From c8dd7ebf733112d32a98ec01a0cf0dd148f9e956 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Mon, 15 Apr 2013 18:45:12 -0700 Subject: Allow afs/* principals in the Stanford naming policy Change-Id: I59db1e8638a602d9c118ac01da17280c9ed7d005 Reviewed-on: https://gerrit.stanford.edu/1067 Reviewed-by: Russ Allbery Tested-by: Russ Allbery --- perl/Wallet/Policy/Stanford.pm | 4 ++++ perl/t/stanford-naming.t | 7 ++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/perl/Wallet/Policy/Stanford.pm b/perl/Wallet/Policy/Stanford.pm index 4386594..72abd09 100644 --- a/perl/Wallet/Policy/Stanford.pm +++ b/perl/Wallet/Policy/Stanford.pm @@ -266,6 +266,10 @@ sub verify_name { if ($instance !~ /^[a-z0-9-]+\.[a-z0-9.-]+$/) { return "host name $instance is not fully qualified"; } + } elsif ($principal eq 'afs') { + if ($instance !~ /^[a-z0-9-]+\.[a-z0-9.-]+$/) { + return "AFS cell name $instance is not fully qualified"; + } } elsif ($principal eq 'service') { if ($instance !~ /^[a-z0-9-]+$/) { return "invalid service principal name $name"; diff --git a/perl/t/stanford-naming.t b/perl/t/stanford-naming.t index 3b9ea60..f222c49 100755 --- a/perl/t/stanford-naming.t +++ b/perl/t/stanford-naming.t @@ -16,7 +16,7 @@ use 5.008; use strict; use warnings; -use Test::More tests => 99; +use Test::More tests => 101; use lib 't/lib'; use Util; @@ -31,11 +31,12 @@ BEGIN { # Various valid keytab names. my @VALID_KEYTABS = qw(host/example.stanford.edu HTTP/example.stanford.edu service/example example/cgi class-example01/cgi dept-01example/cgi - group-example-01/cgi); + group-example-01/cgi afs/testcell.stanford.edu); # Various invalid keytab names. my @INVALID_KEYTABS = qw(example host/example service/example.stanford.edu - thisistoolong/cgi not-valid/cgi unknown/example.stanford.edu); + thisistoolong/cgi not-valid/cgi unknown/example.stanford.edu + afs/testcell); # Various valid file names. my @VALID_FILES = qw(htpasswd/example.stanford.edu/web -- cgit v1.2.3