diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-09-19 20:40:06 +0000 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-09-19 20:40:06 +0000 |
| commit | e86a7a0569e84ebcb769855ece2417c2ccce9b45 (patch) | |
| tree | 24352e7619ade9dde0e9c41fdb13a1e83bb440ad /perl/t | |
| parent | 4dccc846413fc1703d23f2bb80b2598d301ef998 (diff) | |
Allow creation of a keytab object for a principal that already exists.
Catch more errors when checking the existence of a principal. Add a
test for creating a principal for which we don't have permissions.
Diffstat (limited to 'perl/t')
| -rw-r--r-- | perl/t/data/README | 3 | ||||
| -rwxr-xr-x | perl/t/keytab.t | 15 |
2 files changed, 12 insertions, 6 deletions
diff --git a/perl/t/data/README b/perl/t/data/README index bd15903..33ec32f 100644 --- a/perl/t/data/README +++ b/perl/t/data/README @@ -14,7 +14,8 @@ including the admin_server for the realm. The test process will create the principals wallet/one and wallet/two and on success will clean up after itself. If the test fails, they may be -left behind in the KDC. +left behind in the KDC. It will also attempt to create wallet-test/one +and expects that attempt to be rejected by the KDC. For MIT Kerberos, to grant appropriate permissions, add the line: diff --git a/perl/t/keytab.t b/perl/t/keytab.t index 9337c80..238c6a7 100755 --- a/perl/t/keytab.t +++ b/perl/t/keytab.t @@ -3,7 +3,7 @@ # # t/keytab.t -- Tests for the keytab object implementation. -use Test::More tests => 46; +use Test::More tests => 50; use Wallet::Config; use Wallet::Object::Keytab; @@ -153,10 +153,15 @@ SKIP: { $object = eval { Wallet::Object::Keytab->create ('keytab', 'wallet/two', $dbh, @trace) }; - is ($object, undef, 'Creating an existing principal fails'); - like ($@, qr{^error adding principal wallet/two\@\Q$realm\E: }, - ' with the right error message'); - destroy ('wallet/two'); + ok (defined ($object), 'Creating an existing principal succeeds'); + ok ($object->isa ('Wallet::Object::Keytab'), ' and is the right class'); + is ($object->destroy (@trace), 1, ' and destroying it succeeds'); + ok (! created ('wallet/two'), ' and now it does not exist'); + my @name = qw(keytab wallet-test/one); + $object = eval { Wallet::Object::Keytab->create (@name, $dbh, @trace) }; + is ($object, undef, 'Creation without permissions fails'); + like ($@, qr{^error adding principal wallet-test/one\@\Q$realm: }, + ' with the right error'); # Now, try retrieving the keytab. $object = Wallet::Object::Keytab->new ('keytab', 'wallet/one', $dbh); |