diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-10-10 20:15:48 +0000 | 
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-10-10 20:15:48 +0000 | 
| commit | 3b240cd8b2ec081a1806a65c4ea1eb1271d1ddfb (patch) | |
| tree | 30aa33f7ba8e946c56f083e7c0b20fcd43ddcdf4 /perl | |
| parent | 8b4f558134a618660c424d2dabd90033b7b8e4b9 (diff) | |
Add tests for the history trace, which tests history records for
attributes.
Diffstat (limited to 'perl')
| -rwxr-xr-x | perl/t/keytab.t | 133 | 
1 files changed, 121 insertions, 12 deletions
| diff --git a/perl/t/keytab.t b/perl/t/keytab.t index c5e63d0..e69a7df 100755 --- a/perl/t/keytab.t +++ b/perl/t/keytab.t @@ -9,7 +9,7 @@  # See LICENSE for licensing terms.  use POSIX qw(strftime); -use Test::More tests => 196; +use Test::More tests => 204;  use Wallet::Config;  use Wallet::Object::Keytab; @@ -398,12 +398,12 @@ EOO  # Tests for unchanging support.  Skip these if we don't have a keytab or if we  # can't find remctld.  SKIP: { -    skip 'no keytab configuration', 16 unless -f 't/data/test.keytab'; +    skip 'no keytab configuration', 17 unless -f 't/data/test.keytab';      my @path = (split (':', $ENV{PATH}), '/usr/local/sbin', '/usr/sbin');      my ($remctld) = grep { -x $_ } map { "$_/remctld" } @path; -    skip 'remctld not found', 16 unless $remctld; +    skip 'remctld not found', 17 unless $remctld;      eval { require Net::Remctl }; -    skip 'Net::Remctl not available', 16 if $@; +    skip 'Net::Remctl not available', 17 if $@;      # Set up our configuration.      $Wallet::Config::KEYTAB_FILE      = 't/data/test.keytab'; @@ -459,11 +459,24 @@ SKIP: {      is ($one->destroy (@trace), 1, 'Destroying wallet/one works');      is ($two->destroy (@trace), 1, ' as does destroying wallet/two');      stop_remctld; + +    # Check that history has been updated correctly. +    $history .= <<"EOO"; +$date  create +    by admin\@EXAMPLE.COM from localhost +$date  set flag unchanging +    by admin\@EXAMPLE.COM from localhost +$date  get +    by admin\@EXAMPLE.COM from localhost +$date  destroy +    by admin\@EXAMPLE.COM from localhost +EOO +    is ($one->history, $history, 'History is correct to this point');  }  # Tests for kaserver synchronization support.  SKIP: { -    skip 'no keytab configuration', 98 unless -f 't/data/test.keytab'; +    skip 'no keytab configuration', 100 unless -f 't/data/test.keytab';      # Test the principal mapping.  We can do this without having a kaserver      # configuration.  We only need a basic keytab object configuration.  Do @@ -547,9 +560,16 @@ EOO       Created on: $trace[2]  EOO      is ($one->show, $expected, ' and show now displays the attribute'); +    $history .= <<"EOO"; +$date  create +    by admin\@EXAMPLE.COM from localhost +$date  add kaserver to attribute sync +    by admin\@EXAMPLE.COM from localhost +EOO +    is ($one->history, $history, ' and history is correct for attributes');      # Set up our configuration. -    skip 'no AFS kaserver configuration', 31 unless -f 't/data/test.srvtab'; +    skip 'no AFS kaserver configuration', 32 unless -f 't/data/test.srvtab';      $Wallet::Config::KEYTAB_FILE         = 't/data/test.keytab';      $Wallet::Config::KEYTAB_PRINCIPAL    = contents ('t/data/test.principal');      $Wallet::Config::KEYTAB_REALM        = contents ('t/data/test.realm'); @@ -636,11 +656,38 @@ EOO      # Now destroy it for good.      is ($one->destroy (@trace), 1, 'Destroying wallet/one works'); + +    # Check that history is still correct. +    $history .= <<"EOO"; +$date  get +    by admin\@EXAMPLE.COM from localhost +$date  remove kaserver from attribute sync +    by admin\@EXAMPLE.COM from localhost +$date  get +    by admin\@EXAMPLE.COM from localhost +$date  destroy +    by admin\@EXAMPLE.COM from localhost +$date  create +    by admin\@EXAMPLE.COM from localhost +$date  get +    by admin\@EXAMPLE.COM from localhost +$date  add kaserver to attribute sync +    by admin\@EXAMPLE.COM from localhost +$date  get +    by admin\@EXAMPLE.COM from localhost +$date  destroy +    by admin\@EXAMPLE.COM from localhost +$date  create +    by admin\@EXAMPLE.COM from localhost +$date  destroy +    by admin\@EXAMPLE.COM from localhost +EOO +    is ($one->history, $history, 'History is correct to this point');  }  # Tests for enctype restriction.  SKIP: { -    skip 'no keytab configuration', 31 unless -f 't/data/test.keytab'; +    skip 'no keytab configuration', 38 unless -f 't/data/test.keytab';      # Set up our configuration.      $Wallet::Config::KEYTAB_FILE      = 't/data/test.keytab'; @@ -659,20 +706,31 @@ SKIP: {      my $keytab = $one->get (@trace);      ok (defined ($keytab), ' and retrieving the keytab works');      my @enctypes = grep { $_ ne 'UNKNOWN' } enctypes ($keytab); +    $history .