-*-*} $prms_id - one_line_fail_test_nochk { - kadm5_init null admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } -} -test10 - -#test "init 11" -# -#proc test11 {} { -# global test -# set prms_id 563 -# setup_xfail {*-*-*} $prms_id -# one_line_fail_test_nochk { -# kadm5_init "" admin $KADM5_ADMIN_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# } -#} -#test11 - -test "init 12" - -proc test12 {} { - global test - one_line_fail_test_nochk [format { - kadm5_init "%s/a" admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } $test] -} -if {$RPC} { test12 } - -test "init 13" - -proc test13 {} { - global test - one_line_fail_test_nochk [format { - kadm5_init "%s/a@SECURE-TEST.OV.COM" admin \ - $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION \ - $KADM5_API_VERSION_3 server_handle - } $test] -} -if {$RPC} { test13 } - -test "init 14" - -proc test14 {} { - global test - one_line_fail_test_nochk [format { - kadm5_init "%s/a@BAD.REALM" admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } $test] -} -if {$RPC} { test14 } - -test "init 15" - -if {$RPC} { - one_line_fail_test_nochk { - kadm5_init admin@BAD.REALM admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } -} - -test "init 16" - -proc test16 {} { - global test - one_line_succeed_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test16 - -test "init 17" - -proc test17 {} { - global test - one_line_succeed_test { - kadm5_init admin@SECURE-TEST.OV.COM admin \ - $KADM5_ADMIN_SERVICE null $KADM5_STRUCT_VERSION \ - $KADM5_API_VERSION_3 server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test17 - -test "init 18" - -proc test18 {} { - global test - one_line_succeed_test { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test18 - -test "init 19" - -proc test19 {} { - global test - one_line_succeed_test { - kadm5_init admin@SECURE-TEST.OV.COM admin \ - $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_REALM} {SECURE-TEST.OV.COM}] \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test19 - -test "init 20" - -proc test20 {} { - global test - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - error_and_restart "$test: couldn't init database" - return - } - one_line_succeed_test \ - {kadm5_get_principal $server_handle admin principal KADM5_PRINCIPAL_NORMAL_MASK} - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test20 - -#test "init 21" -# -#proc test21 {} { -# global test -# if {! [cmd { -# kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# }]} { -# error_and_restart "$test: couldn't init database" -# return -# } -# one_line_fail_test_nochk { -# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# } -# if {! [cmd {kadm5_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# } -#} -#test21 - - -# proc test22 {} { -# global test prompt -# set prompting 0 -# send [string trim { -# kadm5_init admin null null null $KADM5_STRUCT_VERSION \ -# $KADM5_API_VERSION_3 server_handle -# }] -# send "\n" -# expect { -# -re ":$" { set prompting 1} -# -re "\nOK .*$prompt$" { fail "$test: premature success" } -# -re "\nERROR .*$prompt$" { fail "$test: premature failure" } -# timeout { fail "$test: timeout" } -# eof { fail "$test: eof" } -# } -# if {$prompting} { -# one_line_succeed_test mrroot -# } -# if {! [cmd {kadm5_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# } -# } -# if {! $RPC} { test22 } -# -# test "init 22.5" -# proc test225 {} { -# global test prompt -# set prompting 0 -# send [string trim { -# kadm5_init admin null null null $KADM5_STRUCT_VERSION \ -# $KADM5_API_VERSION_3 server_handle -# }] -# send "\n" -# expect { -# -re ":$" { set prompting 1} -# -re "\nOK .*$prompt$" { fail "$test: premature success" } -# -re "\nERROR .*$prompt$" { fail "$test: premature failure" } -# timeout { fail "$test: timeout" } -# eof { fail "$test: eof" } -# } -# if {$prompting} { -# one_line_succeed_test mrroot -# } -# if {! [cmd {kadm5_destroy $server_handle}]} { -# error_and_restart "$test: couldn't close database" -# } -# } -# if {! $RPC} { test225 } - -test "init 23" - -proc test23 {} { - global test - one_line_succeed_test { - kadm5_init admin not-the-password $KADM5_ADMIN_SERVICE \ - null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} { test23 } - -test "init 24" - -proc test24 {} { - global test - one_line_succeed_test { - kadm5_init admin admin null null $KADM5_STRUCT_VERSION \ - $KADM5_API_VERSION_3 server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} { test24 } - -test "init 25" - -proc test25 {} { - global test - one_line_succeed_test { - kadm5_init admin admin foobar null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if {! $RPC} { test25 } - -test "init 26" - -#proc test26 {} { -# global test -# -# api_exit -# api_start -# one_line_fail_test_nochk { -# kadm5_get_principal $server_handle admin principal -# } -#} -#test26 - -#test "init 27" -# -#proc test27 {} { -# global test -# -# if {! ((! [principal_exists "$test/a"]) || [delete_principal "$test/a"])} { -# error_and_restart "$test: couldn't delete principal \"$test/a\"" -# return -# } -# begin_dump -# if {[cmd [format { -# kadm5_create_principal $server_handle [simple_principal \ -# "%s/a"] {KADM5_PRINCIPAL} "%s/a" -# } $test $test]]} { -# fail "$test: unexpected success in add" -# return -# } -# end_dump_compare "no-diffs" -#} -#test27 - -#test "init 28" -# -#proc test28 {} { -# global test prompt -# -# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { -# error_and_restart "$test: couldn't create principal \"$test/a\"" -# return -# } -# begin_dump -# if {! ([cmd { -# kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ -# $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ -# server_handle -# }] && [cmd [format { -# kadm5_get_principal $server_handle "%s/a" principal -# } $test]])} { -# error_and_restart "$test: error getting principal" -# return; -# } -# send "lindex \$principal 8\n" -# expect { -# -re "\n(\[0-9\]+).*$prompt$" {set kvno $expect_out(1,string) } -# timeout { -# error_and_restart "$test: timeout getting principal kvno" -# return -# } -# eof { -# error_and_restart "$test: eof getting principal kvno" -# return -# } -# } -# api_exit -# api_start -# set new_kvno [expr "$kvno + 1"] -# if {[cmd [format { -# kadm5_modify_principal $server_handle \ -# {"%s/a" 0 0 0 0 0 0 0 %d 0 0 0} {KADM5_KVNO} -# } $test $new_kvno]]} { -# fail "$test: unexpected success in modify" -# return; -# } -# end_dump_compare "no-diffs" -#} -#test28 - -#test "init 29" -# -#proc test29 {} { -# global test -# -# if {! ([principal_exists "$test/a"] || [create_principal "$test/a"])} { -# error_and_restart "$test: couldn't create principal \"$test/a\"" -# return -# } -# begin_dump -# if {[cmd [format { -# kadm5_delete_principal $server_handle "%s/a" -# } $test]]} { -# fail "$test: unexpected success in delete" -# return -# } -# end_dump_compare "no-diffs" -#} -#test29 - -test "init 30" -proc test30 {} { - global test - if {[cmd { - kadm5_init admin foobar $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - error_and_restart "$test: unexpected success" - return - } - one_line_succeed_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -if ${RPC} { test30 } - -test "init 31" -proc test31 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $bad_struct_version_mask $KADM5_API_VERSION_3 \ - server_handle - } "BAD_STRUCT_VERSION" -} -test31 - -test "init 32" -proc test32 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $no_struct_version_mask $KADM5_API_VERSION_3 \ - server_handle - } "BAD_STRUCT_VERSION" -} -test32 - -test "init 33" -proc test33 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $old_struct_version $KADM5_API_VERSION_3 \ - server_handle - } "OLD_STRUCT_VERSION" -} -test33 - -test "init 34" -proc test34 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $new_struct_version $KADM5_API_VERSION_3 \ - server_handle - } "NEW_STRUCT_VERSION" -} -test34 - -test "init 35" -proc test35 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $bad_api_version_mask \ - server_handle - } "BAD_API_VERSION" -} -test35 - -test "init 36" -proc test36 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $no_api_version_mask \ - server_handle - } "BAD_API_VERSION" -} -test36 - -test "init 37" -proc test37 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $old_api_version \ - server_handle - } "OLD_LIB_API_VERSION" -} -if { $RPC } test37 - -test "init 38" -proc test38 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $old_api_version \ - server_handle - } "OLD_SERVER_API_VERSION" -} -if { ! $RPC } test38 - -test "init 39" -proc test39 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $new_api_version \ - server_handle - } "NEW_LIB_API_VERSION" -} -if { $RPC } test39 - -test "init 40" -proc test40 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $new_api_version \ - server_handle - } "NEW_SERVER_API_VERSION" -} -if { ! $RPC } test40 - -test "init 41" -proc test41 {} { - global test - one_line_fail_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_API_VERSION_3 $KADM5_STRUCT_VERSION \ - server_handle - } "BAD_" -} -test41 - -test "init 42" -proc test42 {} { - global test - one_line_succeed_test { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } - if {! [cmd {kadm5_destroy $server_handle}]} { - error_and_restart "$test: couldn't close database" - } -} -test42 - - -proc test45_46 {service} { - global test kadmin_local env - - spawn $kadmin_local -q "delprinc -force $service" - expect { - -re "Principal .