krb5-wallet.git/tests, branch release/1.1

Fix wallet-backend parsing of expires

2014-07-16T04:11:07+00:00

Fix wallet-backend parsing of the expires command to expect only one argument as the expiration. This was correctly documented in the wallet client man page, but not in wallet-backend, and it accepted two arguments (a date and time). However, Wallet::Server did not and would just ignore the time. Now wallet-backend correctly requires the date and time be passed as a single argument. Change-Id: I8e51a576ea8781502f4eb983462ceca867b002be Reviewed-on: https://gerrit.stanford.edu/1556 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Test for Perl strict and minimum version

2014-07-12T05:39:23+00:00

Fix strictness issues across the whole code base, and ensure that all Perl scripts enable warnings. (Hopefully enabling warnings won't cause problems for the server.) Change-Id: I4dee49f7a6bcbeeee21d74bf61a1fd26514f832c Reviewed-on: https://gerrit.stanford.edu/1532 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Switch to Module::Build for the Perl module

2014-07-12T05:39:05+00:00

The wallet server now requires Perl 5.8 or later (instead of 5.006 in previous versions) and is now built with Module::Build instead of ExtUtils::MakeMaker. This should be transparent to anyone not working with the source code, since Perl 5.8 was released in 2002, but Module::Build is now required to build the wallet server. It is included in some versions of Perl, or can be installed separately from CPAN, distribution packages, or other sources. Also reorganize the test suite to use subdirectories. Change-Id: Id06120ba2bad1ebbfee3d8a48ca2f25869463165 Reviewed-on: https://gerrit.stanford.edu/1530 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Update to rra-c-util 5.5 and C TAP Harness 3.1

2014-07-12T05:38:49+00:00

Update to rra-c-util 5.5: * Use Lancaster Consensus environment variables to control tests. * Use calloc or reallocarray for protection against integer overflows. * Suppress warnings from Kerberos headers in non-system paths. * Assume calloc initializes pointers to NULL. * Assume free(NULL) is properly ignored. * Improve error handling in xasprintf and xvasprintf. * Check the return status of snprintf and vsnprintf properly. * Preserve errno if snprintf fails in vasprintf replacement. Update to C TAP Harness 3.1: * Reopen standard input to /dev/null when running a test list. * Don't leak extraneous file descriptors to tests. * Suppress lazy plans and test summaries if the test failed with bail. * runtests now treats the command line as a list of tests by default. * The full test executable path can now be passed to runtests -o. * Improved harness output for tests with lazy plans. * Improved harness output to a terminal for some abort cases. * Flush harness output after each test even when not on a terminal. Change-Id: I05161eb3d3be49a98f7762e876cb114da0c84e9a Reviewed-on: https://gerrit.stanford.edu/1529 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Fix test cleanup code to run during global destruction

2014-07-12T02:03:34+00:00

If we don't run the code to delete the wallet database very late, destruction of the SQLite objects may recreate the database file. Move the unlink to an END block to avoid this problem. Change-Id: Ib5ec2cbd08ba24c99f3dfa1daa01488931c5958f Reviewed-on: https://gerrit.stanford.edu/1525 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Add new object type for Duo integrations

2014-07-12T02:02:12+00:00

A new object type, duo (Wallet::Object::Duo), is now supported. This creates an integration with the Duo Security cloud multifactor authentication service and allows retrieval of the integration key, secret key, and admin hostname. Currently, only UNIX integration types are supported. The Net::Duo Perl module is required to use this object type. New configuration settings are required as well; see Wallet::Config for more information. To enable this object type for an existing wallet database, use wallet-admin to register the new object. Change-Id: I2c0dac75e81f526b34d6b509c4bdaecb43dd4a9d Reviewed-on: https://gerrit.stanford.edu/1516 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Change my email address to eagle@eyrie.org

2014-04-13T23:37:25+00:00

Change-Id: I4c2b5d7c807d6c27dd18a3b92eef66d21287d21e Reviewed-on: https://gerrit.stanford.edu/1481 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Update Test::RRA modules from the current rra-c-util

2014-01-07T05:14:02+00:00

Further documentation of the changes will come later when the rest of rra-c-util files have been updated and the package makes more use of these modules, but this fixes a spelling error test failure. Change-Id: Ia885c4ab103235a1f6a2bf2b86d5a32c93751d89 Reviewed-on: https://gerrit.stanford.edu/1371 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Fix wallet-rekey on keytabs containing multiple principals

2014-01-07T05:13:33+00:00

Fix wallet-rekey on keytabs containing multiple principals. Previous versions assumed one could concatenate keytab files together to make a valid keytab file, which doesn't work with some Kerberos libraries. This caused new keys downloaded for principals after the first to be discarded. As a side effect of this fix, wallet-rekey always appends new keys directly to the existing keytab file, and never creates a backup copy of that file. Change-Id: I5f863239ce4ebba66b35ff09454f2897367bd359 Reviewed-on: https://gerrit.stanford.edu/1369 Reviewed-by: Russ Allbery Tested-by: Russ Allbery

Accept any characters in the argument to the comment command

2013-03-28T02:02:00+00:00

It's nice to have spaces and other special characters in comments, so allow any character rather than applying the normal argument filtering. Change-Id: Iec8584f1f6893906db7245fbe571d62ebc60f72a Reviewed-on: https://gerrit.stanford.edu/989 Reviewed-by: Russ Allbery Tested-by: Russ Allbery