diff options
Diffstat (limited to 'perl/t')
| -rwxr-xr-x | perl/t/verifier-netdb.t | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/perl/t/verifier-netdb.t b/perl/t/verifier-netdb.t new file mode 100755 index 0000000..12d018f --- /dev/null +++ b/perl/t/verifier-netdb.t @@ -0,0 +1,44 @@ +#!/usr/bin/perl -w +# $Id$ +# +# t/verifier-netdb.t -- Tests for the NetDB wallet ACL verifiers. +# +# Written by Russ Allbery <rra@stanford.edu> +# Copyright 2007, 2008 Board of Trustees, Leland Stanford Jr. University +# +# See LICENSE for licensing terms. +# +# This test can only be run by someone local to Stanford with appropriate +# access to the NetDB role server and will be skipped in all other +# environments. + +use Test::More tests => 4; + +use Wallet::ACL::NetDB; + +use lib 't/lib'; +use Util; + +my $netdb = 'netdb-node-roles-rc.stanford.edu'; +my $host = 'windlord.stanford.edu'; +my $user = 'rra@stanford.edu'; + +# Determine the local principal. +my $klist = `klist 2>&1`; +SKIP: { + skip "tests useful only with Stanford Kerberos tickets", 4 + unless $klist =~ /^Default principal: \S+\@stanford\.edu$/m; + + # Set up our configuration. + $Wallet::Config::NETDB_REALM = 'stanford.edu'; + $Wallet::Config::NETDB_REMCTL_CACHE = $ENV{KRB5CCNAME}; + $Wallet::Config::NETDB_REMCTL_HOST = $netdb; + + # Finally, we can test. + $verifier = eval { Wallet::ACL::NetDB->new }; + ok (defined $verifier, ' and now creation succeeds'); + ok ($verifier->isa ('Wallet::ACL::NetDB'), ' and returns the right class'); + is ($verifier->check ($user, $host), 1, "Checking $host succeeds"); + is ($verifier->check ('test-user@stanford.edu', $host), 0, + ' but fails with another user'); +} |