* deleted." {} - default { - perror "kadmin.local delprinc failed\n"; - } - } - expect eof - wait - - one_line_fail_test [concat {kadm5_init admin admin } \ - $service \ - { null $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle}] "SECURE_PRINC_MISSING" - - # this leaves the keytab with an incorrect entry - spawn $kadmin_local -q "ank -randkey $service" - expect eof - wait - - # restart the api so it gets a new ccache - api_exit - api_start -} - -if {$RPC} { - test "init 45" - - test45_46 kadmin/admin - - test "init 46" - - test45_46 kadmin/changepw -} - -return "" - diff --git a/src/lib/kadm5/unit-test/api.current/mod-policy.exp b/src/lib/kadm5/unit-test/api.current/mod-policy.exp deleted file mode 100644 index 1bf00b524..000000000 --- a/src/lib/kadm5/unit-test/api.current/mod-policy.exp +++ /dev/null @@ -1,711 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "modify-policy 2" -proc test2 {} { - global test - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test2 } - -test "modify-policy 8" -proc test8 {} { - global test -# set prms_id 744 -# setup_xfail {*-*-*} $prms_id - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_modify_policy $server_handle [simple_policy ""] \ - {KADM5_PW_MAX_LIFE} - } "BAD_POLICY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test8 - -test "modify-policy 9" -proc test9 {} { - global test - global prompt - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MIN_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -test "modify-policy 10" -proc test10 {} { - global test - global prompt - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 32 0 0 0 0 0 0 0 0} \ - {KADM5_PW_MIN_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 1\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - - -test "modify-policy 11" -proc test11 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test11 - -test "modify-policy 12" -proc test12 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 32 0 0 0 0 0 0 0} \ - {KADM5_PW_MAX_LIFE} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 2\n" - expect { - -re "32\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test12 - -test "modify-policy 13" -proc test13 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MIN_LENGTH} - } $test] "BAD_LENGTH" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -test "modify-policy 14" -proc test14 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 8 0 0 0 0 0 0} \ - {KADM5_PW_MIN_LENGTH} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 3\n" - expect { - -re "8\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test14 - -test "modify-policy 15" -proc test15 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "modify-policy 16" -proc test16 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0 0 0 0} \ - {KADM5_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test16 - -test "modify-policy 17" -proc test17 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a"])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 5 0 0 0 0 0} \ - {KADM5_PW_MIN_CLASSES} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 4\n" - expect { - -re "5\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -test "modify-policy 18" -proc test18 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 6 0 0 0 0 0} \ - {KADM5_PW_MIN_CLASSES} - } $test] "BAD_CLASS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test18 - -test "modify-policy 19" -proc test19 {} { - global test - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_HISTORY_NUM} - } $test] "BAD_HISTORY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test19 - -test "modify-policy 20" -proc test20 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 1 0 0 0 0} \ - {KADM5_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "1\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test20 - -test "modify-policy 21" -proc test21 {} { - global test - global prompt - - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 10 0 0 0 0} \ - {KADM5_PW_HISTORY_NUM} - } $test]]} { - fail $test - return - } - if {! [cmd [format { - kadm5_get_policy $server_handle "%s/a" policy - } $test]]} { - fail "$test: can not retrieve policy" - return - } - send "lindex \$policy 5\n" - expect { - -re "10\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21 - -test "modify-policy 22" -proc test22 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test22 - -test "modify-policy 23" -proc test23 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] "AUTH_MODIFY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} test23 - -test "modify-policy 26" -proc test26 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_modify_policy $server_handle [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test26 - -test "modify-policy 30" -proc test30 {} { - global test - - one_line_fail_test [format { - kadm5_modify_policy null [simple_policy "%s/a"] \ - {KADM5_PW_MAX_LIFE} - } $test] "BAD_SERVER_HANDLE" -} -test30 - -test "modify-policy 31" -proc test31 {} { - global test - if {! (( [policy_exists "$test/a"]) || - [create_policy "$test/a" ])} { - error_and_restart "$test: couldn't create policy \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 0 0 0 2 0 0} \ - {KADM5_PW_MAX_FAILURE} - } $test] - one_line_succeed_test [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0 0 90 0} \ - {KADM5_PW_FAILURE_COUNT_INTERVAL} - } $test] - one_line_succeed_test [format { - kadm5_modify_policy $server_handle {"%s/a" 0 0 0 1 0 0 0 0 180} \ - {KADM5_PW_LOCKOUT_DURATION} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test31 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp deleted file mode 100644 index 4abbeb52d..000000000 --- a/src/lib/kadm5/unit-test/api.current/mod-principal-v2.exp +++ /dev/null @@ -1,115 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "modify-principal 100-105" -proc test100_104 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - - set origtest "$test" - - test "modify-principal 100" - one_line_succeed_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_MAX_RLIFE} - } $origtest] - - test "modify-principal 101" - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_LAST_SUCCESS} - } $origtest] "BAD_MASK" - - test "modify-principal 102" - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_LAST_FAILED} - } $origtest] "BAD_MASK" - -# This is now permitted to reset lockout count -# test "modify-principal 103" -# one_line_fail_test [format { -# kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ -# {KADM5_FAIL_AUTH_COUNT} -# } $origtest] "BAD_MASK" - - test "modify-principal 103.5" - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_KEY_DATA} - } $origtest] "BAD_MASK" - - test "modify-principal 105" - one_line_fail_test [format { - kadm5_modify_principal $server_handle \ - "{%s/a} 0 0 0 0 {%s/a} 0 0 0 0 null 0 0 0 0 0 0 1 {} {{1 1 x}}" \ - {KADM5_TL_DATA} - } $origtest $origtest] "BAD_TL_TYPE" - - test "modify-principal 100,104" - if { ! [cmd [format { - kadm5_modify_principal $server_handle \ - "{%s/a} 0 0 0 0 {%s/a} 0 0 0 0 null 0 88 0 0 0 0 1 {} {{990 6 foobar}}" \ - {KADM5_MAX_RLIFE KADM5_TL_DATA} - } $origtest $origtest]]} { - fail "$test: cannot set MAX_RLIFE or TL_DATA" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal {KADM5_PRINCIPAL_NORMAL_MASK KADM5_TL_DATA} - } $origtest]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 12\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set rlife $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting rlife" - return - } - eof { - error_and_restart "$test: eof getting rlife" - return - } - } - send "lindex \$principal 19\n" - expect { - -re "\(\{.