diff options
Diffstat (limited to 'perl')
| -rw-r--r-- | perl/Wallet/Kadmin.pm | 26 | ||||
| -rw-r--r-- | perl/Wallet/Kadmin/Heimdal.pm | 21 | ||||
| -rw-r--r-- | perl/Wallet/Object/Keytab.pm | 9 | ||||
| -rwxr-xr-x | perl/t/keytab.t | 28 |
4 files changed, 16 insertions, 68 deletions
diff --git a/perl/Wallet/Kadmin.pm b/perl/Wallet/Kadmin.pm index 0a9bd43..95859a9 100644 --- a/perl/Wallet/Kadmin.pm +++ b/perl/Wallet/Kadmin.pm @@ -20,27 +20,12 @@ use Wallet::Config (); # This version should be increased on any code change to this module. Always # use two digits for the minor version with a leading zero if necessary so # that it will sort properly. -$VERSION = '0.02'; +$VERSION = '0.03'; ############################################################################## # Public methods ############################################################################## -# Validate a principal with a submodule's validator. We can also do this via -# creating an object with new and then running valid_principal from that, -# but there are times we might wish to run it without going through the -# object creation. -sub valid_principal { - my ($class, $principal) = @_; - if ($Wallet::Config::KEYTAB_KRBTYPE eq 'MIT') { - require Wallet::Kadmin::MIT; - return Wallet::Kadmin::MIT->valid_principal ($principal); - } elsif ($Wallet::Config::KEYTAB_KRBTYPE eq 'Heimdal') { - require Wallet::Kadmin::Heimdal; - return Wallet::Kadmin::Heimdal->valid_principal ($principal); - } -} - # Create a new kadmin object, by finding the type requested in the wallet # config and passing off to the proper module. Returns the object directly # from the specific Wallet::Kadmin::* module. @@ -111,15 +96,6 @@ Finds the proper Kerberos implementation and calls the new() constructor for that implementation's module, returning the result. If the implementation is not recognized or set, die with an error message. -=item valid_principal(PRINCIPAL) - -Finds the proper Kerberos implementation and calls its own valid_principal -method, returning the result. This tells whether a principal is valid for -that implementation. This can be achieved by using new() and then directly -calling valid_principal on the returned object -- this method is a shortcut -in case we want to check validity without creating the object and worrying -about proper setup. - =back =head1 SEE ALSO diff --git a/perl/Wallet/Kadmin/Heimdal.pm b/perl/Wallet/Kadmin/Heimdal.pm index a8859bf..a05362e 100644 --- a/perl/Wallet/Kadmin/Heimdal.pm +++ b/perl/Wallet/Kadmin/Heimdal.pm @@ -21,21 +21,12 @@ use Wallet::Config (); # This version should be increased on any code change to this module. Always # use two digits for the minor version with a leading zero if necessary so # that it will sort properly. -$VERSION = '0.01'; +$VERSION = '0.02'; ############################################################################## # kadmin Interaction ############################################################################## -# Make sure that principals are well-formed and don't contain characters that -# will cause us problems when talking to kadmin. Takes a principal and -# returns true if it's okay, false otherwise. Note that we do not permit -# realm information here. -sub valid_principal { - my ($self, $principal) = @_; - return scalar ($principal =~ m,^[\w-]+(/[\w_.-]+)?\z,); -} - # Create a Heimdal::Kadm5 client object and return it. It should load # configuration from Wallet::Config. sub kadmin_client { @@ -62,7 +53,6 @@ sub kadmin_client { # so, false otherwise. Throws an exception if an error. sub exists { my ($self, $principal) = @_; - return unless $self->valid_principal ($principal); if ($Wallet::Config::KEYTAB_REALM) { $principal .