= <<"EOO"; +$date  create +    by admin\@EXAMPLE.COM from localhost +$date  get +    by admin\@EXAMPLE.COM from localhost +EOO +    is ($one->history, $history, ' and history is still correct');      # No enctypes we recognize? -    skip 'no recognized enctypes', 29 unless @enctypes; +    skip 'no recognized enctypes', 33 unless @enctypes;      # We can test.  Add the enctypes we recognized to the enctypes table so      # that we'll be allowed to use them. -    for (@enctypes) { +    for my $enctype (@enctypes) {          my $sql = 'insert into enctypes (en_name) values (?)'; -        $dbh->do ($sql, undef, $_); +        $dbh->do ($sql, undef, $enctype);      }      # Set those encryption types and make sure we get back a limited keytab.      is ($one->attr ('enctypes', [ @enctypes ], @trace), 1,          'Setting enctypes works'); +    for my $enctype (@enctypes) { +        $history .= "$date  add $enctype to attribute enctypes\n"; +        $history .= "    by admin\@EXAMPLE.COM from localhost\n"; +    }      my @values = $one->attr ('enctypes');      is ("@values", "@enctypes", ' and we get back the right enctype list');      my $eshow = join ("\n" . (' ' x 17), @enctypes); @@ -699,12 +757,22 @@ EOO          ' with the right error message');      @values = enctypes ($keytab);      is ("@values", "@enctypes", ' and we did rollback properly'); +    $history .= <<"EOO"; +$date  get +    by admin\@EXAMPLE.COM from localhost +EOO +    is ($one->history, $history, 'History is correct to this point');      # Now, try testing limiting the enctypes to just one.    SKIP: { -        skip 'insufficient recognized enctypes', 12 unless @enctypes > 1; +        skip 'insufficient recognized enctypes', 14 unless @enctypes > 1;          is ($one->attr ('enctypes', [ $enctypes[0] ], @trace), 1,              'Setting a single enctype works'); +        for my $enctype (@enctypes) { +            next if $enctype eq $enctypes[0]; +            $history .= "$date  remove $enctype from attribute enctypes\n"; +            $history .= "    by admin\@EXAMPLE.COM from localhost\n"; +        }          @values = $one->attr ('enctypes');          is ("@values", $enctypes[0], ' and we get back the right value');          $keytab = $one->get (@trace); @@ -727,10 +795,40 @@ EOO          ok (defined ($keytab), ' and retrieving the keytab still works');          @values = enctypes ($keytab);          is ("@values", "@enctypes[0..1]", ' and it has the right enctypes'); + +        # Check the history trace.  Put back all the enctypes for consistent +        # status whether or not we skipped this section. +        $history .= <<"EOO"; +$date  get +    by admin\@EXAMPLE.COM from localhost +$date  remove $enctypes[0] from attribute enctypes +    by admin\@EXAMPLE.COM from localhost +$date  add $enctypes[1] to attribute enctypes +    by admin\@EXAMPLE.COM from localhost +$date  get +    by admin\@EXAMPLE.COM from localhost +$date  add $enctypes[0] to attribute enctypes +    by admin\@EXAMPLE.COM from localhost +$date  get +    by admin\@EXAMPLE.COM from localhost +EOO +        is ($one->attr ('enctypes', [ @enctypes ], @trace), 1, +            'Restoring all enctypes works'); +        for my $enctype (@enctypes) { +            next if $enctype eq $enctypes[0]; +            next if $enctype eq $enctypes[1]; +            $history .= "$date  add $enctype to attribute enctypes\n"; +            $history .= "    by admin\@EXAMPLE.COM from localhost\n"; +        } +        is ($one->history, $history, 'History is correct to this point');      }      # Test clearing enctypes.      is ($one->attr ('enctypes', [], @trace), 1, 'Clearing enctypes works'); +    for my $enctype (@enctypes) { +        $history .= "$date  remove $enctype from attribute enctypes\n"; +        $history .= "    by admin\@EXAMPLE.COM from localhost\n"; +    }      @values = $one->attr ('enctypes');      ok (@values == 0, ' and now there are no enctypes');      is ($one->error, undef, ' and no error'); @@ -747,8 +845,19 @@ EOO      ok (@values == 0, ' and now there are no enctypes');      is ($one->error, undef, ' and no error'); -    # All done.  Clean up. +    # All done.  Clean up and check history.      is ($one->destroy (@trace), 1, 'Destroying wallet/one works'); +    $history .= <<"EOO"; +$date  add $enctypes[0] to attribute enctypes +    by admin\@EXAMPLE.COM from localhost +$date  destroy +    by admin\@EXAMPLE.COM from localhost +$date  create +    by admin\@EXAMPLE.COM from localhost +$date  destroy +    by admin\@EXAMPLE.COM from localhost +EOO +    is ($one->history, $history, 'History is correct to this point');  }  # Clean up. | 