*\}\)\n$prompt$" {set tl $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting tl_data" - return - } - eof { - error_and_restart "$test: eof getting tl_data" - return - } - } - if {($rlife == 88) && ($tl == "{{990 6 foobar}}")} { - pass "$test" - } else { - fail "$test: $rlife should be 88, $tl should be {{990 6 foobar}}" - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test100_104 diff --git a/src/lib/kadm5/unit-test/api.current/mod-principal.exp b/src/lib/kadm5/unit-test/api.current/mod-principal.exp deleted file mode 100644 index ac9f96845..000000000 --- a/src/lib/kadm5/unit-test/api.current/mod-principal.exp +++ /dev/null @@ -1,1606 +0,0 @@ -load_lib lib.t -api_exit -api_start - -#test "modify-principal 1" -#proc test1 {} { -# global test -# one_line_fail_test [format { -# kadm5_modify_principal $server_handle [simple_principal \ -# "%s/a"] {KADM5_PW_EXPIRATION} -# } $test] "NOT_INIT" -#} -#test1 - -test "modify-principal 2" -proc test2 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINC_EXPIRE_TIME} - } $test] "AUTH_MODIFY" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test2 } - -test "modify-principal 4" -proc test4 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINCIPAL} - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test4 - - -test "modify-principal 5" -proc test5 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_LAST_PWD_CHANGE} - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test5 - -test "modify-principal 6" -proc test6 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_MOD_TIME} - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test6 - -test "modify-principal 7" -proc test7 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_MOD_NAME} - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test7 - -test "modify-principal 8" -proc test8 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_MKVNO} - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test8 - -test "modify-principal 9" -proc test9 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_AUX_ATTRIBUTES} - } $test] "BAD_MASK" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test9 - -test "modify-principal 10" -proc test10 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINC_EXPIRE_TIME} - } $test] "UNK_PRINC" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test10 - -test "modify-principal 11" -proc test11 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/none admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINC_EXPIRE_TIME} - } $test] "AUTH_MOD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test11 } - -test "modify-principal 12" -proc test12 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/get admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINC_EXPIRE_TIME} - } $test] "AUTH_MOD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test12 } - -test "modify-principal 13" -proc test13 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/add admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINC_EXPIRE_TIME} - } $test] "AUTH_MOD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test13 } - -test "modify-principal 14" -proc test14 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/delete admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINC_EXPIRE_TIME} - } $test] "AUTH_MOD" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test14 } - -test "modify-principal 15" -proc test15 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINC_EXPIRE_TIME} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test15 - -test "modify-principal 17" -proc test17 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \ - no-policy] {KADM5_POLICY} - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test17 - -test "modify-principal 21.5" -proc test21.5 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal_pol "$test/a" "test-pol"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {kadm5_get_policy $server_handle test-pol old_p1}]} { - perror "$test: unexpected failure on get policy" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {KADM5_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$old_p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set old_p1_ref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - - if { ! [cmd {kadm5_get_policy $server_handle test-pol new_p1}]} { - perror "$test: unexpected failure on get policy" - return - } - - send "lindex \$new_p1 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set new_p1_ref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - - if {$old_p1_ref != $new_p1_ref} { - fail "$test: policy reference count changed ($old_p1_ref to $new_p1_ref)" - return - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test21.5 - -test "modify-principal 22" -proc test22 {} { - global test - global prompt - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test22 - -test "modify-principal 23" -proc test23 {} { - global test - global prompt - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" test-pol-nopw])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test23 - -test "modify-principal 24" -proc test24 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" "test-pol" ])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - error_and_restart "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PW_EXPIRATION} - } $test]]} { - fail "$test: could not modify principal" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - if { ! [cmd [format { - kadm5_get_policy $server_handle %s policy - } test-pol]]} { - error_and_restart "$test: cannot retrieve policy" - return - } - send "lindex \$principal 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting mod_date" - return - } - eof { - error_and_restart "$test: eof getting pw_mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { $pw_expire != 0 } { - fail "$test: pw_expire $pw_expire should be 0" - return - } else { - pass "$test" - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test24 - -test "modify-principal 25" -proc test25 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {KADM5_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "1234\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test25 - -test "modify-principal 26" -proc test26 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" "test-pol-nopw" ])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {KADM5_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "1234\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test26 - -test "modify-principal 27" -proc test27 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" "test-pol" ])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 1234 0 0 0 0 0 0 0 0} {KADM5_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "1234\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test27 - -test "modify-principal 28" -proc test28 {} { - global test - global prompt -# set prms_id 1358 -# setup_xfail {*-*-*} $prms_id - - if {! (( [principal_exists "$test/a"]) || - [create_principal_pol "$test/a" "test-pol" ])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 999999999 0 0 0 0 0 0 0 0} {KADM5_PW_EXPIRATION} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} { - error_and_restart "$test: cannot retrieve policy" - return - } - send "lindex \$principal 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_mod_date" - return - } - eof { - error_and_restart "$test: eof getting pw_mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { $pw_expire != 999999999 } { - fail "$test: pw_expire $pw_expire should be 999999999" - return - } - pass "$test" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "modify-principal 29" -proc test29 {} { - global test - global prompt - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { ! ([create_principal_pol "$test/a" test-pol])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_POLICY_CLR} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test29 - -test "modify-principal 30" -proc test30 {} { - global test - global prompt - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal_pol "$test/a" test-pol])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol-nopw] {KADM5_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 3\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test30 - -test "modify-principal 31" -proc test31 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {KADM5_POLICY} - } $test]]} { - fail "modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} { - error_and_restart "$test: cannot retrieve policy" - return - } - send "lindex \$principal 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_mod_date $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_mod_date" - return - } - eof { - error_and_restart "$test: eof getting pw_mod_date" - return - } - } - - send "lindex \$principal 3\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_expire $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_expire" - return - } - eof { - error_and_restart "$test: eof getting pw_expire" - return - } - } - - send "lindex \$policy 2\n" - expect { - -re "(\[0-9\]+)\n$prompt" {set pw_max_life $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting pw_max_life" - return - } - eof { - error_and_restart "$test: eof getting pw_max_life" - return - } - } - if { [expr "$pw_mod_date + $pw_max_life"] != $pw_expire } { - fail "$test: pw_expire is wrong" - return - } - - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test31 - -test "modify-principal 32" -proc test32 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 1234 0 0 0 0 0 0 0 0 0 0} \ - {KADM5_PRINC_EXPIRE_TIME} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 1\n" - expect { - -re "1234\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test32 - -test "modify-principal 33" -proc test33 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_ALL_TIX 0 0 0 0} \ - {KADM5_ATTRIBUTES} - } $test]]} { - fail "$test: modified fail" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 7\n" - expect { - -re "KRB5_KDB_DISALLOW_ALL_TIX.