Refactor Wallet::Kadmin keytab_rekey to return keytab

Change the API for keytab_rekey to match keytab, returning the keytab
as data instead of writing it to a file.  This simplifies the wallet
object implementation and moves the logic for reading the temporary
file into Wallet::Kadmin and its child classes.  (Eventually, there may
be a kadmin backend that doesn't require using a temporary file.)

Setting KEYTAB_TMP is now required to instantiate either the ::MIT or
::Heimdal Wallet::Kadmin classes.

1 files changed, 7 insertions, 8 deletions

diff --git a/perl/t/kadmin.t b/perl/t/kadmin.t
index a29cae3..b9ac769 100755
--- a/perl/t/kadmin.t
+++ b/perl/t/kadmin.t
@@ -8,7 +8,9 @@
 # See LICENSE for licensing terms.
 
 use POSIX qw(strftime);
-use Test::More tests => 33;
+use Test::More tests => 32;
+
+BEGIN { $Wallet::Config::KEYTAB_TMP = '.' }
 
 use Wallet::Admin;
 use Wallet::Config;
@@ -90,13 +92,10 @@ SKIP: {
     # check the details of the return in the keytab check.
     is ($kadmin->create ('wallet/one'), 1, 'Creating wallet/one works');
     is ($kadmin->exists ('wallet/one'), 1, ' and it now exists');
-    unlink ('./tmp.keytab');
-    is ($kadmin->keytab_rekey ('wallet/one', './tmp.keytab'), 1,
-        ' and retrieving a keytab works');
-    ok (-s './tmp.keytab', ' and the resulting keytab is non-zero');
-    is (getcreds ('./tmp.keytab', "wallet/one\@$Wallet::Config::KEYTAB_REALM"),
-        1, ' and works for authentication');
-    unlink ('./tmp.keytab');
+    my $data = $kadmin->keytab_rekey ('wallet/one');
+    ok (defined ($data), ' and retrieving a keytab works');
+    is (keytab_valid ($data, 'wallet/one'), 1,
+        ' and works for authentication');
 
     # Delete the principal and confirm behavior.
     is ($kadmin->destroy ('wallet/one'), 1, 'Deleting principal works');