diff options
| -rw-r--r-- | NEWS | 6 | ||||
| -rw-r--r-- | perl/Wallet/Object/Keytab.pm | 2 | ||||
| -rwxr-xr-x | perl/t/keytab.t | 14 |
3 files changed, 20 insertions, 2 deletions
@@ -1,5 +1,11 @@ User-Visible wallet Changes +wallet 0.5 (unreleased) + + Fix the keytab principal validation regex to allow instances + containing periods. Otherwise, it's hard to manage host keytabs. Add + a missing test suite for that method. + wallet 0.4 (2007-12-05) Maintain a global cache of ACL verifiers in Wallet::ACL and reuse them diff --git a/perl/Wallet/Object/Keytab.pm b/perl/Wallet/Object/Keytab.pm index ed998aa..fcd427a 100644 --- a/perl/Wallet/Object/Keytab.pm +++ b/perl/Wallet/Object/Keytab.pm @@ -36,7 +36,7 @@ $VERSION = '0.03'; # realm information here. sub valid_principal { my ($self, $principal) = @_; - return scalar ($principal =~ m,^[\w-]+(/[\w_-]+)?\z,); + return scalar ($principal =~ m,^[\w-]+(/[\w_.-]+)?\z,); } # Run a kadmin command and capture the output. Returns the output, either as diff --git a/perl/t/keytab.t b/perl/t/keytab.t index 2d19845..0dd6bc3 100755 --- a/perl/t/keytab.t +++ b/perl/t/keytab.t @@ -9,7 +9,7 @@ # See LICENSE for licensing terms. use POSIX qw(strftime); -use Test::More tests => 204; +use Test::More tests => 217; use Wallet::Config; use Wallet::Object::Keytab; @@ -199,6 +199,18 @@ my $dbh = $server->dbh; my $history = ''; my $date = strftime ('%Y-%m-%d %H:%M:%S', localtime $trace[2]); +# Do some white-box testing of the principal validation regex. +for my $bad (qw{service\* = host/foo+bar host/foo/bar /bar bar/ + rcmd.foo}) { + ok (! Wallet::Object::Keytab->valid_principal ($bad), + "Invalid principal name $bad"); +} +for my $good (qw{service service/foo bar foo/bar host/example.org + aservice/foo}) { + ok (Wallet::Object::Keytab->valid_principal ($good), + "Valid principal name $good"); +} + # Basic keytab creation and manipulation tests. SKIP: { skip 'no keytab configuration', 49 unless -f 't/data/test.keytab'; |