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test33 - -test "modify-principal 33.25" -proc test3325 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 KRB5_KDB_REQUIRES_PWCHANGE 0 0 0 0} \ - {KADM5_ATTRIBUTES} - } $test]]} { - fail "$test: modified fail" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 7\n" - expect { - -re "KRB5_KDB_REQUIRES_PWCHANGE.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test3325 - -test "modify-principal 33.5" -proc test335 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 KRB5_KDB_DISALLOW_TGT_BASED 0 0 0 0} \ - {KADM5_ATTRIBUTES} - } $test]]} { - fail "$test: modified fail" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 7\n" - expect { - -re "KRB5_KDB_DISALLOW_TGT_BASED.*$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test335 - - -test "modify-principal 34" -proc test34 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 0 3456 0 0 0 0 0 0 0} {KADM5_MAX_LIFE} - } $test]]} { - fail "$test: modify failed" - return - } - - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 4\n" - expect { - -re "3456\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test34 - -test "modify-principal 35" -proc test35 {} { - global prompt - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 0 7 0 0 0} {KADM5_KVNO} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 8\n" - expect { - -re "7\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test35 - -test "modify-principal 36" -proc test36 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal_pol "$test/a" "test-pol"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if { ! [cmd {kadm5_get_policy $server_handle test-pol pol}]} { - perror "$test: unexpected failure on get policy" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \ - test-pol] {KADM5_POLICY} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 10\n" - expect { - -re "test-pol\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - send "lindex \$pol 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set oldref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { ! [cmd {kadm5_get_policy $server_handle test-pol pol2}]} { - perror "$test: unexpected failure on get policy" - return - } - send "lindex \$pol2 6\n" - expect { - -re "(\[0-9\]+)\n$prompt$" {set newref $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting principal kvno (second time)" - return - } - eof { - error_and_restart "$test: eof getting principal kvno (second time)" - return - } - } - if { $oldref != $newref } { - fail "$test: policy reference count is wrong" - return; - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test36 - -test "modify-principal 37" -proc test37 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if { !( [create_principal "$test/a"])} { - error_and_restart "$test: could not create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_POLICY_CLR} - } $test]]} { - fail "$test: modify failed" - return - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test37 - -test "modify-principal 38" -proc test38 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_PRINC_EXPIRE_TIME} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 1\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test38 - -test "modify-principal 39" -proc test39 {} { - global test - global prompt - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! ([create_principal "$test/a"])} { - perror "$test: unexpected failure in creating principal" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle [simple_principal "%s/a"] \ - {KADM5_MAX_LIFE} - } $test]]} { - fail "$test: modify failed" - return - } - if {! [cmd [format { - kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK - } $test]]} { - error_and_restart "$test: could not retrieve principal" - return - } - send "lindex \$principal 4\n" - expect { - -re "0\n$prompt$" { pass "$test" } - timeout { fail "$test" } - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test39 - -test "modify-principal 40" -proc test40 {} { - global test - global prompt - - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test { - kadm5_modify_principal $server_handle null \ - {KADM5_PRINC_EXPIRE_TIME} - } "EINVAL" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test40 - -test "modify-principal 43" -proc test43 {} { - global test - one_line_fail_test [format { - kadm5_modify_principal null [simple_principal \ - "%s/a"] {KADM5_PW_EXPIRATION} - } $test] "BAD_SERVER_HANDLE" -} -test43 - -test "modify-principal 44" -proc test44 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - # setting fail auth count to a non-zero value must fail - one_line_fail_test [format { - kadm5_modify_principal $server_handle \ - {"%s/a" 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1234 0 0 {} {}} {KADM5_FAIL_AUTH_COUNT} - } $test] "BAD_SERVER_PARAMS" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test44 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp deleted file mode 100644 index 2925c1c43..000000000 --- a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp +++ /dev/null @@ -1,61 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "randkey-principal 100" -proc test100 {} { - global test prompt - - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal "$test/a"]} { - error_and_restart "$test: creating principal" - return - } - - # I'd like to specify a long list of keysalt tuples and make sure that - # randkey does the right thing, but we can only use those enctypes that - # krbtgt has a key for: 3DES and AES, according to the prototype kdc.conf. - if {! [cmd [format { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test]]} { - perror "$test: unexpected failure in randkey_principal" - } - send "puts \$num_keys\n" - expect { - -re "(\[0-9\]+)\n$prompt" { set num_keys $expect_out(1,string) } - timeout { - error_and_restart "$test: timeout getting num_keys" - return - } - eof { - error_and_restart "$test: eof getting num_keys" - return - } - } - - # XXX Perhaps I should actually check the key type returned. - if {$num_keys == 5} { - pass "$test" - } else { - fail "$test: $num_keys keys, should be 5" - } - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test100 - -return "" diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal.exp deleted file mode 100644 index 1484901fa..000000000 --- a/src/lib/kadm5/unit-test/api.current/randkey-principal.exp +++ /dev/null @@ -1,297 +0,0 @@ -load_lib lib.t -api_exit -api_start - -test "randkey-principal 1" -proc test1 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd [format { - kadm5_init "%s/a" "%s/a" $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } $test $test]]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] "PASS_TOOSOON" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test1 } - -test "randkey-principal 3" -proc test3 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd [format { - kadm5_init "%s/a" "%s/a" $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } $test $test]]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] "PASS_TOOSOON" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if ${RPC} { test3 } - -test "randkey-principal 13" -proc test13 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - if {! [cmd [format { - kadm5_modify_principal $server_handle [princ_w_pol "%s/a" \ - once-a-min] KADM5_POLICY - } $test]]} { - perror "$test: failed modify" - return - } - one_line_succeed_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test13 - -test "randkey-principal 15" -proc test15 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal_pol "$test/a" once-a-min]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] "AUTH_CHANGEPW" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if { $RPC } { test15 } - -test "randkey-principal 28" -proc test28 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test28 - -test "randkey-principal 28.25" -proc test2825 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin admin $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] "AUTH" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -if {$RPC} { test2825 } - -test "randkey-principal 28.5" -proc test285 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [cmd { - kadm5_init admin/modify admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test285 - -test "randkey-principal 30" -proc test30 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't delete principal \"$test/a\"" - return - } - if {! [create_principal "$test/a"]} { - error_and_restart "$test: creating principal" - return - } - if {! [cmd [format { - kadm5_init "%s/a" "%s/a" $KADM5_CHANGEPW_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } $test $test]]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test30 - -test "randkey-principal 31" -proc test31 {} { - global test - if {! (( ! [principal_exists "$test/a"]) || - [delete_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if {! [create_principal "$test/a"]} { - error_and_restart "$test: creating principal" - return - } - - if {! [cmd [format { - kadm5_init "%s/a" "%s/a" $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - } $test $test]]} { - perror "$test: unexpected failure in init" - return - } - one_line_succeed_test [format { - kadm5_randkey_principal $server_handle "%s/a" keys num_keys - } $test] - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} -test31 - -test "randkey-principal 33" -proc test33 {} { - global test - if {! (( [principal_exists "$test/a"]) || - [create_principal "$test/a"])} { - error_and_restart "$test: couldn't create principal \"$test/a\"" - return - } - if { ! