diff options
| -rw-r--r-- | client/srvtab.c | 5 | ||||
| -rw-r--r-- | configure.ac | 8 | ||||
| -rw-r--r-- | tests/client/basic-t.in | 43 |
3 files changed, 35 insertions, 21 deletions
diff --git a/client/srvtab.c b/client/srvtab.c index 2b600c2..c0c5c40 100644 --- a/client/srvtab.c +++ b/client/srvtab.c @@ -2,6 +2,7 @@ * Implementation of srvtab handling for the wallet client. * * Written by Russ Allbery <eagle@eyrie.org> + * Copyright 2020 Russ Allbery <eagle@eyrie.org> * Copyright 2007, 2008, 2010 * The Board of Trustees of the Leland Stanford Junior University * @@ -65,10 +66,14 @@ write_srvtab(krb5_context ctx, const char *srvtab, const char *principal, krb5_kt_close(ctx, kt); /* Convert the principal to a Kerberos v4 principal. */ +#ifdef HAVE_KRB5_524_CONV_PRINCIPAL ret = krb5_524_conv_principal(ctx, princ, aname, inst, realm); if (ret != 0) die_krb5(ctx, ret, "error converting principal %s to Kerberos v4", principal); +#else + die("Not built with Kerberos v4 support"); +#endif /* Assemble the srvtab data. */ length = 0; diff --git a/configure.ac b/configure.ac index ef78a05..80eeee1 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ dnl Autoconf configuration for wallet. dnl dnl Written by Russ Allbery <eagle@eyrie.org> -dnl Copyright 2014, 2016, 2018 Russ Allbery <eagle@eyrie.org> +dnl Copyright 2014, 2016, 2018, 2020 Russ Allbery <eagle@eyrie.org> dnl Copyright 2006-2008, 2010, 2013-2014 dnl The Board of Trustees of the Leland Stanford Junior University dnl @@ -58,10 +58,12 @@ RRA_LIB_REMCTL RRA_LIB_KRB5 RRA_LIB_KRB5_SWITCH AC_CHECK_TYPES([krb5_realm], [], [], [RRA_INCLUDES_KRB5]) -AC_CHECK_FUNCS([krb5_free_default_realm \ +AC_CHECK_FUNCS([krb5_524_conv_principal \ + krb5_free_default_realm \ krb5_get_init_creds_opt_alloc \ krb5_get_init_creds_opt_set_default_flags \ - krb5_principal_get_realm]) + krb5_principal_get_realm \ + krb5_xfree]) AC_CHECK_FUNCS([krb5_get_init_creds_opt_free], [RRA_FUNC_KRB5_GET_INIT_CREDS_OPT_FREE_ARGS]) AC_CHECK_DECLS([krb5_kt_free_entry], [], [], [RRA_INCLUDES_KRB5]) diff --git a/tests/client/basic-t.in b/tests/client/basic-t.in index 7634d73..8d9511a 100644 --- a/tests/client/basic-t.in +++ b/tests/client/basic-t.in @@ -3,7 +3,7 @@ # Test suite for the wallet command-line client. # # Written by Russ Allbery <eagle@eyrie.org> -# Copyright 2018 Russ Allbery <eagle@eyrie.org> +# Copyright 2018, 2020 Russ Allbery <eagle@eyrie.org> # Copyright 2006-2008, 2010 # The Board of Trustees of the Leland Stanford Junior University # @@ -101,16 +101,30 @@ ok '...and keytab is correct' cmp keytab data/fake-keytab rm -f keytab # Test srvtab support. -ok_program 'get srvtab' 0 '' \ - "$wallet" -f keytab -S srvtab get keytab service/fake-srvtab -ok '...and keytab is correct' cmp keytab data/fake-keytab -rm -f keytab -ok_program 'get srvtab again' 0 '' \ - "$wallet" -f keytab -S srvtab get keytab service/fake-srvtab -ok '...and keytab is correct' cmp keytab data/fake-keytab -ok '...and srvtab is correct' cmp srvtab data/fake-srvtab -ok '...and srvtab backup is correct' cmp srvtab.bak data/fake-srvtab -rm -f srvtab srvtab.bak +output=`"$wallet" -f keytab -S srvtab get keytab service/fake-srvtab 2>&1` +if [ x"$output" = x"wallet: Not built with Kerberos v4 support" ]; then + rm -f keytab srvtab + skip_block 8 'Not built with Kerberos v4 support' +else + rm -f keytab srvtab + ok_program 'get srvtab' 0 '' \ + "$wallet" -f keytab -S srvtab get keytab service/fake-srvtab + ok '...and keytab is correct' cmp keytab data/fake-keytab + rm -f keytab + ok_program 'get srvtab again' 0 '' \ + "$wallet" -f keytab -S srvtab get keytab service/fake-srvtab + ok '...and keytab is correct' cmp keytab data/fake-keytab + ok '...and srvtab is correct' cmp srvtab data/fake-srvtab + ok '...and srvtab backup is correct' cmp srvtab.bak data/fake-srvtab + rm -f srvtab srvtab.bak + + # Test srvtab download into a merged keytab with an older version. + cp data/fake-keytab-old keytab + ok_program 'keytab merging with srvtab creation' 0 '' \ + "$wallet" -f keytab -S srvtab get keytab service/fake-srvtab + ok '...and the srvtab is correct' cmp srvtab data/fake-srvtab + rm -f keytab srvtab +fi # Test keytab merging. ok_program 'keytab merging' 0 '' \ @@ -120,13 +134,6 @@ ktutil_list data/fake-keytab-merge klist-good ok '...and the merged keytab is correct' cmp klist-seen klist-good rm -f keytab klist-good klist-seen -# Test srvtab download into a merged keytab with an older version. -cp data/fake-keytab-old keytab -ok_program 'keytab merging with srvtab creation' 0 '' \ - "$wallet" -f keytab -S srvtab get keytab service/fake-srvtab -ok '...and the srvtab is correct' cmp srvtab data/fake-srvtab -rm -f keytab srvtab - # Test store from standard input. echo "This is a test of store" > input ok_program 'store from stdin' 0 '' "$wallet" store file fake-test < input |