= '@' . $Wallet::Config::KEYTAB_REALM; } @@ -76,9 +66,6 @@ sub exists { # undef. sub addprinc { my ($self, $principal) = @_; - unless ($self->valid_principal ($principal)) { - die "invalid principal name $principal\n"; - } my $exists = eval { $self->exists ($principal) }; if ($Wallet::Config::KEYTAB_REALM) { @@ -117,9 +104,6 @@ sub addprinc { # error. sub ktadd { my ($self, $principal, $file, @enctypes) = @_; - unless ($self->valid_principal ($principal)) { - die "invalid principal name: $principal\n"; - } if ($Wallet::Config::KEYTAB_REALM) { $principal .= '@' . $Wallet::Config::KEYTAB_REALM; } @@ -164,9 +148,6 @@ sub ktadd { # exist, return success; we're bringing reality in line with our expectations. sub delprinc { my ($self, $principal) = @_; - unless ($self->valid_principal ($principal)) { - die "invalid principal name: $principal\n"; - } my $exists = eval { $self->exists ($principal) }; die $@ if $@; if (not $exists) { diff --git a/perl/Wallet/Object/Keytab.pm b/perl/Wallet/Object/Keytab.pm index a361599..092e973 100644 --- a/perl/Wallet/Object/Keytab.pm +++ b/perl/Wallet/Object/Keytab.pm @@ -24,7 +24,7 @@ use Wallet::Kadmin; # This version should be increased on any code change to this module. Always # use two digits for the minor version with a leading zero if necessary so # that it will sort properly. -$VERSION = '0.06'; +$VERSION = '0.07'; ############################################################################## # AFS kaserver synchronization @@ -490,13 +490,6 @@ sub create { return $self; } -# Provides wrapper to individual Kadmin class's valid_principal. Here only -# to help expose for testing. -sub valid_principal { - my ($self, $principal) = @_; - return Wallet::Kadmin->valid_principal ($principal); -} - # Override destroy to delete the principal out of Kerberos as well. sub destroy { my ($self, $user, $host, $time) = @_; diff --git a/perl/t/keytab.t b/perl/t/keytab.t index 3cd77d8..7745290 100755 --- a/perl/t/keytab.t +++ b/perl/t/keytab.t @@ -8,7 +8,8 @@ # See LICENSE for licensing terms. use POSIX qw(strftime); -use Test::More tests => 219; +use Test::More tests => 208 +; use Wallet::Admin; use Wallet::Config; @@ -192,18 +193,6 @@ my $dbh = $admin->dbh; my $history = ''; my $date = strftime ('%Y-%m-%d %H:%M:%S', localtime $trace[2]); -# Do some white-box testing of the principal validation regex. -for my $bad (qw{service\* = host/foo+bar host/foo/bar /bar bar/ - rcmd.foo}) { - ok (! Wallet::Object::Keytab->valid_principal ($bad), - "Invalid principal name $bad"); -} -for my $good (qw{service service/foo bar foo/bar host/example.org - aservice/foo}) { - ok (Wallet::Object::Keytab->valid_principal ($good), - "Valid principal name $good"); -} - # Basic keytab creation and manipulation tests. SKIP: { skip 'no keytab configuration', 49 unless -f 't/data/test.keytab'; @@ -228,12 +217,21 @@ SKIP: { Wallet::Object::Keytab->create ('keytab', "wallet\nf", $dbh, @trace) }; is ($object, undef, 'Creating malformed principal fails'); - is ($@, "invalid principal name wallet\nf\n", ' with the right error'); + if ($Wallet::Config::KEYTAB_KRBTYPE eq 'MIT') { + is ($@, "invalid principal name wallet\nf\n", ' with the right error'); + } elsif ($Wallet::Config::KEYTAB_KRBTYPE eq 'Heimdal') { + like ($@, qr/^error adding principal wallet\nf/, + ' with the right error'); + } $object = eval { Wallet::Object::Keytab->create ('keytab', '', $dbh, @trace) }; is ($object, undef, 'Creating empty principal fails'); - is ($@, "invalid principal name \n", ' with the right error'); + if ($Wallet::Config::KEYTAB_KRBTYPE eq 'MIT') { + is ($@, "invalid principal name \n", ' with the right error'); + } elsif ($Wallet::Config::KEYTAB_KRBTYPE eq 'Heimdal') { + like ($@, qr/^error adding principal \@/, ' with the right error'); + } $object = eval { Wallet::Object::Keytab->create ('keytab', 'wallet/one', $dbh, @trace) }; |