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - server_handle - }]} { - perror "$test: unexpected failure in init" - return - } - one_line_fail_test [format { - kadm5_randkey_principal null "%s/a" keys num_keys - } $test] "BAD_SERVER_HANDLE" - if { ! [cmd {kadm5_destroy $server_handle}]} { - perror "$test: unexpected failure in destroy" - return - } -} - -test33 - -return "" diff --git a/src/lib/kadm5/unit-test/config/unix.exp b/src/lib/kadm5/unit-test/config/unix.exp deleted file mode 100644 index d7706ec53..000000000 --- a/src/lib/kadm5/unit-test/config/unix.exp +++ /dev/null @@ -1,222 +0,0 @@ -source runenv.exp - -set prompt "% " -set stty_init {-onlcr -opost intr \^C kill \^U} -set kadmin_local $KADMIN_LOCAL - -# Backward compatibility until we're using expect 5 everywhere -if {[info exists exp_version_4]} { - global wait_error_index wait_errno_index wait_status_index - set wait_error_index 0 - set wait_errno_index 1 - set wait_status_index 1 -} else { - set wait_error_index 2 - set wait_errno_index 3 - set wait_status_index 3 -} - -if { [string length $VALGRIND] } { - rename spawn valgrind_aux_spawn - proc spawn { args } { - global VALGRIND - upvar 1 spawn_id spawn_id - set newargs {} - set inflags 1 - set eatnext 0 - foreach arg $args { - if { $arg == "-ignore" \ - || $arg == "-open" \ - || $arg == "-leaveopen" } { - lappend newargs $arg - set eatnext 1 - continue - } - if [string match "-*" $arg] { - lappend newargs $arg - continue - } - if { $eatnext } { - set eatnext 0 - lappend newargs $arg - continue - } - if { $inflags } { - set inflags 0 - # Only run valgrind for local programs, not - # system ones. -#&&![string match "/bin/sh" $arg] sh is used to start kadmind! - if [string match "/" [string index $arg 0]]&&![string match "/bin/ls" $arg]&&![regexp {/kshd$} $arg] { - set newargs [concat $newargs $VALGRIND] - } - } - lappend newargs $arg - } - set pid [eval valgrind_aux_spawn $newargs] - return $pid - } -} - -# Hack around Solaris 9 kernel race condition that causes last output -# from a pty to get dropped. -if { $PRIOCNTL_HACK } { - catch {exec priocntl -s -c FX -m 30 -p 30 -i pid [getpid]} - rename spawn oldspawn - proc spawn { args } { - upvar 1 spawn_id spawn_id - set newargs {} - set inflags 1 - set eatnext 0 - foreach arg $args { - if { $arg == "-ignore" \ - || $arg == "-open" \ - || $arg == "-leaveopen" } { - lappend newargs $arg - set eatnext 1 - continue - } - if [string match "-*" $arg] { - lappend newargs $arg - continue - } - if { $eatnext } { - set eatnext 0 - lappend newargs $arg - continue - } - if { $inflags } { - set inflags 0 - set newargs [concat $newargs {priocntl -e -c FX -p 0}] - } - lappend newargs $arg - } - set pid [eval oldspawn $newargs] - return $pid - } -} - -# Variables for keeping track of api process state -set api_pid "0" - -proc api_exit {} { - global spawn_id - global api_pid - -# puts stdout "Starting api_exit (spawn_id $spawn_id)." - catch {close} errMsg - catch {wait} errMsg -# puts stdout "Finishing api_exit for $api_pid." - set api_pid "0" -} - -proc api_isrunning {pid} { - global api_pid - -# puts stdout "testing $pid, api_pid is $api_pid" - if {$pid == $api_pid} { - return 1; - } else { - return 0; - } -} - -proc api_version {} { -} - -proc api_start {} { - global API - global env - global spawn_id - global prompt - global api_pid - - set pid [spawn $API] - expect { - -re "$prompt$" {} - eof { perror "EOF starting API" } - timeout { perror "Timeout starting API" } - } - if {! [info exists env(TCLUTIL)]} { - perror "TCLUTIL environment variable isn't set" - } - # tcl 8.4 for some reason screws up autodetection of output - # EOL translation. Work around it for now. - send "if { \[info commands fconfigure\] ne \"\" } { fconfigure stdout -translation lf }\n" - expect { - -re "$prompt$" {} - eof { perror "EOF starting API" } - timeout { perror "Timeout starting API" } - } - send "source $env(TCLUTIL)\n" - expect { - -re "$prompt$" {} - eof { perror "EOF starting API" } - timeout { perror "Timeout starting API" } - } - send "set current_struct_version \[expr \$KADM5_STRUCT_VERSION &~ \$KADM5_STRUCT_VERSION_MASK\]\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set current_api_version \[expr \$KADM5_API_VERSION_3 &~ \$KADM5_API_VERSION_MASK\]\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set bad_struct_version_mask \[expr 0x65432100 | \$current_struct_version\]\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set bad_api_version_mask \[expr 0x65432100 | \$current_api_version\]\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set no_api_version_mask \$current_api_version\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set no_struct_version_mask \$current_struct_version\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set old_api_version \[expr \$KADM5_API_VERSION_MASK | 0x00\]\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set old_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0x00\]\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set new_api_version \[expr \$KADM5_API_VERSION_MASK | 0xca\]\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - send "set new_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0xca\]\n" - expect { - -re "$prompt$" {} - eof { perror "EOF setting API variables"} - timeout { perror "timeout setting API variables"} - } - - set api_pid $pid -# puts stdout "Finishing api_start (spawn_id $spawn_id, pid $api_pid)." - return $pid -} -api_start - diff --git a/src/lib/kadm5/unit-test/deps b/src/lib/kadm5/unit-test/deps deleted file mode 100644 index cf54f475b..000000000 --- a/src/lib/kadm5/unit-test/deps +++ /dev/null @@ -1,86 +0,0 @@ -# -# Generated makefile dependencies follow. -# -$(OUTPRE)init-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ - $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ - $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ - $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ - $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ - $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ - $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ - $(top_srcdir)/include/krb5.h init-test.c -$(OUTPRE)destroy-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ - $(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ - $(BUILDTOP)/include/kadm5/client_internal.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ - $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ - $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ - $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ - $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ - $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ - $(top_srcdir)/include/krb5.h destroy-test.c -$(OUTPRE)handle-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \ - $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ - $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ - $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ - $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ - $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ - $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/plugin.h \ - handle-test.c -$(OUTPRE)iter-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ - $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ - $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ - $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ - $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ - $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ - $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ - $(top_srcdir)/include/krb5.h iter-test.c -$(OUTPRE)setkey-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ - $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ - $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ - $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ - $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ - $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ - $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ - $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - setkey-test.c -$(OUTPRE)randkey-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ - $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ - $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ - $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ - $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ - $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ - $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ - $(top_srcdir)/include/krb5.h randkey-test.c -$(OUTPRE)lock-test.