diff options
| author | Russ Allbery <rra@stanford.edu> | 2010-07-29 16:20:46 -0700 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2010-07-29 16:20:46 -0700 |
| commit | 0c72d75380464dca85749b10244969241863ecf6 (patch) | |
| tree | 9a6da58996d91d3bf0a665c03e79246f045f0c8b | |
| parent | 5017e47ac6feffbbb5cf0d8f2541a7bb044e6255 (diff) | |
Update client test to work correctly with Heimdal userspace
The check for whether we got the right keytab data was not being done
on Heimdal since it only knew how to run klist. Add a new ktutil_list
function to kerberos.sh that runs klist or ktutil list as appropriate.
| -rw-r--r-- | tests/client/basic-t.in | 6 | ||||
| -rw-r--r-- | tests/tap/kerberos.sh | 19 |
2 files changed, 20 insertions, 5 deletions
diff --git a/tests/client/basic-t.in b/tests/client/basic-t.in index 86e24d5..11f0bce 100644 --- a/tests/client/basic-t.in +++ b/tests/client/basic-t.in @@ -114,10 +114,10 @@ rm -f srvtab srvtab.bak # Test keytab merging. ok_program 'keytab merging' 0 '' \ "$wallet" -f keytab get keytab service/fake-keytab -(klist -keK keytab 2>&1) | sed '/Keytab name:/d' > klist-seen -(klist -keK data/fake-keytab-merge 2>&1) | sed '/Keytab name:/d' > klist-good +ktutil_list keytab klist-seen +ktutil_list data/fake-keytab-merge klist-good ok '...and the merged keytab is correct' cmp klist-seen klist-good -rm -f keytab klist-seen klist-good +rm -f keytab klist-good klist-seen # Test srvtab download into a merged keytab with an older version. cp data/fake-keytab-old keytab diff --git a/tests/tap/kerberos.sh b/tests/tap/kerberos.sh index da07e66..fbeaaba 100644 --- a/tests/tap/kerberos.sh +++ b/tests/tap/kerberos.sh @@ -1,7 +1,7 @@ -# Shell function library to initialize Kerberos credentials +# Shell function library for Kerberos test support. # # Written by Russ Allbery <rra@stanford.edu> -# Copyright 2009 Board of Trustees, Leland Stanford Jr. University +# Copyright 2009, 2010 Board of Trustees, Leland Stanford Jr. University # # See LICENSE for licensing terms. @@ -46,3 +46,18 @@ kerberos_setup () { kerberos_cleanup () { rm -f "$BUILD/data/test.cache" } + +# List the contents of a keytab with enctypes and keys. This adjusts for the +# difference between MIT Kerberos (which uses klist) and Heimdal (which uses +# ktutil). Be careful to try klist first, since the ktutil on MIT Kerberos +# may just hang. Takes the keytab to list and the file into which to save the +# output, and strips off the header containing the file name. +ktutil_list () { + if klist -keK "$1" > ktutil-tmp 2>/dev/null ; then + : + else + ktutil -k "$1" list --keys > ktutil-tmp < /dev/null 2>/dev/null + fi + sed -e '/Keytab name:/d' -e "/^[^ ]*:/d" ktutil-tmp > "$2" + rm -f ktutil-tmp +} |