blob: 9127f6cf2da19813f7ecb92ddbdb52244339b0a6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
#! /bin/sh
#
# Test suite for the wallet-rekey command-line client.
#
# Written by Russ Allbery <rra@stanford.edu>
# Copyright 2006, 2007, 2008, 2010
# Board of Trustees, Leland Stanford Jr. University
#
# See LICENSE for licensing terms.
# Load the test library.
. "$SOURCE/tap/libtap.sh"
. "$SOURCE/tap/kerberos.sh"
. "$SOURCE/tap/remctl.sh"
cd "$SOURCE"
# We need a modified krb5.conf file to test wallet configuration settings in
# krb5.conf. Despite the hard-coding of test-k5.stanford.edu, this test isn't
# Stanford-specific; it just matches the files that are distributed with the
# package.
krb5conf=
for p in /etc/krb5.conf /usr/local/etc/krb5.conf data/krb5.conf ; do
if [ -r "$p" ] ; then
krb5conf="$p"
sed -e '/^[ ]*test-k5.stanford.edu =/,/}/d' \
-e 's/\(default_realm.*=\) .*/\1 test-k5.stanford.edu/' \
-e 's/^[ ]*wallet_.*//' \
-e '/^[ ]*wallet[ ]*=[ ]*{/,/}/d' \
"$p" > ./krb5.conf
KRB5_CONFIG="./krb5.conf"
export KRB5_CONFIG
break
fi
done
if [ -z "$krb5conf" ] ; then
skip_all 'no krb5.conf found, put one in tests/data/krb5.conf'
fi
# Test setup.
kerberos_setup
if [ $? != 0 ] ; then
rm krb5.conf
skip_all 'Kerberos tests not configured'
elif [ -z '@REMCTLD@' ] ; then
rm krb5.conf
skip_all 'No remctld found'
else
plan 2
fi
remctld_start '@REMCTLD@' "$SOURCE/data/basic.conf"
wallet="$BUILD/../client/wallet-rekey"
# Rekeying should result in a merged keytab with both the old and new keys.
cp data/fake-keytab-old keytab
ok_program '' 0 '' \
"$wallet" -k "$principal" -p 14373 -s localhost -c fake-wallet keytab
ktutil_list keytab klist-seen
ktutil_list data/fake-keytab-rekey klist-good
ok '...and the rekeyed keytab is correct' cmp klist-seen klist-good
rm -f keytab klist-good klist-seen
# Clean up.
rm -f autocreated krb5.conf
remctld_stop
kerberos_cleanup
|