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \ - $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \ - $(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/gssrpc/auth.h \ - $(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \ - $(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \ - $(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \ - $(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \ - $(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/kdb.h \ - $(top_srcdir)/include/krb5.h lock-test.c diff --git a/src/lib/kadm5/unit-test/destroy-test.c b/src/lib/kadm5/unit-test/destroy-test.c deleted file mode 100644 index 738cfeb86..000000000 --- a/src/lib/kadm5/unit-test/destroy-test.c +++ /dev/null @@ -1,48 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include <kadm5/admin.h> -#include <com_err.h> -#include <stdio.h> -#include <krb5.h> -#include <sys/socket.h> -#include <sys/file.h> -#include <unistd.h> -#include <netinet/in.h> -#include <kadm5/client_internal.h> -#include <string.h> - -#define TEST_NUM 25 - -int main() -{ - kadm5_ret_t ret; - char *cp; - int x; - void *server_handle; - kadm5_server_handle_t handle; - krb5_context context; - - ret = kadm5_init_krb5_context(&context); - if (ret != 0) { - com_err("test", ret, "context init"); - exit(2); - } - for(x = 0; x < TEST_NUM; x++) { - ret = kadm5_init(context, "admin", "admin", KADM5_ADMIN_SERVICE, 0, - KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL, - &server_handle); - if(ret != KADM5_OK) { - com_err("test", ret, "init"); - exit(2); - } - handle = (kadm5_server_handle_t) server_handle; - cp = strdup(strchr(handle->cache_name, ':') + 1); - kadm5_destroy(server_handle); - if(access(cp, F_OK) == 0) { - puts("ticket cache not destroyed"); - exit(2); - } - free(cp); - } - krb5_free_context(context); - exit(0); -} diff --git a/src/lib/kadm5/unit-test/diff-files/destroy-1 b/src/lib/kadm5/unit-test/diff-files/destroy-1 deleted file mode 100644 index 593d67320..000000000 --- a/src/lib/kadm5/unit-test/diff-files/destroy-1 +++ /dev/null @@ -1,2 +0,0 @@ -##! nochanges - diff --git a/src/lib/kadm5/unit-test/diff-files/no-diffs b/src/lib/kadm5/unit-test/diff-files/no-diffs deleted file mode 100644 index 593d67320..000000000 --- a/src/lib/kadm5/unit-test/diff-files/no-diffs +++ /dev/null @@ -1,2 +0,0 @@ -##! nochanges - diff --git a/src/lib/kadm5/unit-test/handle-test.c b/src/lib/kadm5/unit-test/handle-test.c deleted file mode 100644 index 29bd2c9a1..000000000 --- a/src/lib/kadm5/unit-test/handle-test.c +++ /dev/null @@ -1,140 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include <kadm5/admin.h> -#include <com_err.h> -#include <stdio.h> -#include <krb5.h> -#include <sys/socket.h> -#include <sys/file.h> -#include <unistd.h> -#include <netinet/in.h> -#ifdef CLIENT_TEST -#include <kadm5/client_internal.h> -#else -#include <kadm5/server_internal.h> -#include <kadm5/admin.h> -#endif - -int main(int argc, char *argv[]) -{ - kadm5_ret_t ret; - void *server_handle; - kadm5_server_handle_t handle; - kadm5_server_handle_rec orig_handle; - kadm5_policy_ent_rec pol; - kadm5_principal_ent_t princ; - kadm5_principal_ent_rec kprinc; - krb5_keyblock *key; - krb5_principal tprinc; - krb5_context context; - - - kadm5_init_krb5_context(&context); - - ret = kadm5_init(context, "admin/none", "admin", KADM5_ADMIN_SERVICE, NULL, - KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL, - &server_handle); - if(ret != KADM5_OK) { - com_err("test", ret, "init"); - exit(2); - } - handle = (kadm5_server_handle_t) server_handle; - orig_handle = *handle; - handle->magic_number = KADM5_STRUCT_VERSION; - krb5_parse_name(context, "testuser", &tprinc); - ret = kadm5_get_principal(server_handle, tprinc, &kprinc, - KADM5_PRINCIPAL_NORMAL_MASK); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "get-principal", - error_message(ret)); - exit(1); - } - - ret = kadm5_get_policy(server_handle, "pol1", &pol); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "get-policy", - error_message(ret)); - exit(1); - } - - princ = &kprinc; - ret = kadm5_create_principal(server_handle, princ, KADM5_PRINCIPAL, "pass"); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "create-principal", - error_message(ret)); - exit(1); - } - - ret = kadm5_create_policy(server_handle, &pol, KADM5_POLICY); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "create-policy", - error_message(ret)); - exit(1); - } - - ret = kadm5_modify_principal(server_handle, princ, KADM5_PW_EXPIRATION); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "modify-principal", - error_message(ret)); - exit(1); - } - - ret = kadm5_modify_policy(server_handle, &pol, KADM5_PW_MAX_LIFE); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "modify-policy", - error_message(ret)); - exit(1); - } - - ret = kadm5_delete_principal(server_handle, tprinc); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "delete-principal", - error_message(ret)); - exit(1); - } - - ret = kadm5_delete_policy(server_handle, "pol1"); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "delete-policy", - error_message(ret)); - exit(1); - } - - ret = kadm5_chpass_principal(server_handle, tprinc, "FooBar"); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "chpass", - error_message(ret)); - exit(1); - } - ret = kadm5_randkey_principal(server_handle, tprinc, &key, NULL); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "randkey", - error_message(ret)); - exit(1); - } - - ret = kadm5_rename_principal(server_handle, tprinc, tprinc); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "rename", - error_message(ret)); - exit(1); - } - - ret = kadm5_destroy(server_handle); - if(ret != KADM5_BAD_SERVER_HANDLE) { - fprintf(stderr, "%s -- returned -- %s\n", "destroy", - error_message(ret)); - exit(1); - } - - *handle = orig_handle; - ret = kadm5_destroy(server_handle); - if (ret != KADM5_OK) { - fprintf(stderr, "valid %s -- returned -- %s\n", "destroy", - error_message(ret)); - exit(1); - } - - krb5_free_principal(context, tprinc); - krb5_free_context(context); - exit(0); -} diff --git a/src/lib/kadm5/unit-test/init-test.c b/src/lib/kadm5/unit-test/init-test.c deleted file mode 100644 index 9f06621e8..000000000 --- a/src/lib/kadm5/unit-test/init-test.c +++ /dev/null @@ -1,39 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include <kadm5/admin.h> -#include <com_err.h> -#include <stdio.h> -#include <stdlib.h> -#include <krb5.h> -#include <string.h> - -int main() -{ - kadm5_ret_t ret; - void *server_handle; - kadm5_config_params params; - krb5_context context; - - memset(¶ms, 0, sizeof(params)); - params.mask |= KADM5_CONFIG_NO_AUTH; - ret = kadm5_init_krb5_context(&context); - if (ret != 0) { - com_err("init-test", ret, "while initializing krb5 context"); - exit(1); - } - ret = kadm5_init(context, "admin", "admin", NULL, ¶ms, - KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL, - &server_handle); - if (!ret) - (void)kadm5_destroy(server_handle); - krb5_free_context(context); - if (ret == KADM5_RPC_ERROR) { - exit(0); - } - else if (ret != 0) { - com_err("init-test", ret, "while initializing without auth"); - exit(1); - } else { - fprintf(stderr, "Unexpected success while initializing without auth!\n"); - exit(1); - } -} diff --git a/src/lib/kadm5/unit-test/iter-test.c b/src/lib/kadm5/unit-test/iter-test.c deleted file mode 100644 index cd85ebe4d..000000000 --- a/src/lib/kadm5/unit-test/iter-test.c +++ /dev/null @@ -1,51 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include <stdio.h> -#include <kadm5/admin.h> -#include <string.h> - -int main(int argc, char **argv) -{ - kadm5_ret_t ret; - void *server_handle; - char **names; - int count, princ, i; - krb5_context context; - - if (argc != 3) { - fprintf(stderr, "Usage: %s [-princ|-pol] exp\n", argv[0]); - exit(1); - } - princ = (strcmp(argv[1], "-princ") == 0); - - ret = kadm5_init_krb5_context(&context); - if (ret != KADM5_OK) { - com_err("iter-test", ret, "while initializing context"); - exit(1); - } - ret = kadm5_init("admin", "admin", KADM5_ADMIN_SERVICE, 0, - KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL, - &server_handle); - if (ret != KADM5_OK) { - com_err("iter-test", ret, "while initializing"); - exit(1); - } - - if (princ) - ret = kadm5_get_principals(server_handle, argv[2], &names, &count); - else - ret = kadm5_get_policies(server_handle, argv[2], &names, &count); - - if (ret != KADM5_OK) { - com_err("iter-test", ret, "while retrieving list"); - exit(1); - } - - for (i = 0; i < count; i++) - printf("%d: %s\n", i, names[i]); - - kadm5_free_name_list(server_handle, names, count); - - (void) kadm5_destroy(server_handle); - - return 0; -} diff --git a/src/lib/kadm5/unit-test/lib/lib.t b/src/lib/kadm5/unit-test/lib/lib.t deleted file mode 100644 index 3444775cf..000000000 --- a/src/lib/kadm5/unit-test/lib/lib.t +++ /dev/null @@ -1,306 +0,0 @@ -global timeout -set timeout 60 - -set lib_pid 0 - -# -# The functions in this library used to be responsible for bazillions -# of wasted api_starts. Now, they all just use their own library -# handle so they are not interrupted when the main tests call init or -# destroy. They have to keep track of when the api exists and -# restarts, though, since the lib_handle needs to be re-opened in that -# case. -# -proc lib_start_api {} { - global spawn_id lib_pid test - - if {! [api_isrunning $lib_pid]} { - api_exit - set lib_pid [api_start] - if {! [cmd { - kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ - $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ - lib_handle - }]} { - perror "$test: unexpected failure in init" - return - } - verbose "+++ restarted api ($lib_pid) for lib" - } else { - verbose "+++ api $lib_pid already running for lib" - } -} - -proc cmd {command} { - global prompt - global spawn_id - global test - - send "[string trim $command]\n" - expect { - -re "OK .*$prompt$" { return 1 } - -re "ERROR .*$prompt$" { return 0 } - "wrong # args" { perror "$test: wrong number args"; return 0 } - timeout { fail "$test: timeout"; return 0 } - eof { fail "$test: eof"; api_exit; lib_start_api; return 0 } - } -} - -proc tcl_cmd {command} { - global prompt spawn_id test - - send "[string trim $command]\n" - expect { - -re "$prompt$" { return 1} - "wrong # args" { perror "$test: wrong number args"; return 0 } - timeout { error_and_restart "timeout" } - eof { api_exit; lib_start_api; return 0 } - } -} - -proc one_line_succeed_test {command} { - global prompt - global spawn_id - global test - - send "[string trim $command]\n" - expect { - -re "OK .*$prompt$" { pass "$test"; return 1 } - -re "ERROR .*$prompt$" { - fail "$test: $expect_out(buffer)"; return 0 - } - "wrong # args" { perror "$test: wrong number args"; return 0 } - timeout { fail "$test: timeout"; return 0 } - eof { fail "$test: eof"; api_exit; lib_start_api; return 0 } - } -} - -proc one_line_fail_test {command code} { - global prompt - global spawn_id - global test - - send "[string trim $command]\n" - expect { - -re "ERROR .*$code.*$prompt$" { pass "$test"; return 1 } - -re "ERROR .*$prompt$" { fail "$test: bad failure"; return 0 } - -re "OK .*$prompt$" { fail "$test: bad success"; return 0 } - "wrong # args" { perror "$test: wrong number args"; return 0 } - timeout { fail "$test: timeout"; return 0 } - eof { fail "$test: eof"; api_exit; lib_start_api; return 0 } - } -} - -proc one_line_fail_test_nochk {command} { - global prompt - global spawn_id - global test - - send "[string trim $command]\n" - expect { - -re "ERROR .*$prompt$" { pass "$test:"; return 1 } - -re "OK .*$prompt$" { fail "$test: bad success"; return 0 } - "wrong # args" { perror "$test: wrong number args"; return 0 } - timeout { fail "$test: timeout"; return 0 } - eof { fail "$test: eof"; api_exit; lib_start_api; return 0 } - } -} - -proc resync {} { - global prompt spawn_id test - - expect { - -re "$prompt$" {} - "wrong # args" { perror "$test: wrong number args"; return 0 } - eof { api_exit; lib_start_api } - } -} - -proc create_principal {name} { - lib_start_api - - set ret [cmd [format { - kadm5_create_principal $lib_handle [simple_principal \ - "%s"] {KADM5_PRINCIPAL} "%s" - } $name $name]] - - return $ret -} - -proc create_policy {name} { - lib_start_api - - set ret [cmd [format { - kadm5_create_policy $lib_handle [simple_policy "%s"] \ - {KADM5_POLICY} - } $name $name]] - - return $ret -} - -proc create_principal_pol {name policy} { - lib_start_api - - set ret [cmd [format { - kadm5_create_principal $lib_handle [princ_w_pol "%s" \ - "%s"] {KADM5_PRINCIPAL KADM5_POLICY} "%s" - } $name $policy $name]] - - return $ret -} - -proc delete_principal {name} { - lib_start_api - - set ret [cmd [format { - kadm5_delete_principal $lib_handle "%s" - } $name]] - - return $ret -} - -proc delete_policy {name} { - lib_start_api - - set ret [cmd [format {kadm5_delete_policy $lib_handle "%s"} $name]] - - return $ret -} - -proc principal_exists {name} { -# puts stdout "Starting principal_exists." - - lib_start_api - - set ret [cmd [format { - kadm5_get_principal $lib_handle "%s" principal \ - KADM5_PRINCIPAL_NORMAL_MASK - } $name]] - -# puts stdout "Finishing principal_exists." - - return $ret -} - -proc policy_exists {name} { - lib_start_api - -# puts stdout "Starting policy_exists." - - set ret [cmd [format { - kadm5_get_policy $lib_handle "%s" policy - } $name]] - -# puts stdout "Finishing policy_exists." - - return $ret -} - -proc error_and_restart {error} { - api_exit - api_start - perror $error -} - -proc test {name} { - global test verbose - - set test $name - if {$verbose >= 1} { - puts stdout "At $test" - } -} - -proc begin_dump {} { - global TOP - global RPC - - if { ! $RPC } { -# exec $env(SIMPLE_DUMP) > /tmp/dump.before - } -} - -proc end_dump_compare {name} { - global file - global TOP - global RPC - - if { ! $RPC } { -# set file $TOP/admin/lib/unit-test/diff-files/$name -# exec $env(SIMPLE_DUMP) > /tmp/dump.after -# exec $env(COMPARE_DUMP) /tmp/dump.before /tmp/dump.after $file - } -} - -proc kinit { princ pass {opts ""} } { - global env; - global KINIT - - eval spawn $KINIT -5 $opts $princ - expect { - -re {Password for .*: $} - {send "$pass\n"} - timeout {puts "Timeout waiting for prompt" ; close } - } - - # this necessary so close(1) in the child will not sleep waiting for - # the parent, which is us, to read pending data. - - expect { - "when initializing cache" { perror "kinit failed: $expect_out(buffer)" } - eof {} - } - wait -} - -proc kdestroy {} { - global KDESTROY - global errorCode errorInfo - global env - - if {[info exists errorCode]} { - set saveErrorCode $errorCode - } - if {[info exists errorInfo]} { - set saveErrorInfo $errorInfo - } - catch "exec $KDESTROY -5 2>/dev/null" - if {[info exists saveErrorCode]} { - set errorCode $saveErrorCode - } elseif {[info exists errorCode]} { - unset errorCode - } - if {[info exists saveErrorInfo]} { - set errorInfo $saveErrorInfo - } elseif {[info exists errorInfo]} { - unset errorInfo - } -} - -proc create_principal_with_keysalts {name keysalts} { - global kadmin_local - - spawn $kadmin_local -e "$keysalts" - expect { - "kadmin.local:" {} - default { perror "waiting for kadmin.local prompt"; return 1} - } - send "ank -pw \"$name\" \"$name\"\n" - expect { - -re "Principal \"$name.*\" created." {} - "kadmin.local:" { - perror "expecting principal created message"; - return 1 - } - default { perror "waiting for principal created message"; return 1 } - } - expect { - "kadmin.local:" {} - default { perror "waiting for kadmin.local prompt"; return 1 } - } - close - wait - return 0 -} - - diff --git a/src/lib/kadm5/unit-test/lock-test.c b/src/lib/kadm5/unit-test/lock-test.c deleted file mode 100644 index 59f9d2609..000000000 --- a/src/lib/kadm5/unit-test/lock-test.c +++ /dev/null @@ -1,105 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include <stdio.h> -#include <krb5.h> -#include <kadm5/admin.h> -#include <kdb.h> -#include <string.h> - -char *whoami; - -static void usage() -{ - fprintf(stderr, - "Usage: %s {shared|exclusive|permanent|release|" - "get name|wait} ...\n", whoami); - exit(1); -} - -int main(int argc, char **argv) -{ - krb5_error_code ret; - osa_policy_ent_t entry; - krb5_context context; - kadm5_config_params params; - krb5_error_code kret; - - whoami = argv[0]; - - kret = kadm5_init_krb5_context(&context); - if (kret) { - com_err(whoami, kret, "while initializing krb5"); - exit(1); - } - - params.mask = 0; - ret = kadm5_get_config_params(context, 1, ¶ms, ¶ms); - if (ret) { - com_err(whoami, ret, "while retrieving configuration parameters"); - exit(1); - } - if (! (params.mask & KADM5_CONFIG_ADBNAME)) { - com_err(whoami, KADM5_BAD_SERVER_PARAMS, - "while retrieving configuration parameters"); - exit(1); - } - - ret = krb5_db_open( context, NULL, KRB5_KDB_OPEN_RW); - if (ret) { - com_err(whoami, ret, "while opening database"); - exit(1); - } - - argc--; argv++; - while (argc) { - if (strcmp(*argv, "shared") == 0) { - ret = krb5_db_lock(context, KRB5_DB_LOCKMODE_SHARED); - if (ret) - com_err(whoami, ret, "while getting shared lock"); - else - printf("shared\n"); - } else if (strcmp(*argv, "exclusive") == 0) { - ret = krb5_db_lock(context, KRB5_DB_LOCKMODE_EXCLUSIVE ); - if (ret) - com_err(whoami, ret, "while getting exclusive lock"); - else - printf("exclusive\n"); - } else if (strcmp(*argv, "permanent") == 0) { - ret = krb5_db_lock(context, KRB5_DB_LOCKMODE_EXCLUSIVE ); - if (ret) - com_err(whoami, ret, "while getting permanent lock"); - else - printf("permanent\n"); - } else if (strcmp(*argv, "release") == 0) { - ret = krb5_db_unlock(context); - if (ret) - com_err(whoami, ret, "while releasing lock"); - else - printf("released\n"); - } else if (strcmp(*argv, "get") == 0) { - argc--; argv++; - if (!argc) usage(); - if ((ret = krb5_db_get_policy(context, *argv, &entry))) { - com_err(whoami, ret, "while getting policy"); - } else { - printf("retrieved\n"); - krb5_db_free_policy(context, entry); - } - } else if (strcmp(*argv, "wait") == 0) { - getchar(); - } else { - fprintf(stderr, "%s: Invalid argument \"%s\"\n", - whoami, *argv); - usage(); - } - - argc--; argv++; - } - - ret = krb5_db_fini(context); - if (ret) { - com_err(whoami, ret, "while closing database"); - exit(1); - } - - return 0; -} diff --git a/src/lib/kadm5/unit-test/randkey-test.c b/src/lib/kadm5/unit-test/randkey-test.c deleted file mode 100644 index dbef88ac8..000000000 --- a/src/lib/kadm5/unit-test/randkey-test.c +++ /dev/null @@ -1,42 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include <kadm5/admin.h> -#include <com_err.h> -#include <stdio.h> -#include <krb5.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <string.h> - -#define TEST_NUM 1000 - -int main() -{ - kadm5_ret_t ret; - krb5_keyblock *keys[TEST_NUM]; - krb5_principal tprinc; - krb5_keyblock *newkey; - krb5_context context; - void *server_handle; - - int x, i; - - kadm5_init_krb5_context(&context); - - krb5_parse_name(context, "testuser", &tprinc); - ret = kadm5_init(context, "admin", "admin", KADM5_ADMIN_SERVICE, NULL, - KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL, - &server_handle); - if(ret != KADM5_OK) { - com_err("test", ret, "init"); - exit(2); - } - for(x = 0; x < TEST_NUM; x++) { - kadm5_randkey_principal(server_handle, tprinc, &keys[x], NULL); - for(i = 0; i < x; i++) { - if (!memcmp(newkey->contents, keys[i]->contents, newkey->length)) - puts("match found"); - } - } - kadm5_destroy(server_handle); - exit(0); -} diff --git a/src/lib/kadm5/unit-test/setkey-test.c b/src/lib/kadm5/unit-test/setkey-test.c deleted file mode 100644 index 8e7df96e9..000000000 --- a/src/lib/kadm5/unit-test/setkey-test.c +++ /dev/null @@ -1,246 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include <k5-int.h> -#include <kadm5/admin.h> - -#if HAVE_SRAND48 -#define RAND() lrand48() -#define SRAND(a) srand48(a) -#define RAND_TYPE long -#elif HAVE_SRAND -#define RAND() rand() -#define SRAND(a) srand(a) -#define RAND_TYPE int -#elif HAVE_SRANDOM -#define RAND() random() -#define SRAND(a) srandom(a) -#define RAND_TYPE long -#else /* no random */ -need a random number generator -#endif /* no random */ - -krb5_keyblock test1[] = { - {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0}, - {-1}, -}; -krb5_keyblock test2[] = { - {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0}, - {-1}, -}; -krb5_keyblock test3[] = { - {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0}, - {-1}, -}; - -krb5_keyblock *tests[] = { - test1, test2, test3, NULL -}; - -krb5_data tgtname = { - 0, - KRB5_TGS_NAME_SIZE, - KRB5_TGS_NAME -}; - -krb5_enctype ktypes[] = { 0, 0 }; - -extern krb5_kt_ops krb5_ktf_writable_ops; - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_keytab kt; - krb5_keytab_entry ktent; - krb5_encrypt_block eblock; - krb5_creds my_creds; - krb5_get_init_creds_opt *opt; - kadm5_principal_ent_rec princ_ent; - krb5_principal princ, server; - char pw[16]; - char *whoami, *principal, *authprinc, *authpwd; - krb5_data pwdata; - void *handle; - int ret, test, encnum; - unsigned int i; - - whoami = argv[0]; - - if (argc < 2 || argc > 4) { - fprintf(stderr, "Usage: %s principal [authuser] [authpwd]\n", whoami); - exit(1); - } - principal = argv[1]; - authprinc = (argc > 2) ? argv[2] : argv[0]; - authpwd = (argc > 3) ? argv[3] : NULL; - - /* - * Setup. Initialize data structures, open keytab, open connection - * to kadm5 server. - */ - - memset(&context, 0, sizeof(context)); - kadm5_init_krb5_context(&context); - - ret = krb5_parse_name(context, principal, &princ); - if (ret) { - com_err(whoami, ret, "while parsing principal name %s", principal); - exit(1); - } - - if((ret = krb5_build_principal_ext(context, &server, - krb5_princ_realm(kcontext, princ)->length, - krb5_princ_realm(kcontext, princ)->data, - tgtname.length, tgtname.data, - krb5_princ_realm(kcontext, princ)->length, - krb5_princ_realm(kcontext, princ)->data, - 0))) { - com_err(whoami, ret, "while building server name"); - exit(1); - } - - ret = krb5_kt_default(context, &kt); - if (ret) { - com_err(whoami, ret, "while opening keytab"); - exit(1); - } - - ret = kadm5_init(context, authprinc, authpwd, KADM5_ADMIN_SERVICE, NULL, - KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL, - &handle); - if (ret) { - com_err(whoami, ret, "while initializing connection"); - exit(1); - } - - /* these pw's don't need to be secure, just different every time */ - SRAND((RAND_TYPE)time((void *) NULL)); - pwdata.data = pw; - pwdata.length = sizeof(pw); - - /* - * For each test: - * - * For each enctype in the test, construct a random password/key. - * Assign all keys to principal with kadm5_setkey_principal. Add - * each key to the keytab, and acquire an initial ticket with the - * keytab (XXX can I specify the kvno explicitly?). If - * krb5_get_init_creds_keytab succeeds, then the keys were set - * successfully. - */ - for (test = 0; tests[test] != NULL; test++) { - krb5_keyblock *testp = tests[test]; - kadm5_key_data *extracted; - int n_extracted, match; - printf("+ Test %d:\n", test); - - for (encnum = 0; testp[encnum].magic != -1; encnum++) { - for (i = 0; i < sizeof(pw); i++) - pw[i] = (RAND() % 26) + '0'; /* XXX */ - - krb5_use_enctype(context, &eblock, testp[encnum].enctype); - ret = krb5_string_to_key(context, &eblock, &testp[encnum], - &pwdata, NULL); - if (ret) { - com_err(whoami, ret, "while converting string to key"); - exit(1); - } - } - - /* now, encnum == # of keyblocks in testp */ - ret = kadm5_setkey_principal(handle, princ, testp, encnum); - if (ret) { - com_err(whoami, ret, "while setting keys"); - exit(1); - } - - ret = kadm5_get_principal(handle, princ, &princ_ent, KADM5_KVNO); - if (ret) { - com_err(whoami, ret, "while retrieving principal"); - exit(1); - } - - ret = kadm5_get_principal_keys(handle, princ, 0, &extracted, - &n_extracted); - if (ret) { - com_err(whoami, ret, "while extracting keys"); - exit(1); - } - - for (encnum = 0; testp[encnum].magic != -1; encnum++) { - printf("+ enctype %d\n", testp[encnum].enctype); - - for (match = 0; match < n_extracted; match++) { - if (extracted[match].key.enctype == testp[encnum].enctype) - break; - } - if (match >= n_extracted) { - com_err(whoami, KRB5_WRONG_ETYPE, "while matching enctypes"); - exit(1); - } - if (extracted[match].key.length != testp[encnum].length || - memcmp(extracted[match].key.contents, testp[encnum].contents, - testp[encnum].length) != 0) { - com_err(whoami, KRB5_KDB_NO_MATCHING_KEY, "verifying keys"); - exit(1); - } - - memset(&ktent, 0, sizeof(ktent)); - ktent.principal = princ; - ktent.key = testp[encnum]; - ktent.vno = princ_ent.kvno; - - ret = krb5_kt_add_entry(context, kt, &ktent); - if (ret) { - com_err(whoami, ret, "while adding keytab entry"); - exit(1); - } - - memset(&my_creds, 0, sizeof(my_creds)); - my_creds.client = princ; - my_creds.server = server; - - ktypes[0] = testp[encnum].enctype; - ret = krb5_get_init_creds_opt_alloc(context, &opt); - if (ret) { - com_err(whoami, ret, "while allocating gic opts"); - exit(1); - } - krb5_get_init_creds_opt_set_etype_list(opt, ktypes, 1); - ret = krb5_get_init_creds_keytab(context, &my_creds, princ, - kt, 0, NULL /* in_tkt_service */, - opt); - krb5_get_init_creds_opt_free(context, opt); - if (ret) { - com_err(whoami, ret, "while acquiring initial ticket"); - exit(1); - } - krb5_free_cred_contents(context, &my_creds); - - /* since I can't specify enctype explicitly ... */ - ret = krb5_kt_remove_entry(context, kt, &ktent); - if (ret) { - com_err(whoami, ret, "while removing keytab entry"); - exit(1); - } - } - - (void)kadm5_free_kadm5_key_data(context, n_extracted, extracted); - } - - ret = krb5_kt_close(context, kt); - if (ret) { - com_err(whoami, ret, "while closing keytab"); - exit(1); - } - - ret = kadm5_destroy(handle); - if (ret) { - com_err(whoami, ret, "while closing kadmin connection"); - exit(1); - } - - krb5_free_principal(context, princ); - krb5_free_principal(context, server); - krb5_free_context(context); - return 0; -} diff --git a/src/lib/kadm5/unit-test/site.exp b/src/lib/kadm5/unit-test/site.exp deleted file mode 100644 index 7fe397463..000000000 --- a/src/lib/kadm5/unit-test/site.exp +++ /dev/null @@ -1,2 +0,0 @@ -set tool kadm5_srv_tcl -set prompt "% " -- 2.31.1
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2